Back to Home

GitPulse Privacy & Data Model

Maximum clarity. No marketing. Technical precision for developers.

1. Architecture Principle

GitPulse works exclusively with repository metadata.

GitPulse never accesses:

  • Source code contents
  • File contents
  • Diff data
  • File trees
  • Blobs
  • Binary files

These data are: not read, not stored, not processed, not analyzed.

Clear statement: GitPulse cannot reconstruct code. There is no code access in the architecture.

2. What Data Is Read?

Explicit table. No implicit assumptions.

Data CategoryReadStoredPublic Display
Repository NameYesYesYes
Repository Visibility (public/private)YesYesNo
Commit SHAYesNoNo
Commit TimestampYesYesYes
Commit MessageNoNoNo
Pull Requests (metadata: count, repo)YesYesYes
Issues (metadata: count, repo)YesYesYes
Branch NameNoNoNo
PR TitleNoNoNo
Contributor UsernameYesYesYes
OrganizationsYesYesYes
Diff ContentNoNoNo
File ContentNoNoNo

Private repo names: Stored and displayed only when you enable private repos and share your profile publicly. You can hide private repository names for public visitors in GitPulse Settings. If your profile is private, repo names are not visible to others.

3. Commit Data – Exact Definition

Are commit messages read? No.

Are commit timestamps read? Yes – stored and displayed as activity metrics.

Are commit SHAs read? Yes – used for deduplication, never stored or displayed.

Clear statement: No commit message content is ever read, processed, or displayed.

4. Public vs Private Repository Behavior

Public Repositories

Visible:

  • Repo name
  • Activity metrics
  • PR count
  • Issue count
  • Contribution categories
  • Timeline

Not visible:

  • Commit text
  • Diff data
  • File contents

Private Repositories (when enabled)

Visible on profile:

  • Repo name (only when profile is shared publicly)
  • Activity metrics
  • Aggregated contribution types

Not visible:

  • Source code
  • Commit text
  • Diffs
  • File names
  • Branch details

Explicit statement: Private contents stay private. We never read or store code.

Private Organization Repositories

Private organization repositories are only included when you explicitly install the GitPulse App within the respective organization. Only your personal contribution metadata (timestamps, counts) is processed — no commit messages, no source code, no diffs.

5. Data Flow

  1. OAuthread:user for identity only
  2. GitHub App – Read-only repo metadata (required for private repos)
  3. No write access, no webhooks – Revocable in GitHub settings (OAuth app + App installation)
  4. API queries – GraphQL (contributions, commits metadata) and REST (events)
  5. Processing – In-memory classification, aggregation
  6. Storage – Only aggregated metrics (counts, percentages, dates)

Are webhooks used? No.

Is raw data stored? No. Only aggregated metrics (counts, percentages, dates) are retained.

Are only aggregated values stored? Yes.

GitHub API (read-only)
       ↓
  Fetch metadata (commits, PRs, issues, repos)
       ↓
  Process in memory (classify, aggregate)
       ↓
  Store: counts, percentages, dates only
       ↓
  Display: aggregated insights only

6. Storage & Security

  • Hosting: Vercel (frontend), Render (backend)
  • Region: US / EU depending on deployment
  • TLS for all connections: Yes
  • Encryption at rest: Yes (database provider default)
  • OAuth tokens: Encrypted at rest (AES-256-GCM), cleared on logout and when revoked on GitHub
  • Access to production data: Backend only; no third-party analytics on raw user data
  • Logging of sensitive data: No. Secrets and raw API tokens are never logged
  • Data isolation per user: Yes. User data is scoped by account

7. User Control

User can:

  • Set profile to fully private
  • Disable private repo access
  • Revoke individual repositories (via GitHub App)
  • Logout – OAuth token is immediately cleared from our database
  • Delete account

GitHub App uninstallation: We lose access to your data immediately. Cached profile data may remain until next refresh cycle or manual purge.

Account deletion: User data is removed. Backups are purged within retention policy (typically 30 days).

How fast is data deleted? On request: as soon as technically feasible. Cached data: cleared on next profile refresh or manual cache clear.

8. What GitPulse Technically Cannot Do

GitPulse cannot:

  • Read code
  • Extract secrets
  • View configuration files
  • Analyze proprietary algorithms
  • Detect API keys
  • Read private strings
  • Access databases

Clear statement: There is no code access in the architecture. The GitHub API we use does not expose file contents or diffs for our use case.

Trust Summary

  • Metadata-only architecture
  • No source code access
  • No diff storage
  • Aggregated insights only
  • Revocable access anytime

No marketing. Facts only.