Privacy Policy
Access to Your Repository Data
Effective 11 June 2025
GitHub Integration and Data Access
By connecting your personal or organization GitHub account to Warestack, you grant us secure, token-based access to monitor and process selected repository events. This access allows us to provide real-time enforcement of protection rules, automate compliance checks, and deliver continuous insights into your software delivery pipeline—without interrupting your normal development workflow.
Our Privacy Principles
Data Minimization
We only collect data necessary for providing our GitOps automation services.
Secure Processing
All data is processed using industry-standard security measures and encryption.
Purpose Limitation
Data is used exclusively for improving your development workflow and providing insights.
Repository Activity Monitored
We access only the metadata and event information required to support rule-based automation and reporting. This includes the following GitHub event types:
Branch & Protection Rules
Rules that govern repository structure and protection
- •Branch Protection Rules: Created, updated, or removed
- •Repository Rulesets: Created, modified, or deleted
- •Deployment Protection Rules: Requested and evaluated
Deployments & Status
Information about deployment processes and reviews
- •Deployments: Initiated or deleted
- •Deployment Reviews: Requested, approved, or rejected
- •Deployment Statuses: Updated via GitHub API
Pull Requests & Reviews
Code review and collaboration activities
- •Pull Requests: Opened, updated, labeled, assigned, merged, closed, reopened
- •Pull Request Reviews: Submitted, dismissed, or edited
- •Pull Request Comments & Threads: Created, updated, resolved
CI/CD & Automation
Continuous integration and deployment processes
- •Workflow Runs & Jobs: Queued, started, or completed
- •Check Runs: Created, re-requested, or completed
- •Push Events: Git pushes to any branch
Issues & Project Management
Issue tracking and project management activities
- •Issues & Comments: Created, edited, closed, or labeled
- •Milestones: Opened, closed, or edited
Team & Access
Team structure and access control information
- •Team & Membership Changes: Added, removed, or modified for repos
- •Collaborators: Added or removed, including permission changes
Purpose and Scope of Processing
Warestack uses this data strictly to:
- •Verify that your GitHub activity complies with configured protection rules
- •Detect violations, misconfigurations, or risks in real time
- •Contextually adjust and apply rules based on developer actions and intent
- •Trigger automated actions and team notifications (e.g. via Slack, Linear, or GitHub comments)
We do not access, store, or analyze your actual source code or any private content beyond what's required for rule enforcement. All processing is done in real time and is limited to actionable metadata.
Your Control and Security
- •You can revoke Warestack's access at any time by uninstalling the GitHub App or removing the OAuth token.
- •Upon disconnection, all access is immediately revoked and we cease all monitoring or data retrieval.
- •Warestack does not retain repository metadata beyond what is required for current rule evaluations.
Data Privacy Commitments
- •We never store, copy, or transmit your source code.
- •We do not sell or share any repository data with third parties.
- •We maintain enterprise-grade encryption and access controls in all environments.
GDPR & Global Privacy Rights
If you are located in the EU, UK, or similar jurisdictions, you can:
- •Access, correct, or delete your personal data
- •Object to or restrict processing
- •Request data portability
- •Withdraw consent at any time
Contact Us
For any questions regarding data usage, deletion requests, or security practices, please contact us at support@warestack.com.
By using Warestack, you acknowledge that you have read and understood this Privacy Policy.