This Privacy Policy explains how Revset ("Company," "we," "us," or "our") collects, uses, discloses, and protects information in connection with Revset, our websites, applications, developer tools, APIs, hosted services, and related services (collectively, the "Services").
By using the Services, you acknowledge this Privacy Policy.
1. Information We Collect
We may collect information directly from you, automatically through the Services, from your organization, from identity providers, and from third-party services you connect to the Services.
Information we collect may include:
- Account information, such as name, email address, username, organization, role, profile details, authentication identifiers, and account preferences.
- Authentication and security information, such as session data, access tokens, SSH public keys or key fingerprints, login events, IP addresses, and security logs.
- Repository and developer content, such as repository names, namespaces, commit metadata, branches, tags, diffs, source code, files, comments, review activity, submissions, and related project data that you or your organization submit to the Services.
- Usage information, such as pages viewed, features used, actions taken, timestamps, referring URLs, diagnostics, crash data, and performance information.
- Device and technical information, such as browser type, operating system, device identifiers, IP address, approximate location, and network information.
- Communications, such as support requests, feedback, survey responses, and messages you send to us.
- Payment and commercial information, if applicable, such as billing details, subscription plan, transaction history, and related records. Payment card details may be processed by our payment providers rather than stored by us.
- Information from third-party integrations, such as identity providers, code hosting tools, infrastructure providers, analytics tools, or other services you choose to connect.
You are responsible for ensuring that you have the rights and permissions necessary to submit repository content, personal information, confidential information, or third-party data to the Services.
2. How We Use Information
We may use information for the following purposes:
- To provide, operate, maintain, secure, and improve the Services.
- To create and manage accounts, organizations, repositories, permissions, sessions, and authentication.
- To process repository content, commits, diffs, submissions, reviews, and related developer workflows.
- To monitor, prevent, investigate, and respond to fraud, abuse, security incidents, policy violations, and technical issues.
- To analyze usage, measure performance, debug errors, develop new features, and improve our products.
- To communicate with you about the Services, including support, updates, security notices, administrative messages, and product information.
- To personalize or configure the Services for users and organizations.
- To enforce our agreements, terms, policies, and legal rights.
- To comply with legal obligations, law enforcement requests, court orders, and regulatory requirements.
- For other purposes disclosed to you or permitted by law.
Where permitted by law and applicable agreements, we may use information, including repository and developer content, to develop, test, analyze, train, improve, or support automated systems, security tools, product features, and service reliability. We may also create aggregated, de-identified, or anonymized information and use it for any lawful business purpose.
3. How We Disclose Information
We may disclose information to:
- Service providers and vendors who help us host, operate, secure, analyze, support, market, or improve the Services.
- Identity, authentication, infrastructure, database, analytics, monitoring, payment, customer support, and communications providers.
- Your organization, workspace administrators, repository owners, or authorized users, depending on your account settings, permissions, and use of the Services.
- Third-party integrations that you or your organization enable.
- Professional advisors, such as lawyers, auditors, insurers, accountants, and consultants.
- Government authorities, law enforcement, courts, regulators, or other parties where we believe disclosure is required or appropriate.
- Parties involved in an actual or potential merger, acquisition, financing, reorganization, bankruptcy, sale of assets, or similar transaction.
- Other parties with your consent or at your direction.
We do not sell personal information for money. However, some privacy laws define "sale," "sharing," or "targeted advertising" broadly. If we engage in activities that require opt-out rights under applicable law, we will provide the required notices and choices.
4. Cookies and Similar Technologies
We and our service providers may use cookies, local storage, pixels, SDKs, and similar technologies to operate the Services, remember preferences, authenticate users, secure accounts, analyze usage, and improve performance.
You can control cookies through your browser settings, but disabling cookies may affect Service functionality.
5. Data Retention
We retain information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to provide the Services, comply with legal obligations, resolve disputes, enforce agreements, maintain security, preserve backups, and support legitimate business needs.
Retention periods may vary depending on the type of information, account status, organization settings, contractual requirements, legal obligations, and technical constraints.
6. Security
We use reasonable administrative, technical, and organizational safeguards designed to protect information. However, no method of transmission, storage, or processing is completely secure. You are responsible for maintaining the confidentiality of your credentials, access tokens, SSH keys, devices, and account access.
7. Your Choices and Rights
Depending on your location, you may have rights to access, correct, delete, port, restrict, or object to certain processing of your personal information. You may also have the right to opt out of certain disclosures or uses.
To make a request, contact us at legal@revset.dev. We may need to verify your identity and authority before processing your request. We may decline or limit requests where permitted by law, including when information is needed for security, legal compliance, internal operations, contractual obligations, or to provide the Services.
If you use the Services through an organization, we may direct your request to that organization or require that you contact the organization directly.
8. California Privacy Notice
If the California Consumer Privacy Act, as amended, applies to our processing of your personal information, California residents may have specific rights, including the right to know, access, correct, delete, and opt out of certain sales or sharing of personal information, and the right not to be discriminated against for exercising privacy rights.
In the preceding 12 months, we may have collected the categories of personal information described in Section 1, from the sources described in Section 1, for the purposes described in Section 2, and disclosed them to the categories of recipients described in Section 3.
We do not knowingly sell personal information for money. If our practices change in a way that requires additional California notices or opt-out rights, we will provide them as required by law.
9. International Users
The Services may be hosted and operated in the United States and other countries. If you access the Services from outside your country of residence, your information may be transferred to, stored in, or processed in countries that may have different data protection laws than your jurisdiction.
10. Children
The Services are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, contact us at legal@revset.dev.
11. Third-Party Services
The Services may contain links to or integrations with third-party services. We are not responsible for the privacy practices, security, or content of third-party services. Your use of third-party services is governed by their own terms and privacy policies.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. The updated version will be indicated by an updated "Last Updated" date. Your continued use of the Services after an update means you acknowledge the revised Privacy Policy. If required by law, we will provide additional notice or obtain consent for material changes.
13. Contact Us
If you have questions about this Privacy Policy or our privacy practices, contact us at:
RevsetNew York, NY
legal@revset.dev