1. Introduction

Gitset.dev ("we," "our," "us") is committed to protecting your privacy. This Privacy Policy outlines how we collect, use, and safeguard your information when you use Gitset.dev, including when you authenticate through OAuth with GitHub and utilize our comprehensive suite of AI-driven development tools.

By using Gitset.dev, you consent to the practices described in this Privacy Policy. If you do not agree with any part of this policy, please refrain from using our services.

2. Information We Collect

Gitset.dev collects limited information to provide services effectively and securely. This includes:

Authentication Data: When you log in via OAuth, Gitset.dev collects the necessary information for authentication. This includes your GitHub username, repository access rights, and other metadata provided by GitHub via OAuth.

Token Usage Data: We collect and store token consumption data to manage your subscription plan, track usage against your allocated limits, and provide real-time usage information within each Gitset tool after every AI operation.

Subscription Information: Payment and subscription data is processed and managed exclusively by Lemon Squeezy, LLC. We receive only the necessary subscription status information to provide appropriate service levels.

3. Use of Your Data

We use your data solely for the purpose of providing the functionalities offered by Gitset.dev. This includes all 9 AI-driven tools: README generation, commit message generation, issue crafting, pull request management, code decommenting, dependency handling, release management, .gitignore building, and MCP integration. Additionally, we use data for OAuth authentication management and token-based usage tracking.

While using Gitset.dev, the platform does not store or retain any content data associated with its features beyond what is necessary for immediate processing. Generated content such as README files, commit messages, issue descriptions, pull request content, processed code, and dependency configurations are created on-demand and are not stored on our servers after delivery to the user.

Temporary Processing Data: When using any of our AI-driven tools, the content you submit (code, repository data, text) is temporarily processed in memory only for the duration of the operation. This content is not stored, logged, or retained after processing is complete and results are delivered.

Token Usage Tracking: We maintain real-time records of token consumption per tool and operation to ensure accurate billing, prevent overages, and provide transparent usage information displayed after each AI operation within the respective tools. This data is essential for the operation of our fair token-based pricing system.

4. Data Security

We take comprehensive precautions to protect your information, including the use of encryption, secure access protocols, and high-performance Turso database integration for sensitive user data and token tracking. Our modular, service-oriented architecture ensures clear separation of concerns between public and protected services with multiple security layers.

Logs and Authentication Records: Gitset.dev maintains logs for user authentication activities, token usage validation, and system security monitoring. These logs are used solely for security, compliance, and service optimization purposes and are not used for any other purpose.

Cross-Platform Security: Our MCP integration and desktop applications maintain the same security standards as our web platform, with shared token systems that ensure consistent protection across all access methods.

5. Third-Party Services

Gitset.dev relies on third-party services for authentication, AI processing, and payment management. By using our services, you consent to the following third-party integrations:

GitHub OAuth: For authentication and repository access. We encourage you to review GitHub's Privacy Statement and Terms of Service.

Google Gemini AI: Our service uses Google Gemini AI for all content generation across our 9 tools. While Gitset.dev does not store any interactions with the AI, Google may collect and retain this data according to their policies. For more information about how Google handles this data, please refer to their Privacy Policy and Gemini Privacy Notice.

Lemon Squeezy: For subscription management and payment processing. All payment data is handled exclusively by Lemon Squeezy according to their privacy policies and terms of service. Please review their Privacy Policy and Terms of Service.

Turso Database: For high-performance token tracking and user management. Data stored in Turso is encrypted and accessed only for service provision and usage validation.

6. Use of Cookies and Tracking Technologies

Gitset.dev uses cookies to improve your experience, particularly for maintaining authentication sessions, managing token usage validation, and enhancing service quality across all our tools. Cookies are small data files stored on your device that help us analyze platform usage and optimize our AI-driven features.

You may disable cookies through your browser settings, but doing so may affect your ability to use certain features of the platform, including authentication, token tracking, and usage validation.

7. Revocation of Access

Users may revoke access granted to Gitset.dev at any time from Settings page on Gitset.dev, navigating to the "Connected Accounts" section, and selecting "Revoke GitHub Access". Additionally, users can manage OAuth applications directly through GitHub's settings. TO REVOKE ACCESS, CLICK ON 'Gitset.DEV' IN THE LIST OF AUTHORIZED APPLICATIONS, SELECT THE THREE DOTS, AND CHOOSE 'REVOKE'. CONFIRM YOUR ACTION.

Revoking access will immediately disable all OAuth functionality provided by Gitset.dev, including access to private repositories and authenticated features across all our tools. However, public features and .gitignore builder will remain accessible.

8. Data Retention

Gitset.dev does not retain any user-generated content beyond what is necessary for authentication, basic logging, and token usage tracking. If you lose access to any AI-generated content such as commit messages, README files, issue descriptions, or processed code, Gitset.dev cannot retrieve that information as it is not stored on our servers.

Token Usage Data Retention: Token consumption records are maintained for billing accuracy, usage information, and fraud prevention. This data is kept for the duration of your subscription plus applicable legal retention periods for financial records.

Authentication Data Retention: Authentication sessions and related security logs are retained for security monitoring and compliance purposes. Upon account deletion or access revocation, this data is removed according to our data retention schedule.

9. Desktop Application and Cross-Platform Privacy

Desktop Application: Our desktop application for Windows, macOS, and Linux maintains the same privacy standards as our web platform. The desktop app does not collect additional data beyond what is described in this policy and shares the same token-based usage system with the web platform.

MCP Integration: Our Model Context Protocol integration for terminal and IDE usage will maintain equivalent privacy protections. Local MCP agents will not store or transmit data beyond what is necessary for immediate processing, maintaining the same no-retention policy for generated content.

10. Changes to the Privacy Policy

Gitset.dev reserves the right to modify this Privacy Policy at any time. Any changes will be posted on this page, and the revised policy will take effect immediately upon posting. Significant changes affecting data collection or usage will be communicated through platform notifications or email. By continuing to use the platform after such updates, you accept the revised terms.