1. Introduction

RepoFlux ("we," "our," or "us") is a zero-backend, client-side application. We respect your privacy and are committed to protecting it through our compliance with this policy.

2. Zero-Backend Architecture

RepoFlux is uniquely designed to operate without a centralized backend server. All repository management, token handling, and configuration occur strictly within your browser environment and your personal GitHub Actions runners.

3. Data Collection and Processing

Personal Data: We do not collect, store, or transmit your personal data to any server owned or controlled by us. Your GitHub Personal Access Token (PAT) is stored exclusively in your browser's localStorage.

GitHub Data: RepoFlux interacts with the GitHub API directly from your browser. We do not intermediate this connection. Your repository data, code, and workflow logs stay within the GitHub ecosystem.

4. Security and Encryption

We use industry-standard encryption (TweetNaCl sealed boxes) to encrypt any secrets before they are transmitted to the GitHub API. This ensures that your API keys and sensitive configuration are never exposed in transit or stored in plaintext.

5. Third-Party Services

RepoFlux facilitates connections to third-party AI providers (e.g., Google AI Studio, Anthropic, OpenRouter). Your use of these services is subject to their respective privacy policies. We do not have access to the data sent to or received from these providers.

6. Contact Us

If you have any questions about this Privacy Policy, you can contact us at: support@repoflux.oriz.in