Privacy Policy

Your Data,Your Control

GitProof uses your GitHub identity, public repository data, and the portfolio content you choose to save. We do not access private repositories.

Last Updated: March 2026Effective Date: March 2026

Our Privacy Principles

No Private Repo Access

We do not request GitHub scopes that grant access to private repositories.

Stored In Your Account

We store synced portfolio data, saved edits, and encrypted GitHub tokens on our server so the app can work.

Public GitHub Content

Optional AI features may read public READMEs and selected public files from repositories already linked to your account.

Delete From Settings

You can delete your stored data from the Settings page at any time.

1. Information We Collect

1.1 Account and Repository Data

When you sign in and sync your account, we store and process:

  • Your GitHub identity data (name, username, email, avatar)
  • GitHub OAuth account data, including a server-side access token and granted scopes
  • Public repository metadata, README content, and derived portfolio metrics
  • Public contribution and activity statistics pulled from GitHub
  • Portfolio content you save in GitProof, such as bio text, visibility, and AI-generated edits

1.2 Operational Data

We also keep a small amount of operational data so the product can run:

  • Sync timestamps and cached analytics snapshots
  • Session records used for authentication flows
  • Your email notification preference
  • Server-side error logs when actions fail

1.3 What We DON'T Collect

  • We never access private repositories
  • We do not run third-party page analytics today
  • We never collect financial information
  • We do not sell your personal data

2. How We Use Your Information

We use this data to:

Generate Your Report Card

Analyze your GitHub activity to calculate impact scores, consistency metrics, and developer archetypes.

Provide AI Features You Request

When you choose AI actions, we send the relevant public repo context or portfolio text to Google Gemini to generate bios, descriptions, and README drafts.

Store and Refresh Your Sync

Save synced data in our database and treat it as stale after about one hour so you can refresh it when needed.

Host Public Profiles

If you choose to make your profile public, we display your report card at /u/[username].

3. Data Storage & Security

3.1 How Long We Keep Your Data

  • Account Data: Stored until you delete your GitProof account
  • GitHub Tokens and Sessions: Stored while your account remains active so sync and sign-in continue to work
  • Synced Metrics and Saved Content: Stored until you resync, edit, or delete your account
  • Public Profiles: Stay live until you switch them off or delete your account

3.2 Security Measures

We currently apply the following controls:

  • OAuth 2.0 authentication through GitHub
  • GitHub tokens are encrypted at rest on our server and are not exposed to browser sessions
  • Authenticated routes and per-user database checks gate private account actions
  • We rely on our hosting and database providers for transport and infrastructure security

4. Your Rights & Controls

You have the following controls:

Delete Your Account

Delete your account from Settings to remove the data we store. We also attempt to revoke GitHub access during deletion.

Disconnect GitHub

Removing GitProof from GitHub Settings → Applications stops future access, but it does not delete data already stored in GitProof.

Control Public Visibility

Toggle your profile between public and private at any time in your Settings page.

Review and Edit Saved Content

You can update your bio, featured projects, and saved AI copy at any time from the editor and settings pages.

5. Third-Party Services

GitProof integrates with the following third-party services:

GitHub

For sign-in and fetching your public GitHub data

Privacy Policy

Google Gemini

For optional AI-generated bios, project descriptions, and README drafts when you trigger those features

Privacy Policy

Vercel (Hosting)

Infrastructure and deployment platform

Privacy Policy

6. Changes to This Policy

We may update this privacy policy occasionally to reflect changes in our practices or legal requirements. We'll notify users of significant changes by updating the "Last Updated" date at the top of this page. Continued use of GitProof after changes constitutes acceptance of the updated policy.

Questions or Concerns?

If you have any questions about this privacy policy or how we handle your data, we're here to help.

Get in Touch