Privacy Policy

Last updated: February 20, 2025

💡 TL;DR: GitBrief only reads GitHub metadata (commit messages, PR titles, filenames). We do not store source code or your personal data on our servers. Your GitHub token is encrypted locally in chrome.storage.sync.

1. General Information

GitBrief (the "Extension", "we") is a Chrome browser extension that adds an intelligent sidebar to GitHub pages. This Privacy Policy explains what data we collect, how we use it, and what your rights are.

2. What Data We Collect

GitBrief may collect or process the following data:

GitHub OAuth Token — stored locally in chrome.storage.sync (encrypted by Chrome, synced across devices with the same Google account). The token is never sent to our servers.
GitHub Repository Metadata — commit messages, Pull Request titles, Issue titles, and changed filenames. This data is processed by our Cloudflare Worker to generate briefings and is not permanently stored.
GitHub User ID — a numerical ID (not your username) used to verify Pro status. Stored in our Cloudflare KV database as an encrypted key.
Extension Settings — settings like collapse preferences, "Next Action" — stored locally in chrome.storage.sync.

3. What We DO NOT Collect

✅ We do not collect the file contents (source code) from your repositories
✅ We do not collect your email address or personal data
✅ We do not keep logs of user activity
✅ We do not sell any data to third parties
✅ We do not use tracking cookies

4. How We Use Data

Data is used exclusively to:

Generate AI briefings for the repositories you browse
Verify Pro subscription status (via Stripe)
Remember your extension settings across sessions

5. Third-Party Services

GitBrief uses the following third-party services:

GitHub API — to fetch repository metadata. GitHub Privacy Statement
Anthropic Claude API — to generate AI text. Commit data is sent to Anthropic and is not used to train models in accordance with Anthropic's policy. Anthropic Privacy Policy
Cloudflare Workers & KV — to host the extension's backend. Cloudflare Privacy Policy
Stripe — to handle Pro payments. Payment data is processed by Stripe and is never visible to our servers. Stripe Privacy Policy

6. Data Security

Your GitHub token is stored in chrome.storage.sync, which is encrypted by Chrome. Communication with our backend uses HTTPS. Metadata processed by AI is processed in-flight and not permanently saved to logs.

7. Data Retention

GitHub Token: until you log out or uninstall the extension
Pro Status (KV): active for the duration of your subscription + 30 days after cancellation
Briefing Cache: max 1 hour (session storage)

8. Your Rights

You have the right to:

Delete your data — simply log out of the extension and uninstall it
Request access to stored Pro data — send an email to the address below
Cancel your Pro subscription at any time via the Stripe portal

9. Contact

If you have any privacy-related questions, please contact us at: support@gitbrief.dev

10. Policy Changes

We will notify you of significant changes to this privacy policy by updating the date at the top of this page. Continued use of the extension after changes indicates your acceptance of the new policy.