Privacy Policy
Last updated: 9 June 2026
This policy explains what we collect and why. We handle personal data in line with India's Digital Personal Data Protection Act (DPDP) 2023 and, for EU users, the GDPR.
1. What we collect
Account & contact: email address and plan. Repository data: for connected repos, we read issue text and the source files needed to produce your PR. Usage: aggregate counts of runs and PRs. Payments: processed by Razorpay/Stripe; we never store card numbers.
2. How we use it
To generate your draft PRs, enforce plan limits, send service email, and improve reliability. We do not use your repository contents to train models, and we do not sell personal data.
3. Sub-processors
GitHub (repo access), an LLM gateway provider (code generation, zero-retention configuration), Razorpay/Stripe (payments), and our hosting provider. Each processes data only to deliver the Service.
4. Retention
Repository file contents are processed transiently and not retained after a PR is produced. Account and billing records are kept while your account is active and as required by law.
5. Your rights
You may access, correct, or delete your personal data, and withdraw consent, by emailing us. EU/India residents have the rights granted under GDPR/DPDP respectively.
6. Security
Access tokens are encrypted at rest, traffic is TLS-encrypted, and access is least-privilege.