Privacy Policy

What We Collect

We collect commit metadata from your connected Git repositories (GitHub, GitLab, Bitbucket). This includes commit messages, author information, timestamps, and diff statistics. We do NOT store your actual source code.

We also collect basic account information (email, name) when you sign up via OAuth.

How We Use Your Data

We analyze your commit data to generate activity metrics, productivity insights, and AI-powered complexity scores. This data is displayed in your DevSpy dashboard and can be exported via reports.

We use your email to send you important account notifications. We won't spam you with marketing emails unless you explicitly opt in.

Data Security

We use industry-standard encryption (TLS 1.3) for data in transit and AES-256 for data at rest. Your data is stored in secure, multi-tenant databases with strict access controls.

We use OAuth-only authentication - we never see or store your Git provider passwords.

Data Retention

Free tier users get 7 days of historical data. Professional and Enterprise users get unlimited history. When you delete your account, we delete all your data within 30 days.

Third-Party Services

We use OpenAI's API for AI-powered commit analysis. Commit metadata is sent to OpenAI but is not used to train their models. We also use standard analytics (like Google Analytics) to understand how people use DevSpy.

Your Rights

You have the right to access, export, or delete your data at any time. You can do this from your account settings or by emailing us at creep@devspy.ai.

If you're in the EU, you have additional rights under GDPR. We're happy to comply with any data requests.

Changes to This Policy

We'll update this policy occasionally. When we do, we'll update the "Last updated" date and notify you via email if the changes are significant.

Contact Us

Questions about privacy? Email us at creep@devspy.ai. We actually read these.