This policy describes what DiffKit (“we”, “us”) collects and how we use it when you use our web app and related services. We process data only as needed to provide the product and to keep your account secure.
What we collect
When you sign in with GitHub, we receive basic profile information that GitHub makes available to the OAuth application (for example your GitHub username and, where applicable, your email address). We also create and store session and account records so you can stay signed in and use the service.
To show pull requests, issues, reviews, and repository context, we fetch data from GitHub’s APIs on your behalf. We may cache or store limited metadata and content needed to make the dashboard fast and reliable (for example identifiers, titles, state, timestamps, and similar fields).
Where your actions happen
Actions that change data on GitHub—such as posting comments, submitting reviews, merging, or editing resources—are performed through GitHub’s platform. DiffKit does not replace GitHub’s own terms or privacy commitments for how GitHub processes data when you use github.com or GitHub’s APIs.
How we use data
- Operating authentication, sessions, and security.
- Displaying and syncing GitHub information you choose to access in the product.
- Improving reliability and fixing errors (including limited logs).
Sharing
We do not sell your personal information. We use infrastructure providers (such as hosting and database services) to run the application; they process data only to provide the service.
Retention and deletion
We retain data for as long as your account is active and as needed for the purposes above. You can disconnect access from GitHub’s side according to GitHub’s settings for authorized applications. For data held by us, contact us via GitHub Issues and we will handle reasonable requests in line with applicable law.
Changes
We may update this policy from time to time. The “Last updated” date below will change when we do.