Repo Cleaner

Privacy Policy

Last updated: January 2024

Overview

GitHub Repo Cleaner is designed with privacy in mind. We do not store any user data, repository information, or access tokens in any database.

Data We Access

When you sign in with GitHub, we request access to:

  • Your GitHub user profile (username, email, avatar)
  • Your repository list (names, descriptions, visibility)
  • Permission to delete repositories on your behalf

Data We Store

We do not store any data. Specifically:

  • No database is used
  • Repository data is fetched on-demand and never persisted
  • Your GitHub access token is stored only in an encrypted HTTP-only session cookie
  • The session cookie expires after 1 hour

Cookies

We use a single session cookie to maintain your authentication state. This cookie:

  • Is HTTP-only (cannot be accessed by JavaScript)
  • Is encrypted
  • Uses SameSite=Lax for CSRF protection
  • Is marked Secure in production (HTTPS only)
  • Expires after 1 hour or when you sign out

Analytics

We use Vercel Analytics to understand basic usage patterns. This collects:

  • Page views (anonymized)
  • Geographic region (country-level)
  • Device type and browser

No personal information or repository names are sent to analytics.

Third Parties

We interact with the following third-party services:

  • GitHub: For authentication and repository operations
  • Vercel: For hosting and analytics

Your Rights

Since we don't store your data, there is nothing to delete or export. You can revoke this application's access to your GitHub account at any time from your GitHub settings.

Contact

If you have questions about this privacy policy, please open an issue on our GitHub repository.