Privacy Policy

Your Data,Your Control

GitProof is built with privacy at its core. We only access public GitHub data and never store sensitive information.

Last Updated: December 2025Effective Date: December 2025

Our Privacy Principles

Read-Only Access

We only request read-only permissions to your public GitHub data.

Minimal Storage

We cache data temporarily to improve performance, not to track you.

Public Data Only

We never access private repositories or sensitive information.

Full Control

Delete your data anytime by revoking GitHub OAuth access.

1. Information We Collect

1.1 GitHub Public Data

When you sign in with GitHub, we access the following public information through GitHub's API:

  • Your public profile information (name, username, avatar)
  • Public repository metadata (names, descriptions, languages)
  • Commit history and contribution statistics
  • Stars, forks, and repository topics
  • Public contribution graph data

1.2 Usage Information

We collect minimal usage data to improve our service:

  • Authentication timestamps (when you sign in/out)
  • Feature usage (which pages you visit within GitProof)
  • Error logs (to fix bugs and improve stability)

1.3 What We DON'T Collect

  • We never access private repositories
  • We never read repository code or file contents
  • We never collect financial information
  • We never sell or share your data with third parties

2. How We Use Your Information

We use the collected data exclusively to:

Generate Your Report Card

Analyze your GitHub activity to calculate impact scores, consistency metrics, and developer archetypes.

Provide Personalized Insights

Detect your technical strengths and growth opportunities using heuristic analysis.

Cache for Performance

Store calculated metrics temporarily (up to 1 hour) to reduce API calls and improve load times.

Host Public Profiles

If you choose to make your profile public, we display your report card at gitproof.com/u/[username].

3. Data Storage & Security

3.1 How Long We Keep Your Data

  • Account Data: Stored while you have an active account
  • Cached Metrics: Automatically refreshed every 1 hour
  • Public Profiles: Remain live until you disable them

3.2 Security Measures

We implement industry-standard security practices:

  • OAuth 2.0 authentication through GitHub
  • Encrypted database connections
  • Regular security audits and updates
  • No plaintext storage of sensitive tokens

4. Your Rights & Controls

You have complete control over your data:

Delete Your Account

Revoke GitProof's access in your GitHub Settings → Applications. This immediately removes all your data from our system.

Control Public Visibility

Toggle your profile between public and private at any time in your Settings page.

Export Your Data

All displayed metrics are derived from public GitHub data you already have access to.

5. Third-Party Services

GitProof integrates with the following third-party services:

GitHub OAuth

For authentication and accessing public repository data

Privacy Policy

Vercel (Hosting)

Infrastructure and deployment platform

Privacy Policy

6. Changes to This Policy

We may update this privacy policy occasionally to reflect changes in our practices or legal requirements. We'll notify users of significant changes by updating the "Last Updated" date at the top of this page. Continued use of GitProof after changes constitutes acceptance of the updated policy.

Questions or Concerns?

If you have any questions about this privacy policy or how we handle your data, we're here to help.

Get in Touch