Privacy Policy (GitGlow)
Last Updated: 18.02.2026
This Privacy Policy explains how GitGlow ("we", "us", "our") processes personal data when you use the GitGlow desktop application and related services (the "Service").
1. Data Controller
Stoyan Korudzhiev
Sofia, Bulgaria 1324
Email: skorudzhiev@gmail.com
2. What We Process
2.1 Local Repository Data (Processed on Your Device)
GitGlow analyzes Git repositories you select, which may include Git metadata such as:
- Commit hashes
- Author names (as recorded in commits)
- Commit dates and times
- Commit messages
- Branch names
- File change statistics (e.g., additions, deletions)
By default, this information is processed locally on your device.
We do not upload or store your source code on our servers unless you enable a feature that explicitly requires it.
2.2 GitHub Integration (Optional)
If you choose to connect GitGlow to GitHub, we may process data retrieved through GitHub’s API according to the permissions you grant, such as:
- Your GitHub username
- Repository metadata (e.g., repository name)
- Commit and activity metadata
- Pull request metadata (where applicable)
You can revoke GitGlow’s access at any time via your GitHub account settings.
GitGlow is not affiliated with or endorsed by GitHub, Inc.
2.3 Payments (If Applicable)
If you purchase paid features, payments are handled by third-party payment processors.
We do not store:
- Full card numbers
- CVV codes
We may process or retain:
- Subscription status
- Transaction identifiers
- Billing email address (if provided)
- Records required for accounting and tax compliance
2.4 Technical Data (Limited)
We may process limited technical data necessary to operate and improve the Service, such as:
- App version
- Operating system
- Basic diagnostics or error logs (if enabled)
3. Purposes of Processing
We process data to:
- Provide and operate the Service
- Enable optional GitHub integration (if you choose it)
- Provide paid features and manage subscriptions (if applicable)
- Improve stability, performance, and user experience
- Comply with legal obligations
4. Legal Bases (GDPR)
Where the GDPR applies, we rely on one or more of the following legal bases:
- Contract: to provide the Service you request
- Legitimate interests: to maintain, secure, and improve the Service
- Legal obligations: for compliance (e.g., tax/recordkeeping)
- Consent: where required, and only if you provide it
5. Data Retention
- Local repository data remains on your device unless you choose to export or share it
- GitHub access tokens (if used) are stored securely on your device and can be revoked
- Payment-related records are retained as required by applicable law
6. Sharing and Third Parties
We do not sell personal data.
We may share data with:
- Payment processors (if applicable)
- Infrastructure or service providers necessary to deliver the Service
- Authorities where required by law
7. International Transfers
If personal data is transferred outside the EU/EEA (for example, through third-party providers), we rely on appropriate safeguards such as:
- Adequacy decisions, or
- Standard Contractual Clauses (SCCs), where applicable
8. Your Rights (EEA/UK Users)
If you are in the EEA/UK, you may have the right to:
- Access your personal data
- Correct inaccurate data
- Request deletion
- Restrict processing
- Object to processing
- Data portability
- Lodge a complaint with a supervisory authority
To exercise your rights, contact: skorudzhiev@gmail.com
9. Security
We implement reasonable technical and organizational measures to protect personal data. However, no method of transmission or storage is completely secure.
10. Children
The Service is not intended for individuals under 16 years of age, and we do not knowingly collect personal data from children.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. When we do, we will update the "Last Updated" date above. Your continued use of the Service after changes become effective constitutes acceptance of the updated policy.