Legal
Privacy Policy
Last updated:
What Veripsa Core processes
To warn about cross-PR collisions before merge, Veripsa Core reads the installed repositories transiently and produces minimal repository and pull-request metadata needed to run advisory checks, keep them fresh, and scope them to opaque GitHub account identifiers.
It does notretain file bodies or diff contents and does not access GitHub's repository, organization, environment, or Actions secret stores. If a secret value is committed to a tracked file (including a committed .env file), that file can be read transiently with other source content; its body is discarded and the value is not intentionally extracted or retained.
What Veripsa Core stores
A content-free structural working set for covered repositories, plus in-flight reservations and advisory records, isolated per account. This can include public GitHub login handles; repository, branch, pull-request, commit, and installation identifiers; path and symbol names; language and symbol kinds; content fingerprints; changed line ranges; structural relationship types; timestamps; and check, comment, ACK, delivery, and lifecycle state. Path, symbol, repository, and login names can still be customer or personal data even though source and diff bodies are not retained. For repositories that have had no recent activity and no active in-flight work, the rebuildable working set and co-change cache may be pruned after a period of inactivity (normally 30 days). The working set is rebuilt on the next default-branch push or pull request; the co-change history cache is repopulated asynchronously. Operational telemetry (push and landing events) is retained for 30 days and then pruned. Curated advisory history is kept as an append-only record until account erasure; entries are added, not edited or removed.
Multi-tenant isolation
Every record is scoped to the installing account and enforced at the database row level; one customer's data is never readable by another. See the Security overview for more.
Signing in to the Veripsa platform
The Veripsa website (separate from the Veripsa Core GitHub App) offers sign-in with GitHub so an account owner can view their dashboard. We keep this PII-minimal: we persist only your opaque GitHub user ID (an immutable number) to identify your account. We do not persist your name, avatar, or email address — the sign-in scope is identity-only (read:user, not your email), and the profile fields GitHub returns are stripped from the session rather than stored. Sign-in keeps you logged in with a session cookie (a signed JWT that carries only that opaque id); we do not create a separate server-side session record just to sign you in.
Any GitHub user may sign in. What you can see is derived solely from your own GitHub access: the dashboard shows the content-free data for the Veripsa Core installations you administer, and never another account's — that isolation is enforced from your GitHub installations on every request, not by who you are.
To delete your platform account or request erasure of this sign-in data, email support@veripsa.com. Signing out clears the session cookie from your browser; it does not by itself delete the identity data above.
Install-source attribution
Veripsa may record first-party install-intent metadata to understand onboarding and public launch effectiveness. For the GitHub App install redirect, the recorded attribution is limited to a sanitized CTA source, locale, optional campaign slug, and a coarse same-site public page bucket when the click came from a Veripsa public page.
The install redirect does not record arbitrary query parameters, raw referrer URLs, repo IDs, PR numbers, branch names, source or diff bodies, or hidden user-fingerprinting identifiers. First-party marketing intent events are retained for 30 days, then pruned.
Sharing
Veripsa does not sell or share your data. Veripsa Core communicates only with GitHub's API (to read structure and post checks and comments) and, if you configure it, your own alert webhook. It is hosted on managed infrastructure with a managed database. There are no analytics or advertising third parties. The full subprocessor list — including processing region and data category — lives at /legal/subprocessors.
Billing
Veripsa Core is free while in early access, with fair-use limits that protect the shared service. We do not process or store payment card details, and the current product flow has no active checkout, card collection, or paid subscription. Future paid plans are expected through GitHub Marketplace and are not implemented yet. Current fair-use limits are described on Free access.
Deletion
Uninstalling the App stops processing immediately and purges your rebuildable content-free working set from our database. Append-only advisory history and account-lifecycle audit records are deleted on account erasure. You can request erasure at any time (right to erasure).
Your choices
- Scope:choose which repositories Veripsa Core can access from the App's installation settings on GitHub.
- Uninstall: remove the App at any time to stop all processing and purge your working set.
- Erasure: contact us to request deletion of your data.
Changes
We may update this policy as the product evolves; material changes will be posted here with a new “Last updated” date.
Contact
Questions about privacy or a data request: support@veripsa.com.