What we collect
When you install the Acuvis GitHub App we receive: the repositories you grant access to, the diffs of pull requests in those repos, comment and reaction events, and your team members' GitHub identities.
What we store
We persist the cluster graph, your team's preferences, comments and reactions, and the signed event chain. We also keep the diff inside the review document so the IDE can render it back to you. The review document is scoped to your organisation and never replicated to analytics, archives, or anywhere else.
Code analysis isolation
Code analysis runs in Firecracker microVMs on Fly Machines. Each pull request gets its own VM, with its own kernel and memory, destroyed once the analysis finishes.
AI inference provider
Prompts include excerpts of changed code. We route through Fireworks AI, a US-domiciled inference provider, under a signed DPA. Fireworks commits to no training on customer prompts and zero data retention by default. Prompts live in volatile memory for the duration of the request and nothing else. Fireworks is SOC 2 Type II and HIPAA compliant.
Your rights under GDPR
You can export, rectify, and delete your data at any time. Mail privacy@acuvis.dev and we will respond within 7 days.
Contact
Acuvis · Warsaw, Poland.
privacy@acuvis.dev