Code SummaryCode Summary

Privacy Policy

Last updated: December 27, 2025

1. Introduction

CodeSummary ("we," "us," or "our") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, disclose, and safeguard your information when you use our website, GitHub application, and related services (collectively, the "Services").

By using our Services, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this privacy policy, please do not access or use our Services.

2. Information We Collect

2.1 Information You Provide Directly

  • Account Information: When you create an account, we collect your email address and any profile information you choose to provide.
  • Payment Information: If you subscribe to a paid plan, we collect billing information including your name, billing address, and payment method details. Payment processing is handled by third-party payment processors; we do not store complete credit card numbers.
  • Communications: When you contact us for support or inquiries, we collect the information you provide in those communications.

2.2 Information from GitHub

When you connect your GitHub account and authorize our application, we receive:

  • GitHub Profile Information: Your GitHub username, email address, and profile details as permitted by your GitHub privacy settings.
  • Repository Access: Read access to repositories you explicitly select for documentation generation. We access repository content (code, files, directory structure) solely to analyze and generate documentation.
  • Organization Information: If you grant access to organization repositories, we receive information about those organizations and the repositories within them that you authorize.

2.3 Information Collected Automatically

  • Usage Data: Information about how you interact with our Services, including pages visited, features used, and actions taken.
  • Device Information: Browser type, operating system, device identifiers, and IP address.
  • Log Data: Server logs that record requests made to our Services, including timestamps and referring URLs.
  • Cookies and Similar Technologies: We use cookies and similar tracking technologies to maintain sessions, remember preferences, and analyze usage patterns.

3. How We Use Your Information

We use the information we collect to:

  • Provide and Maintain Services: Analyze your code repositories and generate documentation, submit pull requests with documentation updates, and maintain your account.
  • Improve Our Services: Understand how users interact with our Services to improve functionality, performance, and user experience.
  • Communicate With You: Send service-related notifications, respond to inquiries, and provide customer support.
  • Process Payments: Handle billing and subscription management for paid plans.
  • Ensure Security: Detect, prevent, and address technical issues, fraud, and security threats.
  • Comply With Legal Obligations: Meet legal requirements and respond to lawful requests from authorities.

4. How We Handle Your Code

We understand that your source code is sensitive. Here's how we handle it:

  • Temporary Processing: We read your code to analyze its structure and generate documentation. Code is processed in memory and is not permanently stored in our systems.
  • No Training Data: Your code is not used to train machine learning models or AI systems. Each analysis is independent and specific to your documentation request.
  • Generated Documentation: The documentation we generate is submitted as pull requests to your repository. You maintain full control over whether to merge these changes.
  • Access Scope: We only access repositories you explicitly authorize. You can revoke access at any time through your GitHub settings or our dashboard.

5. Information Sharing and Disclosure

We do not sell your personal information. We may share information in the following circumstances:

  • Service Providers: We share information with third-party vendors who perform services on our behalf, such as payment processing, hosting, and analytics. These providers are contractually obligated to protect your information.
  • Legal Requirements: We may disclose information if required by law, subpoena, or other legal process, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.
  • Business Transfers: If Code Summary is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change.
  • With Your Consent: We may share information with third parties when you have given us explicit consent to do so.

6. Data Retention

We retain your information for as long as your account is active or as needed to provide you Services. We will also retain and use your information as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.

When you delete your account, we will delete or anonymize your personal information within 30 days, except where we are required to retain it for legal or regulatory purposes.

7. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit using TLS/SSL
  • Encryption of sensitive data at rest
  • Regular security assessments and audits
  • Access controls limiting who can access personal data
  • Secure development practices

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your personal information, we cannot guarantee absolute security.

8. Your Rights and Choices

Depending on your location, you may have the following rights:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request that we correct inaccurate or incomplete information.
  • Deletion: Request that we delete your personal information, subject to certain exceptions.
  • Data Portability: Request a copy of your data in a structured, commonly used format.
  • Withdraw Consent: Where processing is based on consent, you may withdraw consent at any time.
  • Object to Processing: Object to processing of your personal information in certain circumstances.

To exercise these rights, please contact us at privacy@codesummary.io. We will respond to your request within 30 days.

8.1 Managing GitHub Access

You can revoke Code Summary's access to your GitHub account at any time by visiting your GitHub settings under Applications > Authorized OAuth Apps or Applications > Installed GitHub Apps.

8.2 Marketing Communications

You can opt out of marketing emails by clicking the "unsubscribe" link in any marketing email or by contacting us. Note that you may still receive transactional or service-related communications.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country.

When we transfer personal data from the European Economic Area (EEA), United Kingdom, or Switzerland, we use appropriate safeguards such as Standard Contractual Clauses approved by the European Commission.

10. Children's Privacy

Our Services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete that information.

11. Third-Party Links and Services

Our Services may contain links to third-party websites and services, including GitHub. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party services you access.

12. Changes to This Privacy Policy

We may update this privacy policy from time to time. We will notify you of any material changes by posting the new privacy policy on this page and updating the "Last updated" date. We encourage you to review this privacy policy periodically.

13. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • The right to know what personal information we collect, use, and disclose
  • The right to request deletion of your personal information
  • The right to opt out of the sale of personal information (we do not sell personal information)
  • The right to non-discrimination for exercising your privacy rights

14. European Privacy Rights

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR):

  • Code Summary acts as the data controller for personal information we collect directly from you.
  • Our legal bases for processing include: contract performance (to provide Services), legitimate interests (to improve Services and ensure security), and consent (for marketing communications).
  • You have the right to lodge a complaint with your local supervisory authority.

15. Contact Us

If you have questions or concerns about this privacy policy or our data practices, please contact us at:

Email: privacy@codesummary.io

CodeSummary
United States