Privacy Policy

This policy explains what data GitCritter ("we") collects, why we collect it, and what we do with it. Plain English, no tracker zoo.

What we collect

• Account data: username, email, hashed password, optional profile fields (name, bio, location, website), and avatar.
• Repository data: code, issues, pull requests, and metadata you submit to the Service.
• Authentication artifacts: SSH public keys and personal access token hashes.
• Operational logs: IP addresses, user-agent strings, and request timestamps, kept for security and debugging.

What we don't do

• We don't sell your data.
• We don't run third-party advertising trackers.
• We don't train AI models on private repository content.

How we use data

We use your data to operate the Service: authenticate you, serve your repositories, send transactional email (password resets, security alerts), and investigate abuse. We do not use your code for any purpose other than serving it back to you and people you share it with.

Cookies

We use a small number of first-party cookies: a session cookie for login, a CSRF token, and a theme preference. No analytics or advertising cookies.

Data retention

Account and repository data persist until you delete them or your account is closed. Operational logs are retained for up to 90 days, then aggregated or discarded.

Your rights

You can edit your profile, rotate tokens and SSH keys, export your repositories via standard git clone, and delete your account at any time from settings. To request a full copy of personal data we hold, email privacy@gitcritter.com.

Sub-processors

We rely on a hosting provider (Fly.io) for compute and managed Postgres for primary storage. Both process data only on our instructions.

Contact

Questions or requests? Email privacy@gitcritter.com.