Privacy Policy

Last Updated: June 05, 2026

1. Introduction

This Privacy Policy explains how WhatDidIDo ("we", "us", or "the Service") collects, uses, and protects your personal information when you use our service. We are committed to protecting your privacy and ensuring the security of your data.

2. Information We Collect

We collect the following types of information:

2.1 Authentication Information

GitHub username

OAuth access tokens (stored securely)

2.2 GitHub Activity Data

Pull request information (titles, dates, organizations, repositories)

Code statistics (lines added, lines removed, commit counts)

Code review information (review dates, comment counts, review results)

Commit messages and timestamps

2.3 Usage Data

Report generation metadata

Date and time of service usage

3. How We Use Your Information

We use your information to:

Provide and maintain the Service

Generate reports of your GitHub contributions

Cache data to improve performance

Authenticate your identity

Display your contribution statistics

We do NOT use your data for:

Advertising or marketing purposes

Selling to third parties

Analytics beyond basic service functionality

4. Data Storage and Security

Your data is stored securely in a PostgreSQL database. We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction.

Security measures include:

Encrypted connections (HTTPS/TLS)

Secure storage of OAuth tokens

User-specific data isolation

Regular security updates

Data Location: Data is stored in the United Kingdom

5. Data Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may disclose your information only in the following circumstances:

With your explicit consent

To comply with legal obligations or court orders

To protect our rights, property, or safety

In connection with a business transfer or acquisition

6. Third-Party Services

The Service integrates with GitHub via OAuth authentication. When you connect your GitHub account, you are also subject to GitHub's Privacy Policy. We only request the minimum permissions necessary to provide our service.

GitHub Permissions Requested:

Read access to your public and private repositories

Read access to your user profile information

Read access to your organization memberships

7. Cookies and Tracking

The Service uses essential cookies for:

Authentication and session management

Security purposes

We do not use tracking cookies or third-party analytics services.

8. Data Retention

We retain your data for as long as your account is active. When you delete your account through the Settings page, all your data is permanently removed from our servers immediately.

Note: After account deletion, your data cannot be recovered. Please export any reports you wish to keep before deleting your account.

9. Your Rights

You have the right to:

Access your personal data

Export your data (via report downloads)

Delete your account and all associated data

Revoke GitHub OAuth access at any time

Object to data processing

To exercise these rights, visit your Settings page or contact us.

10. Children's Privacy

The Service is not intended for users under the age of 13. We do not knowingly collect personal information from children under 13. If you are a parent or guardian and believe your child has provided us with personal information, please contact us.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. Continued use of the Service after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us at:

harry@harrymi.co.uk