Privacy Policy

Codehabits ("we," "us," or "our") operates the website codehabits.dev and related hosted services that help teams capture and deliver coding context to AI tools (collectively, the "Service"). This Privacy Policy describes how we collect, use, disclose, and safeguard information when you use the Service.

1. Contact

Questions about this policy: hello@codehabits.dev.

2. Information we collect

2.1 Account and profile

When you sign in (for example with GitHub), we collect identifiers and profile details provided by the provider and our auth system, such as your name, email address, profile image, and an internal user id. We may store GitHub identifiers (such as numeric id and login) to link your account to repositories you authorize.

2.2 Repository and collaboration data

To provide team intelligence features, we process information you or your organization connect to the Service, including GitHub repository metadata, pull-request metadata, and related signals needed to generate and update team intelligence artifacts. The scope depends on what you enable and what access you grant via GitHub.

2.3 Billing

If you purchase a paid plan, our payment processor (Stripe) collects and processes payment method and billing details. We receive limited billing records from Stripe (such as customer and subscription identifiers, plan status, and invoice-related metadata) as needed to operate accounts and entitlements.

2.4 Usage and diagnostics

We may log product usage events and operational data (for example feature actions, API calls, and configuration events) to run, secure, and improve the Service. Session records may include technical metadata such as IP address and user agent where our auth or hosting systems store them.

2.5 Analytics

We may use privacy-conscious product analytics (for example PostHog) to understand aggregate usage. Where configured, analytics may collect page views and related technical data; we aim to minimize collection and use identified profiles only when appropriate.

2.6 Communications

If you contact us, we keep the content of your message and contact details so we can respond.

3. How we use information

• Provide, operate, maintain, and secure the Service
• Authenticate users and authorize access to teams and repositories
• Generate, store, and sync team intelligence outputs you request
• Process payments, trials, and subscription status
• Detect, prevent, and address technical issues, fraud, or abuse
• Comply with law and enforce our terms
• Improve the Service and communicate about meaningful changes

4. How we disclose information

We disclose information to service providers that help us run the Service ("subprocessors"), such as hosting, database, authentication, payments, analytics, and email delivery. We may disclose information if required by law, legal process, or to protect the rights, safety, and security of users, the Service, or the public. If we are involved in a merger, acquisition, or asset sale, information may be transferred as part of that transaction subject to appropriate safeguards.

We do not sell your personal information as a commodity. We do not share information with third parties for their independent marketing purposes except as described in this policy or with your direction.

5. International processing

We may process and store information in countries other than where you live, including where our vendors operate. When we transfer personal data across borders, we use appropriate safeguards where required by applicable law.

6. Retention

We retain information for as long as needed to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements. Retention periods vary depending on the data type and your account activity.

7. Security

We implement technical and organizational measures designed to protect information against unauthorized access, loss, or alteration. No method of transmission or storage is completely secure; we encourage strong credentials and careful GitHub permission scopes.

8. Your choices and rights

Depending on where you live, you may have rights to access, correct, delete, or export certain personal data, or to object to or restrict certain processing. You may also have the right to lodge a complaint with a supervisory authority. To exercise rights, contact us at the email above. We may need to verify your request.

9. Children

The Service is not directed to children under 16, and we do not knowingly collect personal information from children.

10. Third-party services

The Service depends on third parties such as GitHub. Their collection and use of information are governed by their own policies. When you connect GitHub, you authorize data flows needed for the features you enable.

11. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and update the "Last updated" date. Material changes may be communicated through the Service or by email where appropriate.

12. Related terms

Our Terms of Service govern use of the Service.