Privacy Policy

Effective date: 2025 (initial publication)

Data Demon Systems Limited ("Company", "we", "us") operates Repod (the "Service"). This Policy explains what data we collect, why, and how it is used.

1. Data We Collect

• Account & authentication data (email, password hash).
• GitHub organisation metadata & permission snapshots (repositories, teams, assignments).
• Audit logs of applied changes and access events.
• Minimal telemetry & operational logs (error traces, performance metrics) excluding PAT values.

2. Purpose of Processing

We process data to provide the Service, enforce plan limits, maintain security, detect drift, and produce audit history.

3. Legal Basis

Processing is based on contract performance (providing the Service) and legitimate interests (security, abuse prevention).

4. Personal Access Tokens (PATs)

PATs are encrypted at rest and never logged in plaintext. You may revoke or rotate tokens at any time; revocation may limit functionality.

5. Retention

Snapshot and audit data are retained while the account is active and for a limited backup window thereafter before deletion.

6. Sharing

We do not sell data. Data may be shared with infrastructure subprocessors under contract for hosting and monitoring only.

7. Security

Encryption at rest for sensitive secrets, role-based access controls, audit logging, and least-privilege design principles are applied.

8. Your Rights

You may request access, correction, or deletion of personal data (subject to legal and technical limitations).

9. Changes

Material changes will be signposted in-app or via email with a new effective date.

10. Contact

Questions: privacy@repod.app

11. Analytics

We use Google Analytics (GA4) to understand aggregate feature usage and improve stability. We do not send personal identifiers (email, PATs) or full repository/team names. IP anonymization is enabled by default.

• Consent: A banner requests analytics consent; no tracking loads until accepted.
• Opt-out: Decline on the banner or remove the analytics_consent cookie to stop tracking.
• Do Not Track: If your browser sends Do-Not-Track the script is skipped entirely.
• Events: Registration, organisation add, and sync completions may emit non-PII event counts.

You may additionally block analytics at the network layer or use browser extensions. Removal of the consent cookie (analytics_consent=1) followed by refresh re-displays the banner.