← Back to homeLast updated: April 2026
Privacy Policy
1. Who We Are
ContextBot is a SaaS tool that helps developers understand GitHub repositories by searching PR history using AI. The service is operated by an individual developer.
- Website: www.contextbot.io
- Contact: support@contextbot.io
2. What Data We Collect
Account data
- Email address, collected via Supabase Auth during registration
GitHub data
- Repository names, PR titles, commit messages, and README content fetched in real-time from the GitHub API
- We do not store your code
Usage data
- Questions asked, answers received, and chat session history
Payment data
- Payments are handled entirely by Stripe. We store only your Stripe customer ID.
- We never see or store your card details.
GitHub tokens
- Personal Access Tokens are stored encrypted in our database using AES-256 encryption
3. How We Use Your Data
- To provide the ContextBot service
- To enforce plan limits (Free vs Pro)
- To send transactional emails (password reset, account confirmation) via Resend
- To process payments via Stripe
- We never sell your data to third parties
- We never use your data to train AI models
4. Third-Party Services
We use the following third-party services to operate ContextBot:
- Supabase – database and authentication, hosted on EU servers
- Anthropic Claude API – AI responses. Your questions and GitHub context are sent to Anthropic's API to generate answers
- Stripe – payment processing
- Vercel – application hosting
- Resend – transactional emails only
- GitHub API – repository data fetched in real-time on your behalf
5. Data Retention
- Account data is kept until you delete your account
- Chat history is kept until you delete it or your account
- Free plan: no automatic deletion of history
- Pro plan: history retained indefinitely
- After account deletion: all personal data is permanently deleted within 30 days
6. Your Rights (GDPR)
If you are located in the European Union, you have the following rights:
- Access your personal data
- Correct inaccurate data
- Delete your account and all associated data — available in Dashboard → Settings → Danger Zone
- Export your data — contact support@contextbot.io
- Object to processing
7. Cookies
We use only essential cookies required for authentication (Supabase session cookie). We do not use tracking, analytics, or advertising cookies.
8. Security
- Passwords are hashed by Supabase Auth and never stored in plain text
- GitHub tokens are encrypted with AES-256
- All data is transmitted over HTTPS
- Database access is restricted by Row Level Security (RLS)
9. Contact
For privacy questions or data requests, contact us at support@contextbot.io. We respond within 48 hours.