DocuPilot
Sign inGet Started

Privacy Policy

Last updated: April 4, 2026

1. Overview

DocuPilot ("we", "our", "us") is a service that automatically generates and updates documentation for your GitHub repositories on every push. This Privacy Policy explains what data we collect, how we use it, and how we protect it.

2. Data We Collect

  • GitHub account information: When you sign in with GitHub, we receive your GitHub user ID, username, avatar, and email address (if public). This is used to identify your account.
  • Repository diffs: When you push code, GitHub sends us the diff of that push (not your full codebase). This diff is passed to an AI model to generate documentation updates, then immediately discarded. We do not store your code.
  • Subscription and payment data: Billing is handled entirely by Stripe. We store only your Stripe customer ID and subscription status. We never see or store your full credit card number.
  • Usage data: We collect aggregate usage metrics (e.g., number of documentation PRs generated) to monitor service health and improve the product.

3. How We Use Your Data

  • To provide and operate the DocuPilot service
  • To generate documentation pull requests on your behalf
  • To manage your subscription and process payments via Stripe
  • To send transactional notifications related to your account
  • To monitor service health and fix issues

We do not sell your data to third parties. We do not use your code for training AI models.

4. Third-Party Services

  • GitHub: We use GitHub OAuth for authentication and the GitHub API to read repository diffs and create pull requests. GitHub's Privacy Policy applies to data processed by GitHub.
  • Anthropic (Claude API): Repository diffs are sent to Anthropic's Claude API to generate documentation. Data is not retained by Anthropic for training purposes under our API agreement. Anthropic's Privacy Policy applies.
  • Stripe: Payment processing is handled by Stripe. Your payment information is collected and stored directly by Stripe. Stripe's Privacy Policy applies.
  • Vercel: DocuPilot is hosted on Vercel. Vercel may collect standard server logs (IP address, request metadata) as part of hosting. Vercel's Privacy Policy applies.

5. Data Retention

Your GitHub account information and subscription status are retained for as long as your account is active. Repository diffs are never stored — they are processed in memory and discarded immediately after documentation is generated. You can request deletion of your account data at any time by contacting us.

6. Security

We use AES-256-GCM encrypted session cookies for authentication. All data is transmitted over HTTPS. We follow security best practices and limit access to personal data to only what is necessary to operate the service.

7. Your Rights

You may request access to, correction of, or deletion of your personal data at any time by contacting us at the address below. You can revoke DocuPilot's access to your GitHub account at any time via GitHub Settings → Applications.

8. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes via email or a notice on the site. Continued use of the service after changes constitutes acceptance of the updated policy.

9. Contact

For privacy-related questions or data requests, please contact us at: machimura.akira@gmail.com