Privacy Policy
Last updated: April 2026
Data We Collect
When you analyze a repository, the repo slug, health score, description, and language are stored in Upstash Redis to power the Recently Checked list, Leaderboard, and Stats page. Historical score snapshots (up to 12 per repo) are also stored to power the trend chart. Your IP address is hashed and counted in a Redis set solely to compute the unique visitor count shown on the Stats page — it is never linked to any repo or personal identity.
What We Do NOT Collect
We do not collect names, email addresses, private repo data, repository contents, or any personal information. No advertising profiles are built. No data is sold to third parties.
GitHub OAuth
If you choose to sign in with GitHub, your GitHub OAuth token is stored in an encrypted server-side session cookie for the duration of your browser session only. It is used solely to raise your GitHub API rate limit from 60 to 5,000 requests/hour. It is never written to a database.
Cookies
We use strictly necessary session cookies for GitHub OAuth only. No tracking, analytics, or advertising cookies are set. See our Cookies page for the full cookie table.
Third-Party Services
We use Vercel for hosting (may log IP, path, user agent per their privacy policy) and Upstash Redis for data storage (data stored at rest in the EU or US region you configure). No other third-party analytics or tracking services are used.
Data Retention
Watchlist entries are capped at 100 items (FIFO). History snapshots are capped at 12 per repo. Cached analysis results expire after 15 minutes. There is no long-term retention of repo data.
Contact
For any privacy-related questions, please open an issue at github.com/SamoTech/devlens.