Privacy policy

OpenGittr ("OpenGittr", "we", "us") builds developer tools, both open source and hosted (SaaS). This policy explains how we handle personal data across our products — including issueboard, rhealth, bugtrack, and kubeui — and on this site, opengittr.com. A specific product may publish its own, more detailed policy on its own site; where it does, that product policy governs that product, and this policy covers everything else and the matters common to all of them. Several of our products are in beta; this policy will be reviewed by counsel before general availability, and we will announce material changes (see "Changes to this policy").

Sign-in and the OAuth consent screen

Our hosted products let you sign in with a third-party identity provider — Google, GitHub, or Microsoft. When you authorize sign-in, the consent screen you see is operated by OpenGittr and points here for this policy and our terms of service. From your chosen provider we receive only your basic profile: your name, email address, avatar image, and a stable provider account identifier. We request the minimum scopes needed to authenticate you — we do not read your email, your repositories, your contacts, or your files, and we never receive or store a password. You can revoke OpenGittr's access at any time from your provider's account-security settings.

Data we collect

Account data

The basic profile described above, plus the products and organizations you create or join, and your in-app settings and preferences.

Content you create

Whatever you put into a product to make it work — for example, monitor configurations and alert contacts in rhealth, issues and comments in issueboard, or error reports captured by bugtrack. This content belongs to you or your organization (see the terms of service) and may contain personal data you choose to include; you are responsible for what you put in.

Usage and technical data

Standard server logs (IP address, browser user agent, timestamps, requested URLs) and product usage events that help us operate, debug, and improve our services. We do not run third-party advertising or cross-site tracking.

What we use data for

• Providing the products: authenticating you and storing and displaying your content.
• Security: verifying sign-ins, detecting abuse, and protecting accounts and data.
• Operating and improving: debugging, capacity planning, and understanding which features matter.
• Communicating with you: service messages such as sign-in links, alerts and notifications you configure, and important account or policy notices. We do not send marketing email without consent.

What we do not do

We do not sell personal data. We do not share your content with third parties except the subprocessors below, and we do not use your private content to market to anyone.

Subprocessors

Our hosted products run on third-party cloud infrastructure (hosting, storage, email, and messaging delivery providers) that processes data on our behalf under its own confidentiality and data-processing commitments. We keep this list current and will publish it as our products mature through beta; you can request the current list at any time via privacy@opengittr.com.

Retention

Content is retained for as long as your account or organization is active. When you delete content or close an account, it is removed from the live service promptly and from backups on the backup rotation schedule (a bounded number of weeks). Server logs are kept for a short operational window and then deleted. When billing applies, billing records are retained as required by law.

Your rights

Wherever you are, we extend GDPR-style rights to everyone using our products:

• Access — ask what personal data we hold about you.
• Export — receive a copy of your data in a portable format.
• Correction — fix inaccurate account data (much of which you can edit directly).
• Deletion — delete your account, or have your organization's data deleted entirely.
• Objection — object to a particular use of your data.

To exercise any of these, email privacy@opengittr.com. We respond within 30 days. If you are an end user of an organization on one of our products, we may direct your request to that organization where it controls the data in question.

Cookies

Our hosted apps use session cookies only — the minimum needed to keep you signed in and to protect against request forgery. There are no advertising cookies and no third-party trackers. This marketing site sets no cookies at all.

Security

We protect data with per-organization isolation, OAuth-only authentication, encryption in transit, and least-privilege access. If you find a vulnerability, please report it to security@opengittr.com.

Children

OpenGittr products are tools for developers and teams, not directed at children under 16. We do not knowingly collect data from children.

Changes to this policy

We will update this policy as our products evolve — including the counsel review noted above — and post changes here with a new effective date. For material changes we will notify account owners by email before the changes take effect.

Contact

Privacy questions and requests: privacy@opengittr.com. Security reports: security@opengittr.com. General enquiries: hello@opengittr.com.