Privacy Policy for PR Review Buddy

PR Review Buddy ("we", "our", or "the extension") is designed to enhance your GitHub Pull Request workflow while maintaining the highest standards of privacy and security.

Last updated: December 30, 2024

What Information We Collect

1. User-Provided Information

The extension requires a GitHub Personal Access Token to function
The token is:
- Stored securely in Chrome's local storage (chrome.storage.sync)
- Encrypted by Chrome's built-in security mechanisms
- Used solely for authenticating with GitHub's API
- Never transmitted to any servers other than GitHub's API
- Removable at any time through the extension options
- Not shared with any third parties

2. Automatically Collected Information

Technical Data:
- HTTP request logs when accessing GitHub API
- Extension error logs for debugging
- Chrome installation and crash data (collected by Chrome Web Store)
Repository Data (only when using features):
- Pull request information
- File contents and diffs
- Repository metadata
- Commit information

3. Permission-Based Access

We collect information through Chrome permissions:

activeTab: To interact with GitHub PR pages
storage: To store your GitHub token
clipboardWrite: To copy generated content
GitHub API access: To fetch PR information

How We Use Your Information

1. GitHub Token Usage

Authenticate with GitHub API
Access authorized repositories
Verify permissions
We never use your token for:
- Marketing
- Analytics
- Third-party services

2. Repository Data Usage

Generate PR summaries
Display file changes in sidebar
Enable copy functionality
All processing happens:
- Locally in your browser
- Only when you use features
- Without permanent storage

3. Technical Data Usage

Debug extension issues
Improve functionality
Ensure security
No tracking or analytics

We only share information with:

GitHub API (api.github.com)
GitHub Raw Content (raw.githubusercontent.com)
GitHub Patch-Diff API (patch-diff.githubusercontent.com)

Information is shared:

Only during active feature use
Only with GitHub's API endpoints
Only for repositories you're authorized to access
Never with other third parties
Never for commercial purposes

Security Measures

HTTPS-only communication
Secure token storage
Local processing
No external dependencies
No data persistence

Your Rights and Controls

You Can:

Remove your GitHub token anytime
Control extension permissions
Access your GitHub data settings
Uninstall the extension
Report concerns

Data Retention

Token: Stored until removed
Repository data: Not stored
Technical logs: Minimal retention

Chrome Web Store Data

Google's Chrome Web Store may collect:

Installation statistics
Crash reports
Basic usage data This collection is managed by Google's privacy policy, not us.

Third-Party Services

The only external service we interact with is GitHub's API:

For accessing repository data
Using your provided token
Following GitHub's API terms

Security Practices

We implement security best practices:

Secure token storage
HTTPS-only communication
Minimal permissions
Local processing
No tracking

Feature-Specific Data Handling

"Prepare Summary" Feature

Accesses: PR diff data
Processing: Local browser only
Output: Clipboard text
Storage: None

"Explore Changes" Feature

Accesses: File contents and changes
Processing: Local browser only
Output: Clipboard text and visual display
Storage: None

Compliance

This extension complies with:

Chrome Web Store Developer Program Policies
GitHub API Terms of Service
General Data Protection Regulation (GDPR) principles

Changes to This Policy

We will notify users of significant changes through:

Extension update notes
Chrome Web Store listing updates

Contact

For any privacy-related questions or concerns, please contact us at: dev@klolabs.com

Last updated 8 days ago