Privacy Policy

1. Scope

RepoWiki is a private documentation service for teams. This policy covers the RepoWiki website, product workspaces, contact paths, support interactions, and security reporting. Workspace content belongs to the customer or user who provides it, and access should remain limited to authorized workspace members and administrators.

2. Information RepoWiki may collect

• Account information, such as name, email address, authentication identifiers, role, organization, and workspace membership.
• Workspace and repository information, such as workspace name, project name, repository name, branch, path, commit identifier, content hash, sync status, and access settings.
• Documentation content that users publish or sync into RepoWiki, including Markdown, MDX, runbooks, architecture notes, and related repository material.
• Usage and diagnostic data, such as pages viewed, search activity, feature usage, browser type, device information, IP address, log events, error reports, and performance signals.
• Communications, such as contact form submissions, support requests, security reports, feedback, and related follow-up messages.
• Billing or commercial information if paid features are offered, usually handled with payment processors or other service providers rather than stored directly by RepoWiki.

3. Sources of information

• Information provided directly by users, workspace administrators, and people who contact RepoWiki.
• Information generated through product use, such as sync activity, search activity, access events, diagnostics, and logs.
• Information received from connected services when users authorize integrations, such as repository hosts, identity providers, deployment platforms, or payment providers.
• Information created by RepoWiki while operating the service, such as content indexes, metadata, derived diagnostics, security events, and support records.

4. Sensitive information

RepoWiki is not intended for highly sensitive personal information, regulated health information, payment card data, government identifiers, private keys, passwords, access tokens, or production credentials. If sensitive information is accidentally submitted, remove it where possible and report urgent security concerns to security@repowiki.dev.

5. How RepoWiki uses information

• Provide, maintain, secure, and improve RepoWiki workspaces and related product features.
• Authenticate users, manage workspace access, enforce permissions, and support administrators.
• Sync, index, render, and search documentation with source details attached.
• Respond to product inquiries, support requests, privacy questions, and security reports.
• Monitor reliability, diagnose bugs, prevent abuse, investigate suspicious activity, and protect users and the service.
• Comply with legal obligations, enforce terms and policies, and preserve records where required.

6. Private workspace content and AI use

RepoWiki does not sell private workspace content, use private workspace content for advertising, or make private workspace content public except at the direction of authorized users or as required by law. RepoWiki does not use private workspace content to train public foundation models unless a customer enables a feature, integration, or separate agreement that expressly permits that use.

7. When information may be shared

• Service providers that help host, operate, secure, analyze, support, or improve RepoWiki, under appropriate confidentiality and security obligations.
• Workspace administrators and authorized members according to workspace settings and product permissions.
• Repository, identity, deployment, analytics, payment, or communication providers when customers connect those services or when they are needed to operate RepoWiki.
• Authorities, courts, or other parties when disclosure is required by law, needed to protect rights or safety, or necessary to investigate abuse.
• A successor organization if RepoWiki is involved in a merger, acquisition, financing, reorganization, or sale of assets, subject to continued protection of personal information.
• Other parties with consent or at the direction of the customer or user.

8. Sale, sharing, and advertising

RepoWiki does not sell personal information for money. RepoWiki also does not sell or share private workspace content for cross-context behavioral advertising. If RepoWiki later offers advertising, marketing, analytics, or integration features that legally count as a sale or sharing of personal information, RepoWiki will provide the required notice and choice mechanisms before using those features for that purpose.

9. Regional privacy rights

Depending on where a user lives and which privacy laws apply, users may have rights to know, access, correct, delete, export, restrict, object to, or opt out of certain processing of personal information. California residents may also have rights to know categories of personal information collected, sources, business or commercial purposes, categories of recipients, sale or sharing status, sensitive personal information use, and retention criteria. Requests can be sent to hello@repowiki.dev or through the contact page.

10. Customer-controlled workspace data

RepoWiki primarily provides the service to organizations. For workspace content controlled by a customer organization, RepoWiki may act on that organization's instructions, and the organization may be responsible for responding to member, employee, contractor, or end-user requests. RepoWiki may redirect certain requests to the relevant workspace administrator.

11. Security safeguards

RepoWiki uses reasonable administrative, technical, and organizational safeguards for personal information and private workspace content. No internet service can guarantee perfect security. Report suspected vulnerabilities or private-content exposure to security@repowiki.dev.

12. Retention and deletion

• Account and workspace records are kept while an account or workspace is active and for a reasonable period afterward for security, audit, legal, and business purposes.
• Workspace content and indexes are kept while needed to provide the service and may remain for a limited period in backups, logs, or recovery systems after deletion.
• Contact, support, and security reports are kept while needed to respond, maintain business records, investigate issues, and protect the service.
• Diagnostic logs and security records are kept for reliability, abuse prevention, incident response, legal compliance, and service improvement.
• RepoWiki uses retention criteria based on the type of information, sensitivity, legal requirements, customer instructions, backup cycles, and whether the information is needed for security, disputes, or enforcement.

13. Choices and privacy requests

• Users may request access, correction, export, deletion, or restriction of personal information where applicable.
• Workspace administrators may be responsible for responding to requests about workspace content controlled by their organization.
• Marketing emails, if any, will include an unsubscribe path or can be addressed through hello@repowiki.dev.
• RepoWiki may need to verify a request before acting on it and may retain information when required or permitted by law.

14. Cookies, analytics, and tracking choices

RepoWiki may use essential cookies, local storage, and similar technologies for authentication, session security, preferences, analytics, and service reliability. Other parties may collect information through connected services, analytics, or embedded tools if those services are enabled. Browser Do Not Track signals are not treated as a reliable universal standard. If a legally required opt-out preference signal applies to RepoWiki, RepoWiki will handle it as required by applicable law.

15. Children, international use, and changes

RepoWiki is not directed to children under 13. RepoWiki may process information in countries where RepoWiki, its providers, or customers operate. This policy may change as the product, law, or data practices change; material updates will be reflected by changing the date on this page or by another appropriate notice.