Information we collect and store

We collect and store the following, and use it only to provide the Service.

• GitHub account info (numeric user ID, login, avatar URL)
• Aggregated signals from your GitHub activity — language ratios, commit counts, PR counts, review counts, account age, etc. We read repository metadata from the GitHub public API and store only the aggregates attached to your card.
• If you use the tipping feature: Stripe payment ID, amount, optional message, and optional display name (tipping is a voluntary contribution, not made in exchange for any consideration; see the Terms of Service for details)

We don't look inside your repositories

We never access source code, file contents, commit diffs, or commit message bodies. From the GitHub API we read only repository metadata (language ratios, star counts, commit timestamps, etc.), and we never store the raw metadata or share it with third parties.

Third-party transfers (incl. cross-border)

We share data with the following processors for limited, specific purposes. All of them include services hosted overseas (mainly in the US); this section satisfies the disclosure requirement under Japan's APPI Article 28.

Groq Inc. (US)

For AI-generated card copy we send abstracted aggregates and labels: race and attribute, language names, language category ratios, behavior trait IDs, rule-derived title and role example labels, and formulaic hint phrases (e.g. about account age, active time of day, collaboration pattern). We do NOT send your GitHub login, user ID, email, repository names, repository URLs, source code, commit contents, or free-form repo topics.

Stripe, Inc. (US)

Tipping payments are processed by Stripe. Card details are handled by Stripe and never reach our servers.

Resend (US)

Used to send notification emails (e.g. tip receipts). Your email address is shared only if you explicitly provide it.

Vercel, Inc. / Neon, Inc. (US)

Used for application hosting and database. Access logs and database contents reside on these platforms. Images attached to the contact form are stored on Vercel Blob (USA) as public objects with an unguessable URL and are deleted on request.

GitHub, Inc. (US)

Content submitted via the contact / bug-report form, and your GitHub username when signed in, is stored in a private repository we control for inquiry management. Attached images are displayed inside that issue via their public Blob URL. It is deleted per our retention policy once handled, and deletion requests cover both the image (Blob object) and its reference in the issue.

Data retention

Account information and summon snapshots are retained until you request deletion. Retention on third-party platforms (e.g. Groq) follows their respective policies.

Your rights

You may request access, correction, suspension, or deletion of your data. Please contact us via the channels below.

Contact

For questions about this policy, or to request disclosure / correction / suspension / deletion of your personal data, please use the contact form (you can submit without signing in to GitHub).

Changes to this policy

This policy may be revised without prior notice. Material changes will be announced on the Service.