Privacy Policy

Introduction

PRPilot ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our VS Code extension and related services.

Information We Collect

Personal Information

• GitHub username and email address (via OAuth)
• GitHub repository URLs and PR links
• Usage statistics and analytics data
• Billing status metadata (plan, subscription state, renewal/cancel timestamps)

Code Data

• PR diffs (sent to AI providers for analysis)
• Review results and comments
• Custom practices and settings

Payment Data

• Checkout and subscription identifiers from Polar
• Payment event status from Polar webhooks
• Invoice and payment status metadata from CryptoCloud (for USDT TRC20 checkouts)
• We do not store full card numbers or CVV data on our servers

How We Use Your Information

• To provide and maintain our service
• To process code reviews using AI models
• To create and manage subscription checkout and billing status
• To improve and optimize our service
• To communicate with you about updates and support
• To analyze usage patterns and trends

Data Storage and Security

We use industry-standard security measures to protect your data:

• All data is encrypted in transit using TLS/SSL
• User data is stored in Supabase (PostgreSQL) with encryption at rest
• PR diffs are sent to OpenAI/Anthropic APIs over encrypted connections
• We do not store your code permanently; only review results are saved

Third-Party Services

We share data with the following third-party services:

• OpenAI: For code analysis (see OpenAI Privacy Policy)
• Anthropic: For code analysis (see Anthropic Privacy Policy)
• GitHub: For OAuth authentication and PR access
• Polar: For checkout, subscriptions, and payment processing (see Polar Privacy Policy)
• CryptoCloud: For crypto invoice and payment processing (see CryptoCloud Privacy Policy)
• Supabase: For authentication and user/billing metadata storage

Your Rights (GDPR Compliance)

If you are in the European Economic Area (EEA), you have the following rights:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Data Portability: Request export of your data
• Right to Object: Object to processing of your data

To exercise these rights, contact us at privacy@ai-code-reviewer.com

Data Retention

We retain your data for as long as your account is active or as needed to provide services. Billing metadata is retained for compliance, support, and fraud prevention purposes. You can request deletion of account data at any time, subject to legal obligations.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

Contact Us

If you have any questions about this Privacy Policy, please contact us:

• 📧 Email: privacy@ai-code-reviewer.com
• 🌐 Website: pr-pilot.dev