← Back to RepoDigest

Privacy Policy

Last edited: February 2026

1. Overview

RepoDigest (“we”, “our”, or “us”) respects your privacy. This policy describes what data we collect, how we use it, and your rights. By using the Service you agree to this policy.

2. Information We Collect

Account information

When you sign in with GitHub, we receive your GitHub username, email address, and profile avatar. This is used to identify your account and send you service-related emails.

GitHub repository data

With your permission, we access commit history, pull requests, and issues from the repositories you configure. This data is used solely to generate digests and is not shared with third parties.

Usage data

We collect standard server logs (IP address, browser type, pages visited) for security and debugging. We use Sentry for error monitoring, which may capture stack traces and request metadata when errors occur.

Billing data

Payment information is processed by Stripe. We never store your full credit card number. We store your Stripe customer ID and subscription status to manage your plan.

3. How We Use Your Data

  • To generate and deliver your scheduled email digests
  • To send you account and billing notifications
  • To monitor and improve the reliability of the Service
  • To detect and prevent abuse or unauthorized access

We do not sell, rent, or trade your personal data to any third party.

4. Third-Party Services

We use the following third-party services to operate RepoDigest:

  • Supabase — database and authentication hosting (EU/US data centers)
  • OpenAI — generates digest summaries from your repository activity
  • Resend — email delivery for digests and notifications
  • Stripe — payment processing for paid plans
  • Sentry — error monitoring and crash reporting
  • Vercel — hosting and serverless compute

Each of these services has its own privacy policy. Repository activity data sent to OpenAI for summarization is not used to train OpenAI models per their API data usage policy.

5. Data Retention

We retain your account data and digest history for as long as your account is active. If you delete your account, all associated data is permanently deleted within 30 days. You can delete individual workspaces and their digest history from your dashboard at any time.

6. Recipient Email Addresses

You are responsible for ensuring that the email addresses you add as recipients have consented to receive digest emails. Each digest email includes an unsubscribe link that allows recipients to opt out at any time. We will honor all unsubscribe requests immediately.

7. Security

We use industry-standard security practices including encrypted connections (TLS), row-level security on our database, and short-lived access tokens. GitHub OAuth tokens are stored encrypted and are never exposed client-side. However, no system is completely secure and we cannot guarantee absolute security.

8. Your Rights

Depending on your location, you may have the right to:

  • Access the personal data we hold about you
  • Request correction or deletion of your data
  • Object to or restrict certain processing
  • Data portability

To exercise any of these rights, contact us at hello@repodigest.com.

9. Cookies

We use cookies and local storage only for session management (keeping you logged in). We do not use advertising cookies or third-party tracking cookies.

10. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes via email. Continued use of the Service after changes are posted constitutes acceptance.

11. Contact

Privacy questions? Email us at hello@repodigest.com.