CodeReview AI — Privacy Policy

Effective: February 2026

What We Collect

When you install CodeReview AI on a GitHub repository, we access:

• Repository documentation files (.md, .rst, .txt) — scanned during setup to build your review knowledge base.
• Pull request diffs and metadata — read when a PR is opened or updated, used solely to perform the code review.
• GitHub installation identifiers — used to associate your repository with your review configuration.

What We Store

• Documentation content — ingested and stored to power reviews. You can delete this at any time by uninstalling the app.
• Review results — findings, gate statuses, and traffic light outcomes are stored for quality improvement.
• PR diffs are not permanently stored. Diffs are processed in memory during a review and discarded after the review comment is posted.

What We Do Not Do

• We do not sell your data to third parties.
• We do not use your code to train AI models.
• We do not access files beyond documentation and PR diffs.
• We do not store your source code.

Third-Party Services

CodeReview AI uses the following third-party services to operate:

• GitHub API — to read repository contents and post review comments.
• Anthropic Claude API — to perform AI-powered document analysis and code review.
• Railway — cloud hosting for the application backend.

Data Retention

Documentation and review data are retained as long as the GitHub App is installed on your repository. Uninstalling the app triggers deletion of all stored data associated with your repository within 30 days.

Security

All communication occurs over HTTPS. GitHub tokens are used with minimum required permissions and are not stored beyond their session lifetime. Database access is restricted to the application backend.

Contact

For privacy questions or data deletion requests: alexandersucala@gmail.com