Legal

Privacy Policy

Last updated: February 1, 2026

1. Introduction

DevLens ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our code review platform, website, CLI tool, and related services (collectively, the "Service").

2. Information We Collect

2.1 Account Information

When you create an account, we collect your name, email address, and GitHub profile information (via OAuth). We also store your organization name and team membership details.

2.2 Code Data

When you connect a repository, we receive pull request diffs and file contents via GitHub webhooks. This data is processed in memory for review and is not stored permanently unless you opt into review history. For self-hosted deployments, code never leaves your infrastructure.

2.3 Usage Data

We collect anonymized usage metrics: number of reviews, languages used, response times, and feature usage. This data helps us improve the service and is never sold to third parties.

3. How We Use Your Information

  • To provide and maintain the Service
  • To process code reviews and generate feedback
  • To send you notifications about review results
  • To monitor and analyze usage trends and improve the Service
  • To detect, prevent, and address security issues
  • To comply with legal obligations

4. Data Retention

Code diff data is processed transiently and deleted after review completion (typically within 1 hour). Review comments and metadata are retained for as long as your account is active. You can request deletion of all data at any time by contacting us.

5. Third-Party Services

DevLens integrates with third-party services including GitHub (for repository access), LLM providers (for AI analysis), and optional notification channels (Slack, Discord, Mattermost, email). Each integration only receives the minimum data required to function. For self-hosted deployments, you control all integrations.

6. Data Security

We implement industry-standard security measures including encryption in transit (TLS 1.3), encryption at rest, API key authentication, role-based access control, rate limiting, and regular security audits. See our Security page for details.

7. Your Rights

You have the right to access, correct, or delete your personal data at any time. You can also export your review history and analytics data. To exercise these rights, contact us at info@devlens.xyz.

8. Contact

For any questions about this Privacy Policy, please contact us at info@devlens.xyz or visit our Contact page.