Effective Date: March 3, 2026
At Diffyne, we believe that your code is your business. This Privacy Policy explains how we collect, use, and protect your information when you use our website and automated changelog generation service.
1. Our “Zero Source Code” Philosophy
We have designed our architecture to minimize data access. We do not request, require, or store access to your source code. To generate changelogs, we only process metadata:
- Pull Request titles and descriptions
- Commit messages
- Branch names and tag references
- Author usernames (for attribution)
2. Information We Collect
Account Information: When you sign up, we collect your name, email address, and billing information (processed securely by our payment provider). Integration Data: We connect to your Git provider (e.g., GitHub, GitLab) using fine-grained, read-only permissions limited strictly to repository metadata and webhooks. Usage Data: We collect standard telemetry data (IP addresses, browser types, interaction with our dashboard) to monitor service health and improve user experience.
3. How We Use Your Data
- To automatically generate release notes and changelogs.
- To authenticate your account and process payments.
- To deliver transactional emails, service alerts, and support.
- To prevent fraud and abuse of our API.
4. Third-Party AI Processors
To generate human-readable summaries, we securely transmit your Git metadata (commit messages, PR descriptions) to enterprise-tier AI providers (such as OpenAI or Anthropic).
- Data is transmitted via encrypted APIs.
- Zero Retention: Our agreements strictly prohibit these providers from using your data to train their public or private models. Data is deleted from their servers immediately after processing.
5. Data Retention and Deletion
We retain your generated changelogs and account information for as long as your account is active. If you delete your account, we will permanently purge your repository metadata, webhooks, and generated content from our active databases within 30 days.
6. Your Rights
Depending on your location (e.g., GDPR in Europe, CCPA in California), you have the right to access, correct, export, or delete your personal data. You can execute these rights directly from your account settings or by contacting us.
7. Changes to This Policy
We may update this policy periodically. If we make significant changes, we will notify you via email or through a prominent notice on our platform.
8. Contact Us
For any privacy-related questions or data deletion requests, please contact our privacy team at: [email protected]