Privacy Policy

Last Updated: November 5, 2025

1. Definitions and Interpretation

1.1 Definitions

In this Privacy Policy, unless the context otherwise requires:

• "Service" means Daxtack CI, including all websites, applications, APIs, tools, integrations, and services provided by us;
• "We," "Us," "Our," and "Company" refer to Daxtack CI and its affiliates, subsidiaries, officers, directors, employees, agents, and contractors;
• "You," "Your," and "User" refer to any individual or entity accessing or using the Service;
• "Personal Data" means any information relating to an identified or identifiable natural person;
• "Processing" means any operation performed on Personal Data, including collection, storage, use, disclosure, and deletion;
• "Third Party Services" includes but is not limited to GitHub, GitLab, Jenkins, CircleCI, Slack, Discord, Stripe, and any other external services integrated with our Service;
• "CI/CD Logs" means any continuous integration or continuous deployment logs, build logs, error logs, system logs, or related data submitted to the Service;
• "Team" means a group of Users associated with a shared workspace within the Service;
• "Intellectual Property" means all analyses, insights, patterns, suggestions, and derivative works generated by the Service;

2. Acceptance and Consent

2.1 Binding Agreement

By accessing, browsing, registering for, or using any part of the Service, you expressly acknowledge and agree that you have read this entire Privacy Policy and consent to the collection, processing, storage, use, disclosure, and transfer of your Personal Data and other information as described herein. Your continued use of the Service constitutes ongoing acceptance of this Privacy Policy and any amendments thereto.

2.2 Age Restrictions

The Service is not intended for individuals under the age of 18 (or the age of majority in your jurisdiction, whichever is higher). By using the Service, you represent and warrant that you are at least 18 years old and have the legal capacity to enter into this binding agreement. If you are using the Service on behalf of an organization, you represent and warrant that you have the authority to bind that organization to this Privacy Policy.

2.3 Jurisdictional Variations

You acknowledge that privacy laws vary by jurisdiction and that your use of the Service may be subject to the laws of multiple jurisdictions. You consent to the processing of your Personal Data in accordance with this Privacy Policy, regardless of where you are located, and acknowledge that such processing may occur in jurisdictions with different data protection standards than your own.

3. Information We Collect

3.1 Information You Provide Directly

We collect information that you voluntarily provide to us, including but not limited to:

• Account registration information (name, email address, username, password, profile information);
• GitHub, GitLab, or other third-party OAuth credentials and associated account data;
• Payment and billing information (processed through Stripe and subject to their privacy policy);
• CI/CD logs, error logs, build logs, deployment logs, and any other content you upload, submit, or transmit through the Service;
• Team and organization information (team name, member details, role assignments);
• Communications with us (support requests, feedback, comments, forum posts);
• Survey responses, beta program applications, and research participation data;
• Any other information you choose to provide through the Service;

3.2 Information Collected Automatically

When you access or use the Service, we automatically collect:

• Device information (device type, operating system, browser type and version, unique device identifiers);
• Usage data (pages visited, features used, time spent, click patterns, navigation paths);
• Log data (IP address, access times, referring URLs, exit pages, error logs);
• Location data (approximate geographic location based on IP address);
• Cookies, web beacons, pixels, and similar tracking technologies;
• Analytics data (session recordings, heatmaps, interaction patterns);
• Performance metrics (load times, error rates, API response times);
• Network information (ISP, connection type, network performance);

3.3 Information from Third-Party Services

We collect information from integrated third-party services, including:

• GitHub: repository information, workflow run data, commit history, pull request data, issue data, organization membership, permission levels, and any other data accessible through GitHub API;
• GitLab: similar project and pipeline data as described for GitHub;
• Slack/Discord: workspace information, channel data, user identifiers, message metadata;
• CI/CD platforms: Jenkins, CircleCI, Travis CI, Azure DevOps, Bitbucket Pipelines - build data, pipeline configurations, execution logs;
• OAuth providers: profile information, email addresses, authentication tokens;
• Payment processors: transaction history, subscription status, billing information;
• Analytics providers: Google Analytics, PostHog, Sentry - usage patterns, error reports, performance data;

3.4 Inferred and Derived Information

We may infer or derive additional information from the data we collect, including:

• Error patterns and recurring issues across your team or organization;
• Behavioral patterns and usage preferences;
• Technical expertise levels and knowledge domains;
• Team dynamics and collaboration patterns;
• Predictive insights about potential CI/CD failures;
• Aggregated and anonymized statistics about service usage;

4. How We Use Your Information

4.1 Primary Purposes

We use your information for the following purposes, without limitation:

• Providing, maintaining, and improving the Service;
• Processing and analyzing CI/CD logs to generate insights and recommendations;
• Training, improving, and optimizing our AI models and algorithms;
• Creating aggregated, anonymized datasets for research, benchmarking, and development;
• Authenticating users and managing accounts;
• Processing payments and managing subscriptions;
• Communicating with you about the Service, updates, and promotional materials;
• Providing customer support and responding to inquiries;
• Detecting, preventing, and addressing fraud, security issues, and technical problems;
• Enforcing our Terms of Service and other policies;
• Complying with legal obligations and responding to lawful requests;

4.2 AI and Machine Learning

You expressly acknowledge and consent that all data you provide, including CI/CD logs, error messages, code snippets, and configuration files, may be used to train, improve, and optimize our AI models, machine learning algorithms, and error pattern recognition systems. This includes but is not limited to:

• Creating training datasets for language models and pattern recognition systems;
• Building knowledge bases of common errors and solutions;
• Developing predictive models for failure detection;
• Improving the accuracy and relevance of fix suggestions;
• Generating synthetic data for testing and development;

While we attempt to sanitize sensitive information, you acknowledge that you are solely responsible for ensuring that any data you submit does not contain confidential or proprietary information, and you grant us an irrevocable, worldwide, royalty-free license to use such data for these purposes.

4.3 Analytics and Research

We use your information to conduct analytics and research, including:

• Understanding how users interact with the Service;
• Identifying trends in CI/CD failures and resolutions;
• Benchmarking performance across teams and organizations;
• Publishing anonymized research, case studies, and whitepapers;
• Creating industry reports and statistics;

4.4 Marketing and Communications

We may use your information to:

• Send you service-related announcements and updates;
• Provide you with promotional materials about new features, upgrades, and special offers;
• Send newsletters, blogs, and educational content;
• Conduct surveys and request feedback;
• Display targeted advertisements on third-party platforms;
• Include you in case studies and testimonials (with your explicit consent);

5. Information Sharing and Disclosure

5.1 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing, including when you connect third-party services, invite team members, or enable integrations.

5.2 Within Your Team or Organization

If you are part of a Team, your analyses, comments, activity, and other information may be visible to other Team members and administrators. Team administrators have broad access to Team data and may be able to access, use, disclose, or delete your information.

5.3 Service Providers and Partners

We share information with service providers and partners who perform services on our behalf, including:

• Cloud hosting providers (Vercel, Supabase, AWS, Google Cloud);
• AI and machine learning providers (OpenAI, Anthropic, OpenRouter);
• Payment processors (Stripe);
• Analytics providers (Google Analytics, PostHog);
• Error tracking services (Sentry);
• Communication platforms (SendGrid, Twilio);
• Customer support tools (Intercom, Zendesk);
• Security and fraud prevention services;
• Any other third-party services necessary to operate the Service;

5.4 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of assets, your information may be transferred to the acquiring entity. You acknowledge and consent that such transfers may occur without further notice to you, and the acquiring entity may continue to process your information as described in this Privacy Policy.

5.5 Legal Compliance and Protection

We may disclose your information to:

• Comply with applicable laws, regulations, legal processes, or governmental requests;
• Enforce our Terms of Service and other agreements;
• Protect our rights, property, or safety, or that of our users or the public;
• Detect, prevent, or address fraud, security, or technical issues;
• Respond to claims that content violates the rights of third parties;
• Cooperate with law enforcement or regulatory authorities;

5.6 Aggregated and Anonymized Data

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you. This includes industry benchmarks, statistical reports, research findings, and public datasets. You acknowledge that once data is anonymized or aggregated, it is no longer considered Personal Data and we may use and disclose it for any purpose without restriction.

5.7 Public Information

If you choose to make analyses public via shareable links or contribute to public error libraries, that information becomes publicly accessible and may be indexed by search engines, cached, archived, or otherwise preserved by third parties. We are not responsible for how third parties use publicly available information.

6. Data Retention and Deletion

6.1 Retention Periods

We retain your information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, including:

• Account information: Duration of your account plus up to 7 years after deletion;
• Analyses and logs: As specified in your subscription tier (30 days to forever), plus up to 3 years for backup and legal compliance;
• Payment information: Up to 10 years for tax and accounting purposes;
• Communications: Up to 5 years;
• Aggregated and anonymized data: Indefinitely;
• Legal holds and disputes: Until resolved plus applicable statute of limitations;

6.2 Account Deletion

You may request account deletion by contacting support. Upon deletion request, we will deactivate your account within 30 days. However, we may retain certain information:

• For backup and disaster recovery purposes (up to 90 days);
• To comply with legal obligations;
• To resolve disputes and enforce agreements;
• For fraud prevention and security;
• In aggregated or anonymized form indefinitely;
• Where we have a legitimate business interest in retention;

6.3 Team Data

If you leave a Team, your contributions may remain visible to the Team. Team administrators control Team data retention policies, and we may retain Team data even after you leave.

7. Data Security

7.1 Security Measures

We implement reasonable security measures to protect your information, including:

• Encryption of data in transit (TLS/SSL) and at rest;
• Regular security audits and vulnerability assessments;
• Access controls and authentication mechanisms;
• Monitoring and logging of system activity;
• Employee training on data protection;
• Incident response and breach notification procedures;

7.2 Disclaimer of Warranties

HOWEVER, YOU ACKNOWLEDGE AND AGREE THAT NO SECURITY MEASURES ARE PERFECT OR IMPENETRABLE. WE CANNOT GUARANTEE THE SECURITY OF YOUR INFORMATION AND EXPRESSLY DISCLAIM ANY WARRANTY OR GUARANTEE OF SECURITY. YOU TRANSMIT INFORMATION TO US AT YOUR OWN RISK.

7.3 Your Responsibilities

You are responsible for:

• Maintaining the confidentiality of your account credentials;
• Sanitizing sensitive information before submitting logs;
• Using strong passwords and enabling two-factor authentication;
• Promptly notifying us of any unauthorized access or security breaches;
• Complying with your organization's security policies;

7.4 Third-Party Security

We are not responsible for the security practices of third-party services integrated with our Service. You acknowledge that third-party services have their own privacy policies and security measures, and you use such services at your own risk.

8. Cookies and Tracking Technologies

8.1 Types of Cookies

We use the following types of cookies and tracking technologies:

• Essential cookies: Required for the Service to function;
• Analytics cookies: Track how you use the Service;
• Preference cookies: Remember your settings and preferences;
• Marketing cookies: Track you across websites for advertising purposes;
• Session cookies: Temporary cookies deleted when you close your browser;
• Persistent cookies: Remain on your device for a set period;

8.2 Third-Party Cookies

Third-party services may set cookies on your device, including:

• Google Analytics (analytics and advertising);
• GitHub (authentication and integration);
• Stripe (payment processing);
• PostHog (product analytics);
• Advertising networks (targeted ads);

8.3 Cookie Consent

By using the Service, you consent to our use of cookies and tracking technologies. While you may disable cookies through your browser settings, this may limit your ability to use certain features of the Service.

8.4 Do Not Track

We do not currently respond to "Do Not Track" signals. We may track your activity across websites and services for advertising and analytics purposes.

9. International Data Transfers

9.1 Cross-Border Transfers

Your information may be transferred to, stored in, and processed in countries other than your own, including the United States and other jurisdictions where our service providers operate. These countries may have different data protection laws than your jurisdiction.

9.2 Consent to Transfer

By using the Service, you expressly consent to the transfer of your information to other countries, including countries that may not provide the same level of data protection as your jurisdiction. You acknowledge that such transfers are necessary for the performance of the Service.

9.3 Legal Mechanisms

Where required by law, we use appropriate legal mechanisms for international data transfers, such as Standard Contractual Clauses or other approved transfer mechanisms. However, you acknowledge that these mechanisms may not fully eliminate the risks associated with international data transfers.

10. Your Rights and Choices

10.1 Access and Portability

Subject to applicable law, you may have the right to access, correct, or request a copy of your Personal Data. We may charge a reasonable fee for this service and may require verification of your identity. We reserve the right to deny requests that are unreasonably repetitive, excessive, or manifestly unfounded.

10.2 Correction and Updates

You may update certain account information through your account settings. However, you acknowledge that some information cannot be changed or deleted once provided.

10.3 Deletion and Erasure

You may request deletion of your account as described in Section 6.2. However, we may retain information as permitted or required by law, and deletion requests do not apply to aggregated or anonymized data.

10.4 Marketing Opt-Out

You may opt out of marketing emails by clicking the "unsubscribe" link in our emails. However, you cannot opt out of service-related communications necessary for the operation of your account.

10.5 Limitations on Rights

Your rights are subject to limitations and exceptions under applicable law. We may deny requests where permitted by law, including where disclosure would adversely affect the rights of others, reveal trade secrets, or interfere with legal proceedings.

11. Children's Privacy

11.1 Age Restrictions

The Service is not directed to individuals under 18 years of age (or the age of majority in your jurisdiction). We do not knowingly collect Personal Data from children.

11.2 Parental Rights

If you believe we have collected information from a child without proper consent, please contact us immediately. We will take reasonable steps to delete such information, but we make no guarantee that we can identify or delete all such information.

12. California Privacy Rights

12.1 CCPA Disclosures

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with specific rights regarding your Personal Data. These rights include:

• The right to know what Personal Data we collect, use, disclose, and sell;
• The right to request deletion of your Personal Data;
• The right to opt-out of the sale of your Personal Data;
• The right to non-discrimination for exercising your rights;

12.2 Sale of Personal Data

We do not sell Personal Data as defined by the CCPA. However, we may share information with third parties for advertising and analytics purposes, which may constitute a "sale" under certain interpretations of the CCPA. You may opt-out of such sharing by contacting us.

12.3 Shine the Light

California residents may request information about our disclosures of Personal Data to third parties for direct marketing purposes. To make such a request, please contact us.

13. European Privacy Rights (GDPR)

13.1 Legal Basis for Processing

If you are in the European Economic Area (EEA), we process your Personal Data based on:

• Your consent;
• Performance of a contract with you;
• Compliance with legal obligations;
• Legitimate interests, including improving the Service, fraud prevention, and security;

13.2 GDPR Rights

Under the GDPR, you have the right to:

• Access your Personal Data;
• Rectification of inaccurate data;
• Erasure ("right to be forgotten");
• Restriction of processing;
• Data portability;
• Object to processing;
• Withdraw consent at any time;
• Lodge a complaint with a supervisory authority;

13.3 Data Protection Officer

We have not appointed a Data Protection Officer. For privacy inquiries, please contact us at the email address provided in Section 17.

13.4 International Transfers

We transfer Personal Data outside the EEA as described in Section 9. By using the Service, you consent to such transfers.

14. Changes to This Privacy Policy

14.1 Right to Modify

We reserve the right to modify this Privacy Policy at any time, in our sole discretion, with or without notice. Changes will be effective immediately upon posting to the Service or at such later date as may be specified in the updated policy.

14.2 Notice of Changes

We may notify you of material changes via email, in-app notification, or by posting a notice on our website. However, you are responsible for regularly reviewing this Privacy Policy, and your continued use of the Service after changes are posted constitutes acceptance of the updated policy.

14.3 Retroactive Application

Changes to this Privacy Policy may apply retroactively to information collected prior to the change, to the extent permitted by law. If you do not agree with the updated policy, your sole remedy is to discontinue use of the Service.

15. Disclaimer of Liability

15.1 Data Breaches

WHILE WE IMPLEMENT REASONABLE SECURITY MEASURES, WE CANNOT GUARANTEE THAT UNAUTHORIZED ACCESS, HACKING, DATA LOSS, OR OTHER BREACHES WILL NEVER OCCUR. YOU ACKNOWLEDGE AND AGREE THAT YOU PROVIDE YOUR INFORMATION AT YOUR OWN RISK, AND WE SHALL NOT BE LIABLE FOR ANY DAMAGES ARISING FROM UNAUTHORIZED ACCESS TO OR DISCLOSURE OF YOUR INFORMATION.

15.2 Third-Party Actions

WE ARE NOT RESPONSIBLE FOR THE ACTIONS OF THIRD PARTIES, INCLUDING SERVICE PROVIDERS, INTEGRATED SERVICES, OTHER USERS, OR MALICIOUS ACTORS. YOU ACKNOWLEDGE THAT THIRD PARTIES MAY USE, DISCLOSE, OR MISUSE YOUR INFORMATION, AND WE SHALL NOT BE LIABLE FOR ANY SUCH USE, DISCLOSURE, OR MISUSE.

15.3 Accuracy of Information

WE DO NOT GUARANTEE THE ACCURACY, COMPLETENESS, OR RELIABILITY OF ANY INFORMATION GENERATED BY THE SERVICE, INCLUDING AI-GENERATED ANALYSES, SUGGESTIONS, OR INSIGHTS. YOU ACKNOWLEDGE THAT YOU ARE SOLELY RESPONSIBLE FOR VERIFYING THE ACCURACY OF ANY INFORMATION BEFORE RELYING ON IT.

15.4 Loss of Data

WE ARE NOT RESPONSIBLE FOR ANY LOSS OF DATA, INCLUDING ANALYSES, LOGS, OR OTHER CONTENT. YOU ARE SOLELY RESPONSIBLE FOR MAINTAINING BACKUPS OF YOUR DATA.

16. Limitation of Liability

16.1 Maximum Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, OUR TOTAL LIABILITY TO YOU FOR ANY CLAIMS ARISING FROM OR RELATED TO THIS PRIVACY POLICY OR THE PROCESSING OF YOUR PERSONAL DATA SHALL NOT EXCEED THE GREATER OF (A) $100 USD OR (B) THE AMOUNT YOU PAID US IN THE TWELVE (12) MONTHS PRECEDING THE CLAIM.

16.2 Excluded Damages

IN NO EVENT SHALL WE BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO LOSS OF PROFITS, DATA, USE, GOODWILL, OR OTHER INTANGIBLE LOSSES, EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

16.3 Force Majeure

We shall not be liable for any failure or delay in performance due to circumstances beyond our reasonable control, including but not limited to acts of God, war, terrorism, riots, embargoes, acts of civil or military authorities, fire, floods, accidents, pandemics, strikes, or shortages of transportation, fuel, energy, labor, or materials.

17. Contact Information

17.1 Privacy Inquiries

For questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

17.2 No Legal Advice

Nothing in this Privacy Policy constitutes legal advice. You should consult with your own legal counsel regarding your privacy rights and obligations.

18. Miscellaneous Provisions

18.1 Entire Agreement

This Privacy Policy, together with our Terms of Service, constitutes the entire agreement between you and us regarding privacy and data protection, and supersedes all prior or contemporaneous understandings or agreements.

18.2 Severability

If any provision of this Privacy Policy is found to be invalid or unenforceable, the remaining provisions shall remain in full force and effect, and the invalid provision shall be modified to the minimum extent necessary to make it valid and enforceable.

18.3 No Waiver

Our failure to enforce any provision of this Privacy Policy shall not constitute a waiver of that provision or our right to enforce it in the future.

18.4 Assignment

We may assign our rights and obligations under this Privacy Policy without your consent. You may not assign your rights or obligations without our prior written consent.

18.5 Survival

The provisions of this Privacy Policy that by their nature should survive termination shall survive any termination or expiration of your use of the Service, including but not limited to Sections 4, 5, 6, 7, 15, and 16.

18.6 Governing Law

This Privacy Policy shall be governed by and construed in accordance with the laws of [Your Jurisdiction], without regard to its conflict of law principles. You consent to the exclusive jurisdiction and venue of courts in [Your Jurisdiction] for any disputes arising from this Privacy Policy.

18.7 Arbitration

Any dispute arising from this Privacy Policy shall be resolved through binding arbitration in accordance with the rules of [Arbitration Association]. You waive your right to a jury trial and to participate in class actions.

19. Acceptance

BY USING THE SERVICE, YOU ACKNOWLEDGE THAT YOU HAVE READ AND UNDERSTOOD THIS ENTIRE PRIVACY POLICY AND AGREE TO BE BOUND BY ITS TERMS. IF YOU DO NOT AGREE, DO NOT USE THE SERVICE.