Privacy Policy

Code Review AI ("the Extension", "we", "us") is a Chrome extension designed to assist developers by providing AI-powered code reviews directly on pull/merge request pages. We take your privacy seriously. This Privacy Policy explains what data we collect, how it is used, and with whom it is shared.

1. Information We Collect

1.1 User Authentication Information

When you sign in using Google or other Firebase Authentication providers, we may receive the following information:

• Email address - actively used for product-related features such as: account identification, enforcing daily limits, and determining the user's subscription tier
• Name and profile picture - only used to display your name and profile picture inside the extension UI; we do not process or store it for any other purpose
• Additional profile information - returned by the authentication provider (such as birthday or profile picture). We do not collect, store, or use this information. Firebase may technically provide these fields during authentication, but we only store and use your email, and display your name and profile picture in the extension UI. This data is stored securely in Firebase Firestore under your user document.

1.2 Usage Data

We only track how many reviews you have requested.

2. Information Processed During Code Reviews

2.1 Code Diffs Retrieved from Source Control Platforms

When you explicitly request a review by clicking the Review button, the extension:

• Uses your existing session cookies (from the source control provider you are already logged into)
• Fetches only the diff of the currently open PR/MR
• Sends this diff to our backend for AI analysis

We do not:

• Store your session cookies
• Store any code, diff, or repository information
• Collect or store file names, commit history, or metadata beyond the diff temporarily needed for processing

All diff data is transmitted only for the duration of the review request and discarded immediately after generating the AI response.

3. How We Use Your Information

We use collected and processed information strictly to provide the core functionality of the Product:

• Email address: account creation, login, limiting free usage, subscription tier logic
• Name and profile picture: displayed in the extension UI for user recognition
• Diff content (ephemeral) sent to our AI backend to generate review suggestions
• Aggregated usage metrics (e.g., number of reviews performed): used internally for product functionality, limits, and quality improvements

We do not use any user data for advertising, profiling, or unrelated analytics.

4. Information Sharing and Disclosure

We do not sell, rent, or share your personal information with third parties for marketing or commercial purposes.

Data is shared only with:

4.1 Firebase (Google Cloud)

Used for:

• Authentication
• Secure storage of your user document (email, usage metrics, tier)

Firebase acts as our cloud DB and auth provider and processes data according to Google's privacy and security terms.

4.2 Our AI Processing Backend

Hosted and operated by us on AWS. It receives:

• Your authenticated user ID
• The diff you requested to review

The backend does not store sensitive repository data or code.

The backend does not share this data with any third parties.

5. Data Security

We rely on Firebase's encrypted authentication and Firestore's secure access rules. We take industry-standard measures to protect your information and prevent unauthorized access.

6. Your Rights and Choices

• You may stop using the extension at any time.
• You may request deletion of your user data stored in Firebase by contacting us at: yaniv@barzily.net.
• You may request access to your data by contacting us at: yaniv@barzily.net.
• If you remove access through your Google Account settings, authentication will be revoked.

7. Changes to This Policy

We may update this Privacy Policy from time to time. Updates will be posted with a new "Last updated" date.

8. Contact Us

For any privacy-related inquiries, please contact us at: yaniv@barzily.net.