Privacy Policy
1. Introduction
Taktibt ("we," "our," or "us") operates a documentation automation service that helps teams keep their project documentation up-to-date using AI. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our service.
2. Information We Collect
2.1 Account Information
When you create an account through GitHub OAuth, we collect:
- GitHub username and user ID
- Email address
- Display name
- GitHub access tokens (to access your repositories)
- GitHub App installation IDs
2.2 Project and Repository Data
To provide our documentation automation service, we collect and process:
- Repository content (documentation files, issue content, pull request data)
- GitHub webhook data (issues, pull requests, comments)
- Project configuration settings you provide
- Custom instructions and settings for AI processing
2.3 Usage and Analytics Data
We collect information about how you use our service:
- API usage statistics (execution counts, search queries)
- Error logs and debugging information
- Billing and subscription information (processed through Stripe)
- Email interaction data (opens, clicks for service emails)
2.4 Technical Information
We automatically collect certain technical information:
- IP addresses (for rate limiting and security)
- Browser and device information
- Session data
- Application logs for debugging purposes
3. How We Use Your Information
3.1 Service Provision
We use your information to:
- Process GitHub issues and pull requests to update documentation
- Generate AI-powered documentation updates using OpenAI and Anthropic APIs
- Create and manage documentation embeddings for search functionality
- Monitor service usage and enforce subscription limits
- Provide customer support
3.2 Communication
We use your email address to send:
- Welcome emails and service onboarding
- Usage quota warnings and limit notifications
- Billing and subscription updates
- Service announcements and security notifications
- Trial and subscription expiration reminders
3.3 Service Improvement
We analyze usage patterns and errors to improve our service quality and performance.
4. Information Sharing and Disclosure
4.1 Third-Party Services
We share your information with essential service providers:
- OpenAI and Anthropic: Repository content and issues are processed by AI models to generate documentation updates
- GitHub: We access your repositories and receive webhook data through GitHub Apps integration
- Stripe: Payment processing and subscription management
- AWS: Email delivery through Amazon SES
- Cloud hosting providers: For service infrastructure
Third-party privacy policies: When you interact with these external services, their respective privacy policies also apply. We encourage you to review the privacy policies of OpenAI, Anthropic, GitHub, Stripe, and AWS.
4.2 Legal Requirements
We may disclose your information if required by law, court order, or to protect our rights and safety.
4.3 Business Transfers
If we're acquired or merged, your information may be transferred to the new entity.
5. Data Security
We implement appropriate security measures including:
- Encryption in transit and at rest
- Access controls and authentication
- Regular security audits
- Rate limiting to prevent abuse
- Secure webhook signature verification
6. Data Retention
We retain your information as follows:
- Account data: Until you delete your account
- Documentation and repository data: Retained permanently to enable our core search and AI features - this allows you to search through historical documentation changes and issue discussions
- Project configurations: Until you remove projects or delete your account
- Usage logs and analytics: Retained permanently for service improvement and debugging
- Billing data: Retained as required by tax and accounting regulations (typically 7 years)
Note: The permanent retention of documentation data is a core feature that enables historical search capabilities. If you need specific data deleted, please contact us to discuss options.
7. Your Rights and Choices
7.1 Account Management
You can:
- Update your account information through the dashboard
- Remove repository connections and projects
- Configure notification preferences
- Cancel your subscription at any time
7.2 Data Access and Deletion
You can request:
- Access to your personal data
- Correction of inaccurate information
- Deletion of your account and associated data
- Data portability (where technically feasible)
8. Cookies and Tracking
We use essential cookies only:
- Session cookies: For authentication and maintaining your login state
- CSRF tokens: For security and preventing cross-site request forgery
- Remember me tokens: If you choose to stay logged in (optional)
- Preference cookies: For remembering your dashboard settings
We do not use advertising cookies, tracking pixels, or third-party analytics. All cookies are essential for service functionality.
9. International Transfers
Your data may be processed by third-party services (OpenAI, Anthropic, AWS, Stripe) located in various jurisdictions including the United States. We ensure appropriate safeguards are in place for international data transfers.
We are planning to incorporate in the United States, at which point this privacy policy will be updated to reflect any additional compliance requirements.
10. Children's Privacy
Our service is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13.
11. Data Security Incidents
In the unlikely event of a data security incident that affects your personal information, we will:
- Investigate and contain the incident promptly
- Notify affected users via email within 72 hours when feasible
- Provide clear information about what data was involved and steps we're taking
- Comply with applicable data breach notification laws
12. Changes to This Policy
We may update this Privacy Policy periodically. We'll notify you of significant changes via email or through our service. Your continued use of Taktibt constitutes acceptance of the updated policy.
13. Contact Information
If you have questions about this Privacy Policy or our data practices, please contact us through your account dashboard.