codegrasp

1. Introduction

Welcome to Codegrasp ("we," "our," or "us"). We are committed to protecting your privacy and ensuring the security of your data. This Privacy Policy explains how we collect, use, process, and safeguard your information when you use our application (the "Service"), which allows users to visualize and understand GitHub repositories through interactive graphs.

By accessing or using Codegrasp, you agree to the terms of this Privacy Policy.

2. Information We Collect

We collect information to provide our Service, strictly adhering to the principle of data minimization.

A. Information You Provide

Account Information: When you sign up or connect your account, we may collect your name, email address, and profile picture provided by your authentication provider (e.g., GitHub or Google).

GitHub Access Tokens: To function, our Service requires an OAuth access token from GitHub. This token is used solely to access the repositories you explicitly select or public repositories you wish to analyze.

B. Source Code and Repository Data (Ephemeral Processing)

Our Service's core functionality involves analyzing source code to generate visual graphs. Regarding this data:

We do NOT permanently store your source code.
We fetch repository content (code files, directory structures) via the official GitHub API using your specific user token.
This data is processed in real-time (in volatile memory) to generate the visualization graph.
Once the graph structure is built, the raw code content is immediately deleted from our processing servers.
We only persist the metadata required to render the graph (e.g., file names, dependency links, and function signatures), not the full body of the code.

C. Automatically Collected Information

Usage Data: We may collect information on how the Service is accessed and used, such as your computer's Internet Protocol address (e.g., IP address), browser type, browser version, and the pages of our Service that you visit.

Cookies and Tracking Technologies: We use cookies and similar tracking technologies to track the activity on our Service and store certain information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.

3. How We Use Your Information

We use the collected data for the following specific purposes:

To Provide and Maintain the Service: Specifically, to fetch code from GitHub, parse it, and render the interactive visualization graphs you request.
To Manage Your Account: To manage your registration as a user of the Service.
To Communicate with You: To contact you regarding updates, security alerts, or informative communications related to the functionalities.
For Security: To monitor usage patterns and prevent abuse of our API quotas or infrastructure.

4. Google User Data (Limited Use Policy)

If you access our Service using Google Sign-In or other Google integrations, our use of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

No Transfer: We do not transfer information received from Google APIs to any other app or third party, except for:

Providing or improving user-facing features (e.g., authentication).
Complying with applicable laws.
Security purposes (e.g., investigating abuse).

No Human Access: We do not allow humans to read this data unless we have your affirmative agreement for specific messages, doing so is necessary for security purposes (such as investigating a bug or abuse), or strictly for complying with applicable law.

5. Third-Party Service Providers

We may employ third-party companies and individuals to facilitate our Service ("Service Providers"), to provide the Service on our behalf, or to assist us in analyzing how our Service is used.

GitHub API: We use the GitHub API to access repository data. Your use of GitHub data via our app is also subject to GitHub's Privacy Statement.
Hosting & Infrastructure: [e.g., Amazon Web Services (AWS), Vercel, Google Cloud Platform].
Analytics: [e.g., Google Analytics, PostHog] to monitor and analyze the use of our Service.

These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

6. Data Security

The security of your data is important to us. We implement industry-standard security measures, including:

Encryption: All data exchanged between your browser and our Service is encrypted via SSL/TLS.
Token Security: OAuth tokens are encrypted at rest and are never exposed to the client-side browser after initial authentication.
Ephemeral Processing: As stated, raw source code is never committed to persistent storage (databases or hard drives).

However, remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

7. Data Retention

Account Data: We retain your account information (name, email) as long as your account is active.
Code & Repository Data: Raw code is not retained. It is processed in memory and discarded immediately after the visualization is generated. Graph metadata is retained only to speed up subsequent loads of the same repository.
Deletion: You may request the deletion of your account and all associated metadata at any time by contacting us.

8. Children's Privacy

Our Service is not intended for use by children under the age of 13. We do not knowingly collect personally identifiable information from children under 13.

9. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date at the top of this Privacy Policy. You are advised to review this Privacy Policy periodically for any changes.

10. Contact Us

If you have any questions about this Privacy Policy, please contact us:

By email: support@codegrasp.dev