GitLokiGitLoki Gator

Privacy & Security

At GitLoki, we take your privacy and security seriously. Here's how we handle your data and protect your repositories.

Key Points

  • We request read and write repository permissions through OAuth
  • Write access is used only for creating environment configurations in temporary branches that are never pushed
  • All changes remain local to our service and you control whether to commit them
  • We use OAuth 2.0 for secure authentication
  • We don't store personal information or credentials
  • Any created files (Docker images, etc.) remain under your control
  • All repository access is temporary and for the sole purpose of providing our service

How We Access Your Repositories

GitLoki connects to your GitHub or GitLab repositories through secure OAuth 2.0 authentication. When you authorize GitLoki, we request read and write permissions for the following specific purposes:

  • Read your repository content to analyze dependencies and structure
  • Create temporary local branches for environment configuration (these are never pushed to your repository)
  • Generate configuration files needed for environment setup (which you can review before committing)
  • View commit history to enable environment recreation from specific points in time
  • Clone repositories locally for analysis and environment creation

About Write Access

While we request write access, we only use it to create temporary configurations in our service environment. We never push changes to your repository without your explicit approval, and all modifications remain in isolated environments unless you choose to apply them.

Data Storage Practices

GitLoki was built with a "minimal data" philosophy from the ground up:

  • We do not permanently store your personal information
  • Authentication tokens are securely handled and never exposed
  • We do not track usage patterns beyond what's necessary for the service
  • Repository data is only temporarily stored during analysis and viewing

Containerized Environments

When you use GitLoki to create environments from specific commits:

  • All environments are created in isolated containers
  • Container data remains under your control, not ours
  • You can delete, modify, or export any created environments at any time
  • We never access the contents of your containers beyond what's necessary for the service

Security Measures

To protect your data, we implement:

  • Industry-standard encryption for all data in transit
  • Regular security audits of our codebase
  • Strict access controls for our team members
  • Continuous monitoring for potential vulnerabilities

Your Control & Rights

With GitLoki, you maintain control:

  • Revoke access to your repositories at any time through GitHub/GitLab
  • Request deletion of any data associated with your account
  • Export any created environments or analyses

Contact Us

If you have any questions, concerns, or requests regarding your privacy or data, email us at team@gitloki.dev

Our Promise

We built GitLoki because we're developers too, and we understand the importance of keeping code and credentials secure. We will never compromise on privacy or security, and we're committed to being transparent about our practices.

Last updated: May 2025