Privacy Policy

1. Who We Are

GitDoctor (“we”, “our”, or “us”) is an AI-powered code analysis service that helps developers understand and improve the quality of their GitHub repositories. This policy explains what personal data we collect, why we collect it, and your rights regarding that data.

Questions or requests about this policy can be sent to gitdoctorio@gmail.com.

2. Data We Collect

Account Information

When you create an account we collect:

• Your name and email address
• A hashed password (if you sign up with email) — we never store passwords in plain text
• Your Google profile name and email if you use Google Sign-In
• Account creation timestamp

Usage & Subscription Data

• Your current plan (Free, Starter, or Pro)
• Number of repository scans used in the current billing period
• Stripe customer and subscription identifiers (we do not store card numbers — Stripe handles all payment data)

Repository & Scan Data

• URLs and names of repositories you submit for analysis
• Analysis results and scores generated for those repositories
• Timestamps of each scan

GitHub Personal Access Token (Optional)

If you choose to connect a GitHub token to enable private repository analysis, we store that token in your account record so we can access repositories on your behalf. You can remove the token at any time from your dashboard.

Analytics Data

We use Vercel Analytics to collect anonymous, aggregated usage data (pages visited, general geographic region, browser type). This data contains no personally identifiable information and is not linked to your account.

3. How We Use Your Data

• Providing the service — authenticating you, enforcing scan quotas, and returning analysis results.
• Billing — managing your subscription through Stripe.
• Communication — sending transactional emails such as password resets. We do not send marketing emails without your explicit consent.
• Service improvement — using aggregated, anonymised analytics to understand how the product is used.
• Security — detecting and preventing abuse or unauthorised access.

We do not sell your personal data. We do not use your repository content or scan results to train any models.

4. Third-Party Services

We share data with the following third parties only to the extent necessary to operate the service:

5. Data Retention

We retain your account and scan data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal or financial record-keeping purposes (e.g. billing records, which Stripe retains per their own policy).

6. Security

We use industry-standard measures to protect your data, including encrypted connections (TLS), Firebase security rules, and least-privilege access controls. No method of transmission or storage is 100% secure; if you believe your account has been compromised, please contact us immediately at gitdoctorio@gmail.com.

7. Your Rights

You have the right to:

• Access — request a copy of the personal data we hold about you.
• Correction — ask us to correct inaccurate data.
• Deletion — ask us to delete your account and associated data.
• Portability — request your scan history in a machine-readable format.
• Withdraw consent — remove your GitHub token at any time from your dashboard settings.

To exercise any of these rights, email us at gitdoctorio@gmail.com and we will respond within 30 days.

8. Children's Privacy

GitDoctor is not directed at children under the age of 13. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

9. Changes to This Policy

We may update this policy from time to time. When we do, we will update the effective date at the top of this page. Continued use of the service after changes are posted constitutes your acceptance of the updated policy.

10. Contact

If you have any questions about this Privacy Policy, please contact us at gitdoctorio@gmail.com.