Legal

Privacy Policy

How we collect, use, and protect your personal data when you use GitScope.

Effective June 7, 2026

Overview

What this policy covers and how to read it

GitScope is the data controller responsible for the processing of personal data under this Privacy Policy. Before using our website or application (collectively, the "Service"), please read this policy carefully.

It describes the types of information we collect, how we use it, and your rights regarding your data. By accessing or using the Service, you agree to this Privacy Policy.

Information we collect

Personal data we process today

Depending on how you use the Service, we may collect and process the following personal information:

  • Waitlist information — Email address when you join our waitlist on the website.
  • Account information — Name, email address, and password when you create an account.
  • Authentication data — Two-factor authentication settings, recovery codes, and passkey credentials if you enable them.
  • Session information — Active browser sessions, including IP address and user agent.
  • Team information — Team names, your membership role, and email addresses of pending invitations you send.
  • Website analytics — On public pages, we use server-side analytics to understand how our site is used. This may include pages viewed, referrers, campaign parameters (UTM tags), and a daily anonymized visitor identifier derived from technical request data. We do not use analytics cookies.

Processing of minors' data

The Service is not intended for minors.

We do not knowingly collect personal data from children under the minimum age applicable in their jurisdiction, even if parental consent is provided. If we become aware that we have inadvertently collected data from a child, we will delete it promptly.

How we use your information

Purposes, legal bases, and retention

We use your information to operate and maintain the Service — including managing waitlist sign-ups, user accounts, team membership, authentication, and customer support — and to keep the Service secure.

We use website analytics to understand how our public site is used and to improve it. Analytics are processed server-side by our analytics provider. This processing is based on our legitimate interest in operating and improving the Service.

We may send relevant communications such as waitlist updates or product announcements. You can opt out of marketing messages when applicable.

Legal basis for processing

We process personal data on one or more of the following grounds:

  • Performance of a contract when you use the Service
  • Our legitimate interests in operating and improving the Service
  • Your consent where required (e.g. marketing communications)
  • Compliance with legal obligations

We never sell your data

We never sell, rent, or share your personal data with third parties for marketing or advertising.

We never train on your data

Your data is never used to train AI models — by us or our service providers.

Information retention

We retain personal data only as long as necessary to provide the Service, comply with legal obligations, resolve disputes, and enforce our agreements.

Cookies

How we use cookies on our website

When you visit our website or sign in to the Service, small files called cookies may be stored on your device. They help keep you signed in, protect against cross-site request forgery, and remember basic preferences.

We do not use cookies for website analytics. Usage data on public pages is collected server-side without placing tracking cookies on your device.

Most browsers accept cookies by default. You can change your browser settings to block or limit cookies. Note that disabling cookies may prevent some features — such as staying signed in — from working correctly.

Security

How we protect your information

Personal information you provide is kept secure and confidential. We follow industry-standard practices to protect data you submit to us and do not share it with other companies except as necessary to deliver the Service.

Full security details

Encryption, access controls, and more are documented on our dedicated Security page.

View security practices →

Third parties

Service providers and data sharing

We use trusted third-party providers for infrastructure hosting and other operational services. These providers process data only as necessary to deliver the Service on our behalf.

Where we use cloud hosting providers or other subprocessors, they act as data processors on our instructions. We remain responsible for personal data processed through the Service in accordance with applicable law, but we are not liable for failures caused solely by a subprocessor beyond our reasonable control.

See our Subprocessors page for the current list. See our Security page for how we evaluate vendors.

Your rights

Access, correction, and deletion

You stay in control. Update your profile information from your account settings, or contact us to exercise your rights.

Depending on your location, you may have the following rights regarding your personal data:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Restrict or object to processing
  • Withdraw consent to marketing communications at any time

You can delete your account from your profile settings. To exercise other rights, contact us at privacy@gitscope.app.

Changes to this policy

How we notify you of updates

We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised effective date. Where required by law, we may provide additional notice.

By continuing to use the Service after changes take effect, you agree to the revised policy. We encourage you to review this page periodically.

Contact

Questions about this policy

If you have questions or concerns about this Privacy Policy or how we handle your data, contact us at privacy@gitscope.app.