HivarSoftHivarSoftTerms of Service →

Legal

Privacy Policy

Last updated: June 28, 2025

1. Overview

HivarSoft(“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share information when you use our products — including Notes AI and GitStats — and when you connect third-party services via OAuth (Google, GitHub, GitLab, Bitbucket).

We follow the principle of data minimisation — we only collect what is strictly necessary to provide the service you requested.

2. Information We Collect

2.1 Account Information

When you sign up or sign in via OAuth, we receive basic profile information from the provider you choose, including your name, email address, and profile picture. We use this information solely to create and manage your account.

2.2 OAuth Data — By Provider

🔐 Google

We receive the following data from Google upon authorisation:

  • • Name, email address, and profile picture (openid, email, profile scopes)
  • • A unique Google user identifier used to link your account

What we do NOT access: Gmail, Google Drive, Google Calendar, Contacts, or any other Google service data.

🐙 GitHub

For GitStats users who connect GitHub:

  • • GitHub username, avatar, and public profile information
  • • Repository names, commit history, branch names, author metadata, and file statistics (read-only)
  • • This data is processed to generate analytics and is not stored beyond the session or dashboard cache

What we do NOT access: repository secrets, GitHub Actions, Issues, Pull Request content, billing information, or SSH keys.

🦊 GitLab

For GitStats users who connect GitLab:

  • • GitLab username, email, and avatar (read_user scope)
  • • Commit logs, branch names, and contributor metadata (read_repository scope)

What we do NOT access: Merge Requests, CI/CD pipelines, container registry, or deployment keys.

🪣 Bitbucket

For GitStats users who connect Bitbucket:

  • • Bitbucket account username and avatar (account scope)
  • • Repository list, commits, branches, and file history (repositories read scope)

What we do NOT access: Bitbucket Pipelines, Deployments, Jira integrations, or team billing data.

2.3 Usage Data

We may collect anonymous usage data such as page views, feature interactions, and performance metrics to improve our products. This data is aggregated and cannot be used to identify individual users.

2.4 User-Generated Content

For Notes AI, the notes, drawings, and files you create are stored securely and associated with your account. This content is private to you and is never shared with other users or third parties without your explicit consent.

3. How We Use Your Information

  • To create and authenticate your account.
  • To provide and improve our services (e.g., generate Git analytics, serve your notes).
  • To communicate with you about your account or service updates.
  • To detect and prevent fraud, abuse, or security incidents.
  • To comply with legal obligations.

We do not sell, rent, or trade your personal data to third parties for marketing purposes.

4. Data Storage and Security

Your data is stored on secure servers. We implement industry-standard technical and organisational measures to protect your information against unauthorised access, disclosure, alteration, or destruction, including:

  • HTTPS encryption for all data in transit.
  • Encrypted storage for OAuth access tokens.
  • Access controls limiting data access to authorised personnel only.
  • Regular security reviews of our codebase and infrastructure.

5. Data Retention

We retain your account data for as long as your account is active or as needed to provide you with services. Git repository data imported for analytics purposes is processed in-session and is not permanently stored beyond your dashboard. Upon account deletion, your personal data is removed within 30 days, except where retention is required by law.

6. Your Rights

You have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your account and associated data.
  • Withdraw OAuth consent at any time via your provider's app authorisation settings.
  • Object to or restrict certain processing of your data.
  • Lodge a complaint with a data protection authority.

To exercise any of these rights, contact us at hitesh.k.83080@gmail.com.

7. Revoking OAuth Access

You can revoke our access to your connected accounts at any time:

GoogleRevoke →GitHubRevoke →GitLabRevoke →BitbucketRevoke →

8. Cookies and Tracking

We use essential cookies to maintain your authenticated session. We do not use third-party advertising cookies or cross-site tracking. You can control cookies through your browser settings, though disabling essential cookies may affect service functionality.

9. Third-Party Services

Our services may rely on trusted third-party infrastructure providers (e.g., cloud hosting). These providers are bound by data processing agreements and are not permitted to use your data for their own purposes. We do not integrate third-party advertising networks or sell data to data brokers.

10. Children's Privacy

Our services are not directed to children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by updating the “Last updated” date at the top of this page. Your continued use of our services after any changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us:

Company: HivarSoft

Website: https://hivarsoft.com

Email: hitesh.k.83080@gmail.com