Privacy Policy

We collect the following categories of information:

Account Data. When you sign up, we collect your name, email address, and profile information from your authentication provider (GitHub or Google). This data is used solely to create and manage your account, authenticate you to the service, and communicate with you about your account.

Usage Data. We automatically collect information about how you interact with the service, including IP address, browser type, device type, operating system, pages visited, features used, timestamps, and referring URLs.

Code Data. When Prelint reviews a pull request, we temporarily process code diffs and related metadata (file names, commit messages, PR descriptions) provided via the GitHub API. Code diffs are processed in isolated, per-organization containers with dedicated storage. Each organization's data is stored separately and never shared with another tenant.

Payment Data. If you subscribe to a paid plan, our payment processor collects billing information. We do not store credit card numbers on our servers.

We use the information we collect to:

• Provide, maintain, and improve the Prelint service
• Process and complete pull request reviews
• Send transactional emails (account confirmations, review notifications)
• Monitor and analyze usage trends to improve the product
• Detect, prevent, and address technical issues and security threats
• Comply with legal obligations

Code diffs are processed in isolated, per-organization containers with dedicated storage. Each organization gets its own isolated storage namespace, encrypted at rest. Your code is never shared with another tenant or used for model training.

Review metadata (timestamps, file counts, review status) is retained for audit logging and service improvement purposes.

Account data is retained for as long as your account is active. Upon account deletion, personal data is removed within 30 days, except where retention is required by law.

We use third-party service providers to help operate and improve Prelint. These providers process data on our behalf under contractual obligations to protect your information. For a complete list, see our Subprocessors page.

All LLM providers we use operate under contractual zero-retention agreements — your data is never stored or used for model training.

Prelint offers sign-in via Google. When you authenticate with Google, we receive your name, email address, and profile picture as authorized through Google's OAuth consent flow. We use this information solely to create and maintain your Prelint account.

Prelint's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

We do not use Google user data for advertising, market research, or to serve ads. We do not sell Google user data to third parties, data brokers, or information resellers. You can revoke Prelint's access to your Google account at any time through your Google Account permissions.

Prelint uses artificial intelligence and large language models (LLMs) to analyze code diffs and generate review comments. When you submit a pull request for review, the relevant code diffs, PR metadata, and product specifications are sent to our AI providers for processing.

AI-generated review comments are advisory and may not be accurate, complete, or error-free. All AI processing is performed in accordance with this Privacy Policy and applicable laws. Our AI providers operate under contractual zero-retention agreements — your data is not stored by or used to train any AI models.

We implement technical and organizational measures to protect your information, including encryption at rest (AES-256) and in transit (TLS 1.3), per-tenant isolation with dedicated containers and storage, least-privilege access controls, and audit logging.

Access to customer data is limited to authorized personnel who require it to operate, develop, or improve the service. While we strive to protect your information, no security system is impenetrable, and we cannot guarantee absolute security. For full details on our security practices, see our Security page.

We may disclose your information if required to do so by law or in good faith belief that such action is necessary to:

• Comply with a legal obligation, subpoena, or similar legal process
• Protect and defend our rights or property
• Prevent or investigate possible wrongdoing in connection with the Service
• Protect the personal safety of users or the public
• Respond to a government or regulatory request

We use Google Analytics to understand how visitors use our website. Google Analytics uses cookies to collect anonymous usage data including pages visited, session duration, and referral source.

You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

We do not use advertising cookies or sell your data to third parties.

Prelint is operated from the United States. If you access the service from outside the United States, your information may be transferred to and processed in the United States.

For users in the European Economic Area (EEA), we rely on Standard Contractual Clauses and other lawful transfer mechanisms to ensure your data is protected in accordance with GDPR requirements.

GDPR (European Economic Area). If you are located in the EEA, you have the right to access, correct, delete, or port your personal data, as well as the right to restrict or object to processing. To exercise these rights, contact us at hello@prelint.com.

CCPA (California). California residents have the right to know what personal information we collect, request deletion, and opt out of the sale of personal information. We do not sell personal information.

To exercise any of these rights, email us at hello@prelint.com. We will respond within 30 days.

You can stop all data collection by the Service by deleting your account. To request account deletion, email us at hello@prelint.com. Upon deletion, your personal data will be removed within 30 days, except where retention is required by law.

You can revoke Prelint's access to your GitHub repositories at any time by uninstalling the GitHub App from your organization or account settings. You can revoke Google access through your Google Account permissions.

Prelint is not directed at children under 16. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us and we will promptly delete it.

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the effective date. Your continued use of the service after changes constitutes acceptance of the updated policy.

If you have questions about this Privacy Policy or our data practices, contact us at:

Sierra Five, Inc. Email: hello@prelint.com