StagingReservation
Legal

Privacy

Last updated: 2026-05-21. These are starter terms drafted in-house while the product is in beta — they will be reviewed by counsel before general availability. If you're a customer with a stricter compliance need, contact us for a signed DPA.

What we collect

  • Account info: your GitHub user ID, login, name, email, and avatar URL (from the OAuth scopes you grant on sign-in).
  • Workspace data: workspace name, slug, environments, slots, trigger patterns, slot status, slot ref/SHA, slot URL + note, membership, invitations.
  • GitHub installation metadata: installation ID, account name, repos you've connected, and the branch/tag/deployment events those installations send us via webhook.
  • Audit log: every slot change is recorded with timestamp, actor (you or a webhook), and the before/after value.

We do not collect: payment info (no billing yet), source code (we never read repo contents), or analytics about you outside the app.

What we don't do

  • We don't deploy your code. We never call your CI, your cloud, or your repos to start a deploy. We only listen to events GitHub sends us.
  • We don't read your source code. We need branch/tag/deployment metadata — names, SHAs, deployment status — never the diff or the files.
  • We don't share your data with third parties outside the subprocessors needed to host the service (database, mail transport, GitHub).

Where it lives

  • Database: MySQL 8, hosted in [your region]. Backups daily, retained 30 days.
  • Mail: outgoing invitations sent via SMTP / Postal. Email bodies contain workspace name + an invite link only.
  • Webhooks: GitHub event payloads are processed in-memory and the parts we keep (refs, SHAs, deployment status) are written to the database. Raw bodies are not retained.

Cookies

Only what's strictly necessary for sign-in (session cookie set by NextAuth, plus a short-lived PKCE cookie during OAuth). No tracking cookies, no third-party analytics, no ad networks.

Deleting your data

  • Workspace owners can delete a workspace from Settings (coming soon — currently by request).
  • Users can request account deletion by emailing us; we'll purge membership rows and anonymise audit-log actor references within 30 days.
  • GDPR data-export and self-serve workspace delete are on the roadmap.

Contact

Email us at [email protected] — or use the contact page for the full list of channels. While the product is in beta this is the fastest way to reach a human.