Privacy Policy

Effective: April 2026

What We Collect

When you install MatrixReview on a GitHub repository, we access:

What We Store

What We Do Not Store

What We Do Not Do

Third-Party Services (Subprocessors)

MatrixReview uses the following third-party services to operate. A complete subprocessor list is maintained on our Security page.

Data Retention

Documentation and review metadata are retained as long as the GitHub App is installed on your repository. PR diff data is automatically purged after 30 days. You may request full data deletion at any time by contacting us or using the data deletion endpoint. Uninstalling the app triggers deletion of all stored data associated with your repository.

Your Rights

Under GDPR and applicable privacy regulations, you have the right to:

A Data Processing Agreement (DPA) is available on request for customers requiring formal documentation of our processing relationship.

Security

All data is encrypted at rest (AES-256 via SQLCipher) and in transit (HTTPS/TLS). All data access is logged in an append-only audit trail. Infrastructure access is restricted to the founder. For full details, see our Security page.

Contact

For privacy questions, data deletion requests, or DPA inquiries: admin@matrixreview.io