Privacy Policy

Last updated: April 30, 2025

1. Introduction

Welcome to Codegen. We respect your privacy and are committed to protecting your personal data. This privacy policy will inform you about how we look after your personal data when you visit our website and use our services, and tell you about your privacy rights and how the law protects you.

2. Information We Collect

We may collect, use, store, and transfer different kinds of personal data about you, including:

  • Information from Github Repository Data: We access repository data, including code files, metadata, pull requests, and issues, to facilitate code refactoring, migrations, and related services. Your repository data is only temporarily cloned into isolated sandboxes during active sessions and is automatically deleted within 1 hour after the session ends. We do not maintain permanent copies of your repository files or code.
  • User Data: We may access basic GitHub profile information such as your username, email address, and profile picture to provide and improve our services.
  • Usage Data: Information about how you use our website and services, including your interaction patterns, features used, and time spent on the platform.
  • Technical Data: Internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access our website.

3. How We Use Your Information

We use your personal data for the following purposes:

  • To provide and maintain our services, including to monitor the usage of our services.
  • To manage your account and registration as a user of our services.
  • To contact you regarding updates or informative communications related to the functionalities, products, or contracted services.
  • To provide customer support and respond to your requests or inquiries.
  • To analyze and improve our services, marketing, customer relationships, and experiences.
  • To detect, prevent, and address technical issues, security breaches, or fraudulent activities.

4. Data Sharing and Disclosure

We may share your personal data with the following parties:

  • Service Providers: We may share your data with third-party vendors, service providers, contractors, or agents who perform services for us or on our behalf and require access to such information to do that work.
  • Business Transfers: If we are involved in a merger, acquisition, or sale of all or a portion of our assets, your data may be transferred as part of that transaction.
  • Legal Requirements: We may disclose your information where required to do so by law or in response to valid requests by public authorities.
  • With Your Consent: We may share your personal data with other parties based on your explicit consent.

5. Data Retention

We will only retain your personal data for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements. In some circumstances, we may anonymize your personal data so that it can no longer be associated with you, in which case we may use such information without further notice to you. Once you are no longer a user of our services, we will retain and eventually delete it as soon as feasible, subject to our legal and regulatory obligations.

Repository Data: Your repository data is dynamically cloned into isolated sandboxes only when needed for active sessions. These sandboxes and all repository data are automatically deleted 1 hour after the session ends. We do not keep permanent copies of your repositories. If you request immediate deletion of any data, we will promptly comply with your request.

6. Your Rights and Choices

Depending on your location, you may have certain rights regarding your personal data, including:

  • The right to access, update, or delete the information we have on you.
  • The right of rectification - the right to have your information corrected if it is inaccurate or incomplete.
  • The right to object to our processing of your personal data.
  • The right of restriction - the right to request that we restrict the processing of your personal information.
  • The right to data portability - the right to request that we transfer the data we have collected to another organization, or directly to you.
  • The right to withdraw consent at any time, where we relied on your consent to process your personal information.

7. Security of Your Data

The security of your data is important to us. We strive to use commercially acceptable means to protect your personal data, but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee its absolute security.

8. International Transfers

Your information may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. If you are located outside the United States and choose to provide information to us, please note that we transfer the data to the United States and process it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

9. Children's Privacy

Our services are not intended for use by children under the age of 13. We do not knowingly collect personally identifiable information from children under 13. If you are a parent or guardian and you are aware that your child has provided us with personal data, please contact us. If we become aware that we have collected personal data from children without verification of parental consent, we take steps to remove that information from our servers.

10. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date at the top of this Privacy Policy. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us at support@codegen.sh.