Privacy Policy

Access to Your Repository Data

Privacy policy is effective as of 11 June 2025

GitHub Integration and Data Access

By connecting your personal or organization GitHub account to Warestack, you grant us secure, token-based access to monitor and process selected repository events. This access allows us to provide real-time enforcement of protection rules, automate compliance checks, and deliver continuous insights into your software delivery pipeline—without interrupting your normal development workflow.

Our Privacy Principles
Data Minimization

We only collect data necessary for providing our GitOps automation services.

Secure Processing

All data is processed using industry-standard security measures and encryption.

Purpose Limitation

Data is used exclusively for improving your development workflow and providing insights.

Repository Activity Monitored

We access only the metadata and event information required to support rule-based automation and reporting. This includes the following GitHub event types:

Branch & Protection Rules

Rules that govern repository structure and protection

Branch Protection Rules: Created, updated, or removed

Repository Rulesets: Created, modified, or deleted

Deployment Protection Rules: Requested and evaluated

Deployments & Status

Information about deployment processes and reviews

Deployments: Initiated or deleted

Deployment Reviews: Requested, approved, or rejected

Deployment Statuses: Updated via GitHub API

Pull Requests & Reviews

Code review and collaboration activities

Pull Requests: Opened, updated, labeled, assigned, merged, closed, reopened

Pull Request Reviews: Submitted, dismissed, or edited

Pull Request Comments & Threads: Created, updated, resolved

CI/CD & Automation

Continuous integration and deployment processes

Workflow Runs & Jobs: Queued, started, or completed

Check Runs: Created, re-requested, or completed

Push Events: Git pushes to any branch

Issues & Project Management

Issue tracking and project management activities

Issues & Comments: Created, edited, closed, or labeled

Milestones: Opened, closed, or edited

Team & Access

Team structure and access control information

Team & Membership Changes: Added, removed, or modified for repos

Collaborators: Added or removed, including permission changes

Purpose and Scope of Processing

Warestack uses this data strictly to:

Verify that your GitHub activity complies with configured protection rules

Detect violations, misconfigurations, or risks in real time

Contextually adjust and apply rules based on developer actions and intent

Trigger automated actions and team notifications (e.g. via Slack, Linear, or GitHub comments)

We do not access, store, or analyze your actual source code or any private content beyond what's required for rule enforcement. All processing is done in real time and is limited to actionable metadata.

Your Control and Security

You can revoke Warestack's access at any time by uninstalling the GitHub App or removing the OAuth token.

Upon disconnection, all access is immediately revoked and we cease all monitoring or data retrieval.

Warestack does not retain repository metadata beyond what is required for current rule evaluations.

Data Privacy Commitments

We never store, copy, or transmit your source code.

We do not sell or share any repository data with third parties.

We maintain enterprise-grade encryption and access controls in all environments.

Contact Us

For any questions regarding data usage, deletion requests, or security practices, please contact us at support@warestack.com

By using Warestack, you acknowledge that you have read and understood this Privacy Policy.

Warestack

About

Our story

Resources

DisclaimerPrivacy PolicyTerms & Conditions

Contact

Request supportJoin us on DiscordGitHub Organization

© 2024, Warestack