This Privacy Policy explains how LlamaPReview ("we", "our", or "us") collects, uses, and protects your information when you use our GitHub App. We are committed to ensuring the privacy and security of your data while providing AI-powered code review services. This policy is designed to comply with global privacy regulations including GDPR and CCPA.
2. Information We Collect
When you install and use LlamaPReview, we collect only the minimum necessary information to provide our services:
GitHub installation ID and account information (as provided by GitHub OAuth)
Repository metadata (repository names, PR numbers, and associated metadata)
Pull request content for analysis
Basic usage analytics (frequency of PR reviews, feature usage patterns)
Important Notice About Code Processing:
LlamaPReview processes your repository code with the following privacy measures:
Code is temporarily held in memory for analysis purposes only.
All code processing occurs in isolated, secure environments.
No repository code is ever persisted to permanent storage by LlamaPReview.
3. How We Use Your Information
We use the collected information solely for:
Providing automated code review services through our AI system.
Generating and posting review comments on your pull requests.
Improving our service based on anonymized usage patterns.
Ensuring proper operation and security of the service.
Communicating essential service updates.
4. Data Protection and Processing
We implement comprehensive security measures to protect your data:
End-to-end encryption for all data in transit.
Secure, ephemeral processing environments for code analysis hosted on AWS.
Regular security audits and updates.
Strict access controls and authentication mechanisms.
Compliance with GitHub's security best practices.
AI Model Usage and Data Processing Transparency:
To provide a sustainable and powerful service, we use different AI models depending on your repository's visibility. In all cases, your code is used exclusively to generate the review and is **never used for training AI models.**
For Private (Closed-Source) Repositories: Your code is processed exclusively by leading AI service providers such as **Mistral AI** or **Google (Gemini API)**. These providers are selected for their stringent security and privacy commitments and are bound by strict data protection agreements.
For Public (Open-Source) Repositories: To offer powerful features to the open-source community at a sustainable cost, your code may be processed by the **DeepSeek LLM API**, in addition to the providers mentioned above. As this code is already publicly accessible, this allows for a different cost structure while still maintaining secure processing.
All AI providers we partner with are contractually obligated not to retain or store your code after processing is complete.
5. Data Retention
Our data retention policy is designed to minimize data storage:
Repository code: Not stored. Temporarily held in memory for processing only.
PR metadata: Retained only while the PR is active.
Installation data: Retained only while the app remains installed.
Usage analytics: Anonymized after 30 days.
6. Third-Party Services (Sub-processors)
LlamaPReview integrates with the following third-party services to function:
GitHub: For primary platform integration and authentication.
Amazon Web Services (AWS): For all secure, serverless processing and infrastructure, hosted exclusively in the **ap-southeast-1 (Singapore)** region.
AI Service Providers:
Mistral AI & Google (Gemini API): Used for processing code from private (closed-source) repositories.
DeepSeek: Used for processing code from public (open-source) repositories.
Please refer to these services' respective privacy policies for additional information about their data handling practices.
7. Your Rights
Under applicable privacy laws (such as GDPR), you have the right to:
Access your personal information.
Request correction or deletion of your data.
Restrict or object to processing.
Export your data (data portability).
Withdraw consent at any time by uninstalling the app.
To exercise these rights, please contact us at Jiantong.xu@foxmail.com.
8. Changes to This Policy
We may update this privacy policy to reflect changes in our practices or for legal compliance. We will notify users of any material changes via email or through the GitHub App interface.
9. Contact Us
For any questions about this Privacy Policy or our data practices, please contact us at: