What we store, and what you accept by using GitVision.

No accounts.GitVision has no sign-up, no login, no password, no email collection. You don't create a profile to use it.

Anonymous owner-id. When you first visit, your browser generates a random UUID stored in localStorage. That's how the landing page filters "your sessions" from sessions other visitors created. The UUID is not linked to any personal information — we don't know who you are, and we don't want to.

Sessions you create are accessible by URL. Anyone with a session URL can open it. The owner-id only controls what shows up on the landing page list — it's soft isolation, not access control. Don't paste session URLs publicly if the analyzed repo is sensitive.

What we store on the server.The session JSON (analysis results) and a job-status file. Both are file-based, stored on Railway's persistent volume. We don't store IP addresses, cookies, or browser fingerprints.

What we send to third parties. Public-repo metadata via the GitHub REST + GraphQL APIs (read-only, no tokens of yours). Vulnerability lookups via OSV.dev. AI summary + health verdict via Anthropic's Claude API (the analyzed snapshot is sent — package names, contributor logins, file paths from the public repo). No personal data about you is forwarded.

Analytics.If we add web analytics (we're considering Plausible, which is privacy-friendly and IP- anonymized), this page will be updated. We will never use ad networks, fingerprinting, or session-replay tools.

Alpha software, no warranty. GitVision is provided as-is. Analysis results may be incomplete, wrong, or out of date — verify anything important against the source.

Be reasonable. The public deploy enforces per-IP rate limits (5 session-creates / 10 refreshes / 20 AI calls per hour) plus a daily Anthropic-call budget. If you hit 429 or 503, slow down. Persistent abuse may result in your IP being blocked at the Railway edge.

License. The GitVision source code is PolyForm Noncommercial 1.0.0. You may use, modify, and self-host for personal, educational, or nonprofit purposes — but not for commercial gain without a separate license. Get in touch if you want commercial use.

Service availability. We may pause or shut down the public deploy at any time, with or without notice. Sessions on the public deploy are not guaranteed durable — for anything you actually care about, run GitVision locally and keep your own session files.

Changes to this page. If terms change, the updated version replaces this one. The git history of this file is the source of truth — see commits to app/legal/page.tsx.