Legal
Privacy Policy
Last updated July 3, 2026
CodeHealth ("CodeHealth", "we", "us", or "our") provides a service that analyzes GitHub repositories to produce technical debt and code-health reports. This Privacy Policy explains what information we collect, how we use it, and the choices you have. It applies to codehealth.report, dashboard.codehealth.report, and any other service that links to this policy.
1. Information we collect
We collect the minimum information needed to authenticate you and analyze the repositories you choose to connect:
- Account information — name, email address, and GitHub username when you sign in with GitHub OAuth.
- Repository metadata — commit history, file paths, change frequency, contributor counts, and branch names for repositories you explicitly select for analysis. We never clone, store, or read your source code itself beyond what GitHub's read-only API exposes for structural analysis.
- Usage data — pages visited, features used, and basic device/browser information, collected to improve the product.
- Billing information — handled entirely by our payment processor; we do not store full card numbers on our servers.
2. How we use your information
- To generate health reports, hotspot analysis, and prioritized recommendations for your repositories.
- To authenticate you and maintain your session across the dashboard.
- To send you service-related emails, such as report-ready notifications or billing receipts.
- To monitor, debug, and improve the reliability and accuracy of our analysis.
3. What we don't do
- We never modify, commit to, or write back to any repository you connect.
- We do not sell your data or your repositories' metadata to third parties.
- We do not use your private repository content to train third-party models.
4. Data sharing
We share data only with subprocessors required to run the service — for example, cloud hosting (for storing reports and account data) and payment processing (for billing). Each subprocessor is bound by a data processing agreement and may only use your data to provide the service to us. We disclose information if required by law or to protect the rights, property, or safety of CodeHealth, our users, or the public.
5. Data retention
Reports are retained for 30 days after generation unless you're on a plan with a longer retention window, after which they are deleted automatically. Account data is retained for as long as your account is active, and deleted within 30 days of account closure, except where we're required to retain records for legal or accounting purposes.
6. Your rights
Depending on where you live, you may have the right to access, correct, export, or delete your personal data. To exercise any of these rights, contact us at the address below and we'll respond within 30 days.
7. Changes to this policy
We'll update the "Last updated" date above whenever this policy changes, and notify active customers by email for material changes.
8. Contact us
Questions about this policy? Reach us at privacy@codehealth.report or visit our contact page.