Last updated: June 2026

Privacy Policy

BugLens is built by developers for developers. This policy explains exactly what data we collect, why, and how we protect it. No legalese walls — plain English.

1. Who we are

BugLens (buglens.app) is an AI-powered code review tool built and operated by Satyabrata Mohanty. You can reach us at satyatechgeek@gmail.com.

2. What we collect

When you sign in via GitHub OAuth:
  • Your GitHub username, display name, and email address
  • A GitHub installation token (encrypted at rest) used to post reviews on your behalf
When BugLens reviews a pull request:
  • The PR diff (changed lines only) — sent to our AI analysis provider for review. We do not store full file contents.
  • PR metadata: title, number, author, repo name, URL
  • Review output: findings, severity scores, suggested fixes — stored in our database tied to your account
When you use the dashboard:
  • Usage count (how many reviews you've run this month)
  • Lessons you add to the Knowledge Base
  • Settings and preferences you configure
When you subscribe:
  • Payment is processed by DodoPayments. We never see or store your card number.
  • We store your subscription tier, billing status, and transaction IDs.

3. How we use your data

  • To run AI code reviews on your pull requests
  • To display your review history and analytics in the dashboard
  • To send you review summary emails (you can disable this in Settings)
  • To enforce usage limits based on your subscription tier
  • To improve BugLens — we may analyse aggregated, anonymised review patterns to make detection better
We do not sell your data. We do not use your code or PR content for training AI models.

4. Third-party services

  • Supabase — database and authentication hosting (EU/US servers)
  • AI analysis provider — PR diffs are sent for analysis. Subject to the provider's data processing terms.
  • DodoPayments — payment processing. Subject to DodoPayments' privacy policy.
  • Resend — transactional email delivery
  • Render — backend hosting
  • Vercel — frontend hosting

5. Data retention

  • Review records are kept for as long as your account is active
  • If you delete your account, all your data is permanently removed within 30 days
  • PR diffs are not retained by us after analysis completes

6. Your rights

You can at any time:
  • Export your data — email us and we'll send a JSON export within 7 days
  • Delete your account — via Settings → Danger Zone, or by emailing us
  • Opt out of email notifications — toggle in Settings → Notifications
  • Revoke GitHub App access — via GitHub → Settings → Applications

7. Security

GitHub installation tokens are encrypted using AES-256-GCM before storage. We use HTTPS everywhere. See our Security page for full details.

8. Changes to this policy

If we make material changes, we'll update the date at the top of this page and notify active users by email. Continued use after the change constitutes acceptance.

9. Contact

Questions? Email satyatechgeek@gmail.com. We respond within 48 hours.