GitHub Store

GitHub Store is committed to protecting your privacy. This policy explains how we handle information when you use our application.

TL;DR - The Short Version

• ✅ We collect NO personal data
• ✅ Analytics are opt-in and anonymous — off by default
• ✅ Most data stays on your device
• ✅ Our backend caches public GitHub data to speed up the app
• ✅ Your search queries are hashed before storage — the original text is never written to our servers
• ✅ No ads, no tracking, no data sales
• ✅ 100% open source and auditable

Information We Collect

Optional GitHub Authentication

If you choose to sign in with GitHub:

• We request minimal read-only access to public repositories
• Your OAuth token is encrypted and stored locally on your device
• We never access private data, emails, or personal information
• The token is used solely to increase your GitHub API rate limit

Local Data

• Installed Apps Database: We track apps you've installed via GitHub Store to notify you of updates
• Preferences: Theme settings, search history stored locally
• All local data remains on your device

Backend API

GitHub Store operates a backend service (api.github-store.org) that caches publicly available GitHub repository metadata to provide faster search and browsing. When you use the app:

• Search queries and category browsing requests are sent to our backend
• Your IP address is visible to our infrastructure provider (Hetzner) and CDN (Gcore), as with any web request
• We do not log or store your IP address on our servers, nor do we store any search query in a form that links it back to you or your device
• The backend serves only publicly available GitHub data - it does not host or mirror any binary files

Announcements feed

GitHub Store fetches a public, anonymous feed at https://api.github-store.org/v1/announcements on launch. The endpoint receives no user identifier and returns the same payload to every caller. Whether you have read or dismissed an individual announcement is recorded only on your device; we do not record this server-side. Standard server access logs (timestamp, IP, response status, response size) are retained for 7 days, the same as the rest of our infrastructure.

Optional Anonymous Analytics

If you enable "Help improve search" in Settings (off by default), the app sends anonymous behavioural events that drive our search ranking and trending lists:

• Anonymous device ID: A random identifier generated on your device, hashed on our backend with a server-side secret before storage. Not linked to your identity, GitHub account, or any personal data. You can reset it at any time from Settings — resetting permanently severs the link between previously-logged events and your current device.
• Event types: Search performed, search result clicked, repo viewed, release downloaded, install started/succeeded/failed, app opened after install, uninstalled, favorited, unfavorited.
• Search queries (in analytics events): Sent to the backend only as client-computed hashes. We never receive your raw search text through the analytics pipeline.
• Platform and app version: Operating system (e.g. "android", "desktop-macos") and app version.

You can disable this analytics pipeline at any time from Settings. When disabled, no events are sent to our servers.

What We DON'T Collect

How We Use Information

Backend API: Our backend (api.github-store.org) caches publicly available GitHub repository metadata to provide fast search and app discovery. Before you install any app, the client always re-fetches release information directly from GitHub to ensure download links are current.

GitHub API Access: The app may also make direct API calls to GitHub's servers. These requests go from your device to GitHub.

Anonymous Analytics (if enabled): Usage events are aggregated to improve search ranking and discover trending apps. Individual events are rolled up into daily statistics and are not used to build user profiles.

Local Storage: The installed apps database and preferences are stored locally using platform-specific storage. This data never leaves your device.

Data Sharing

We do not sell, rent, or share your data with any third parties for marketing or advertising purposes.

Services involved in operating GitHub Store:

• GitHub API: Direct communication with api.github.com (subject to GitHub's Privacy Policy)
• Gcore: CDN and DDoS protection for api.github-store.org (subject to Gcore's Privacy Policy). A secondary hostname (api-direct.github-store.org) bypasses the CDN and connects directly to Hetzner, used as a fallback for users on networks where CDN IPs are throttled.
• Hetzner: Server hosting in the EU (subject to Hetzner's Privacy Policy)
• Sentry: Error tracking for backend stability — receives technical error data when our servers hit unexpected exceptions (stack traces from our own server code, request method and path, and a server-generated request ID for support correlation). Before transmission we automatically strip credential-bearing headers (Authorization, OAuth tokens, admin tokens, cookies, IP-bearing headers), redact any quoted text spans longer than 32 characters from exception messages, and truncate messages to 200 characters. Never receives raw user identifiers, IP addresses, OAuth tokens, search queries, or personal information (subject to Sentry's Privacy Policy).
• No advertising networks or third-party analytics SDKs

Data Security

• OAuth tokens encrypted using platform-specific secure storage (Android Keystore)
• All network communication uses HTTPS (TLS 1.2+)
• Backend database is not publicly accessible - only the API endpoints are exposed
• Anonymous device IDs are rotatable by the user at any time
• Open source code - fully auditable at github.com/OpenHub-Store/GitHub-Store

Your Rights

You have full control over your data:

• Access: View all stored data through the app interface
• Delete: Sign out to remove OAuth token, or clear app data in Settings
• Opt out: Disable "Help improve search" to stop all analytics collection
• Reset analytics ID: Generate a new anonymous device ID from Settings at any time, severing any link to previous usage data
• No Account Required: GitHub Store works without signing in
• Uninstall: Removes all local data permanently

Request Account / Data Deletion

If you want to delete your account-related data stored by GitHub Store, follow these steps:

1. Open GitHub Store and sign out from your GitHub account (if signed in).
2. Uninstall the app or clear app data in Android Settings to remove all local data.
3. Revoke GitHub OAuth authorization (optional but recommended):
• Go to GitHub Settings → Applications → Authorized OAuth Apps
• Find GitHub Store and click Revoke

After completing these steps, all account-related data (GitHub username and OAuth token) stored by GitHub Store will be deleted. No other personal data is retained.

Android Permissions

GitHub Store requests these permissions:

• INTERNET: Fetch repository data from GitHub API
• QUERY_ALL_PACKAGES: Detect installed apps for update notifications
• REQUEST_INSTALL_PACKAGES: Install downloaded APK files
• STORAGE (Android 9 and below): Save and access downloaded installers

Data Retention

Local data: Retained until you clear app data or uninstall.

Anonymous analytics events: Raw events are rolled up hourly into behavioral aggregates used for search ranking, then automatically deleted after 90 days. Aggregated statistics (e.g. "50 installs of app X today") never contain user-identifiable information and are retained indefinitely. Every row is keyed only by the hashed anonymous device ID you can reset from Settings at any time — resetting severs the link between previously-logged events and your current device, and is the mechanism by which you exercise your right to erasure.

Search miss data: When a query returns few or no results, we store a one-way hash of the canonicalized query plus a count, last-seen timestamp, and result count. The original query text is never written to our servers in any form. This data is used by operators to identify gaps in our search index. Hashes are never linked to a specific user, IP address, or device ID.

GDPR & CCPA Compliance

GDPR (EU Users): Our backend servers are hosted in the EU (Hetzner, Germany/Finland). When analytics are disabled (default), we do not process personal data. When analytics are enabled, the hashed anonymous device ID may constitute pseudonymous data under GDPR — you can exercise your right to erasure by resetting your analytics ID in Settings (severs the link to all previous data) or by simply turning the toggle off, and rows are automatically deleted after 90 days regardless.

CCPA (California): We do not sell or share personal information. Anonymous analytics data does not constitute "personal information" under CCPA as it cannot identify you.

Children's Privacy

GitHub Store does not knowingly collect information from children under 13. The app is designed for developers and users interested in open-source software.

Changes to This Policy

We may update this policy occasionally. Changes will be posted:

• On this page
• In our GitHub repository
• In the app (for significant changes)

Data Deletion

To delete all GitHub Store data:

1. Open Android Settings
2. Navigate to Apps → GitHub Store
3. Tap "Clear Data" or uninstall the app

Disclaimer

No Affiliation with GitHub, Inc.: GitHub Store is an independent, open-source project not affiliated with, endorsed by, or sponsored by GitHub, Inc. The name "GitHub Store" describes the app's functionality (discovering GitHub releases) and does not imply trademark ownership or association with GitHub, Inc.