Privacy Policy. In plain language.
This page explains how Sigilix handles your code, your account, and the data that flows through our code review, coding agent, and research chat. It is the controlling reference for our privacy commitments. The full architectural detail — including data-flow diagrams and retention rules — lives at /security.
Last updated: July 2, 2026.
Sigilix is operated by Sigilix, Inc. ("Sigilix", "we", "our"). We provide an AI code-review service that runs on your pull requests, a coding agent available through our CLI and issue-tracker integrations, and a research chat. This policy explains what data we collect, how we use it, who we share it with, and the rights you have.
The data we process.
Account & identity
Email address, GitHub user ID, organization membership, billing contact, and the metadata GitHub returns when you authorize the Sigilix App. We do not collect passwords; auth is delegated to GitHub.
Repository & review data
For each review or agent task: the diff hunks, surrounding files, lockfiles, and PR metadata of the pull request under review, plus the findings we produce. Raw file contents are processed for inference; what is retained afterwards is governed by your learning settings (Section 03) and is redacted before storage.
Issue-tracker data
If you connect Linear or another issue tracker, we process the issues, comments, and metadata needed to triage tickets and run agent sessions you assign to Sigilix.
CLI & chat sessions
Prompts, responses, and tool activity from your Sigilix CLI and research-chat sessions. Retention of this content for learning is controlled per user (Section 03).
Connected apps (MCP)
If you connect third-party apps via MCP, we store the OAuth tokens and connection metadata needed to call those apps on your behalf. We only call them when your session uses them, and you can disconnect at any time.
Usage & billing
Aggregate usage metrics (review counts, latency, error rates, rate-limit usage), marketing-page analytics (page views, referrers), and billing records. Payments are processed by Stripe — we never store your card numbers.
Learning stays inside your organization.
Sigilix gets better for your team by learning from your team's own activity — and only your team's. We do not train any shared or global model on customer data. All learning is isolated per organization and is never shared across organizations, used to serve other customers, or blended into a common model.
There are two independent learning scopes, each with its own control:
Org scope — PR & review data
Your organization's pull-request and review corpus (diffs, findings, dismissals, merge outcomes) improves your organization's private model and review memory. This scope is controlled by your organization admin.
User scope — CLI & chat sessions
Each user's own CLI and chat session content improves that user's (seat's) contribution. This scope is controlled individually by each user, independent of the org setting.
Defaults depend on your plan:
- ·Free, Pro, Max, and Ultra plans: learning is ON by default. You can opt out at any time in your settings.
- ·Team and Enterprise plans: learning is OFF by default. Your organization admin can opt in.
Before anything is retained for learning, secrets and personally identifiable information are redacted. The retained corpus is stored durably (on Cloudflare infrastructure and object storage) so it can power your organization's own private model improvement — including models you self-host — always within your organization's scope.
Turning learning off stops new retention immediately. You can also request deletion of previously learned data at any time (Section 06), and we will delete it.
The hard nos.
- ·We do not train shared or global models on your code or your sessions. Learning, where enabled, stays inside your own organization.
- ·We do not share one organization's data, learned corpus, or model improvements with any other organization.
- ·We do not vectorize or index your repositories into any shared embedding store.
- ·We do not retain secrets or PII — both are redacted before anything is stored for learning.
- ·We do not sell or rent your data.
Where your data lives and runs.
Sigilix keeps a deliberately small footprint. Your code already lives in GitHub; our own infrastructure runs on Cloudflare; and inference runs on the model providers below under terms that prohibit them from training on your data. This list may change as the product evolves — material changes will be announced with notice (Section 09), and a current list is always available on request.
Where your code already lives. We read pull requests through a scoped, short-lived token and post reviews back — we don't move your code anywhere new.
Our infrastructure — the API, workers, databases, object storage, and Durable Objects that run reviews, agent sessions, and (where enabled) store your org's learned corpus. TLS in transit, encryption at rest, isolated per tenant.
Inference runs on providers such as Google Vertex AI, Ollama, OpenRouter, and AWS. Prompts are sent for inference only, under terms that prohibit training on your content.
Payment processing. Card numbers go directly to Stripe; we store only billing metadata (plan, invoices, billing contact).
If you connect it: issue and comment data needed for triage and agent sessions you assign to Sigilix.
Third-party apps you explicitly connect (via MCP) are called on your behalf with the OAuth grant you approve. Each is governed by its own terms.
What you can ask us to do.
- ·Access — ask what data we hold about you or your organization.
- ·Export — request a copy of your account data and, where applicable, your org's learned corpus.
- ·Deletion — request deletion of your account data and any retained learning corpus. We will delete it.
- ·Opt out of learning — flip the toggle in your settings at any time (org admins control the org scope; each user controls their own CLI/chat scope).
We aim to honor these rights for all customers regardless of region, in line with GDPR and CCPA principles. Send requests to privacy@sigilix.ai and we will respond within 30 days.
How your data is protected.
- ·Encryption in transit (TLS) and at rest across our stack.
- ·Per-tenant isolation: each organization's data, memory, and learned corpus are partitioned per organization and never mixed.
- ·OAuth tokens for GitHub, Linear, and MCP-connected apps are stored encrypted, scoped to the minimum permissions needed, and revocable by you at any time.
- ·Secrets and PII are redacted before any content is retained for learning.
Architectural detail lives at /security. Report vulnerabilities to security@sigilix.ai.
Data Processing Agreements.
A Data Processing Agreement (DPA) is available on request for enterprise customers. Contact legal@sigilix.ai.
How updates work.
We will revise this policy as we add features and sub-processors. Material changes will be announced by email to the billing contact and posted at sigilix.ai/privacy with the new effective date. Continued use of the service after a change constitutes acceptance.
Reach a human.
Privacy questions: privacy@sigilix.ai. Security disclosures: security@sigilix.ai. Anything else: support@sigilix.ai.