← Back to Ensemble

Privacy Policy

Last updated: April 3, 2026

What We Collect

When you sign in with GitHub, we store:

• Your GitHub profile information (username, avatar URL, user ID)
• Your GitHub OAuth access token (used to access repos you authorize)
• API keys you provide (Anthropic, OpenAI) for AI-powered reviews
• Ensemble API tokens generated for your account

What We Do NOT Collect

• We do not store your source code. Code is fetched on-demand during reviews and discarded after processing.
• We do not sell, share, or transfer your data to third parties for advertising or marketing purposes.

How We Use Your Data

Your data is used solely to provide the Ensemble service:

• GitHub tokens authenticate API calls on your behalf (fetching PRs, posting review comments)
• API keys are passed to AI providers to run code reviews
• Usage metrics (review counts, plan tier) enforce free-tier limits

Telemetry

Ensemble collects anonymous, aggregated usage telemetry (e.g., feature usage counts) to improve the product. Telemetry never includes code content, file names, or personally identifiable information. You can opt out at any time in Settings.

Data Retention

Your account data is retained as long as your account is active. Review results and signal data are stored until you delete them or close your account. You may request full data deletion by contacting us.

Security

All traffic is encrypted via HTTPS. OAuth tokens and API keys are stored in an encrypted database. Access is restricted to authenticated users only.

Contact

For questions about this policy, contact us at privacy@ensemblecode.dev.