Privacy

Privacy Policy. In plain language.

This page explains how Sigilix handles your code, your account, and the data that flows through our code review, coding agent, and research chat. It is the controlling reference for our privacy commitments. The full architectural detail — including data-flow diagrams and retention rules — lives at /security.

01Effective

Last updated: July 2, 2026.

Sigilix is operated by Sigilix, Inc. ("Sigilix", "we", "our"). We provide an AI code-review service that runs on your pull requests, a coding agent available through our CLI and issue-tracker integrations, and a research chat. This policy explains what data we collect, how we use it, who we share it with, and the rights you have.

02What we collect

The data we process.

Account & identity

Email address, GitHub user ID, organization membership, billing contact, and the metadata GitHub returns when you authorize the Sigilix App. We do not collect passwords; auth is delegated to GitHub.

Repository & review data

For each review or agent task: the diff hunks, surrounding files, lockfiles, and PR metadata of the pull request under review, plus the findings we produce. Raw file contents are processed for inference; what is retained afterwards is governed by your learning settings (Section 03) and is redacted before storage.

Issue-tracker data

If you connect Linear or another issue tracker, we process the issues, comments, and metadata needed to triage tickets and run agent sessions you assign to Sigilix.

CLI & chat sessions

Prompts, responses, and tool activity from your Sigilix CLI and research-chat sessions. Retention of this content for learning is controlled per user (Section 03).

Connected apps (MCP)

If you connect third-party apps via MCP, we store the OAuth tokens and connection metadata needed to call those apps on your behalf. We only call them when your session uses them, and you can disconnect at any time.

Usage & billing

Aggregate usage metrics (review counts, latency, error rates, rate-limit usage), marketing-page analytics (page views, referrers), and billing records. Payments are processed by Stripe — we never store your card numbers.

03Model learning

Learning stays inside your organization.

Sigilix gets better for your team by learning from your team's own activity — and only your team's. We do not train any shared or global model on customer data. All learning is isolated per organization and is never shared across organizations, used to serve other customers, or blended into a common model.

There are two independent learning scopes, each with its own control:

Org scope — PR & review data

Your organization's pull-request and review corpus (diffs, findings, dismissals, merge outcomes) improves your organization's private model and review memory. This scope is controlled by your organization admin.

User scope — CLI & chat sessions

Each user's own CLI and chat session content improves that user's (seat's) contribution. This scope is controlled individually by each user, independent of the org setting.

Defaults depend on your plan:

  • ·Free, Pro, Max, and Ultra plans: learning is ON by default. You can opt out at any time in your settings.
  • ·Team and Enterprise plans: learning is OFF by default. Your organization admin can opt in.

Before anything is retained for learning, secrets and personally identifiable information are redacted. The retained corpus is stored durably (on Cloudflare infrastructure and object storage) so it can power your organization's own private model improvement — including models you self-host — always within your organization's scope.

Turning learning off stops new retention immediately. You can also request deletion of previously learned data at any time (Section 06), and we will delete it.

04What we don't do

The hard nos.

  • ·We do not train shared or global models on your code or your sessions. Learning, where enabled, stays inside your own organization.
  • ·We do not share one organization's data, learned corpus, or model improvements with any other organization.
  • ·We do not vectorize or index your repositories into any shared embedding store.
  • ·We do not retain secrets or PII — both are redacted before anything is stored for learning.
  • ·We do not sell or rent your data.
05Sub-processors

Where your data lives and runs.

Sigilix keeps a deliberately small footprint. Your code already lives in GitHub; our own infrastructure runs on Cloudflare; and inference runs on the model providers below under terms that prohibit them from training on your data. This list may change as the product evolves — material changes will be announced with notice (Section 09), and a current list is always available on request.

GitHub

Where your code already lives. We read pull requests through a scoped, short-lived token and post reviews back — we don't move your code anywhere new.

Per GitHub Terms of Service
Cloudflare

Our infrastructure — the API, workers, databases, object storage, and Durable Objects that run reviews, agent sessions, and (where enabled) store your org's learned corpus. TLS in transit, encryption at rest, isolated per tenant.

Learning corpus retained only per your settings
Model providers

Inference runs on providers such as Google Vertex AI, Ollama, OpenRouter, and AWS. Prompts are sent for inference only, under terms that prohibit training on your content.

Zero-retention inference terms required
Stripe

Payment processing. Card numbers go directly to Stripe; we store only billing metadata (plan, invoices, billing contact).

Per Stripe's privacy policy
Linear

If you connect it: issue and comment data needed for triage and agent sessions you assign to Sigilix.

Per Linear's terms; disconnect anytime
Apps you connect via MCP

Third-party apps you explicitly connect (via MCP) are called on your behalf with the OAuth grant you approve. Each is governed by its own terms.

Per each app's terms; disconnect anytime
06Your rights

What you can ask us to do.

  • ·Access — ask what data we hold about you or your organization.
  • ·Export — request a copy of your account data and, where applicable, your org's learned corpus.
  • ·Deletion — request deletion of your account data and any retained learning corpus. We will delete it.
  • ·Opt out of learning — flip the toggle in your settings at any time (org admins control the org scope; each user controls their own CLI/chat scope).

We aim to honor these rights for all customers regardless of region, in line with GDPR and CCPA principles. Send requests to privacy@sigilix.ai and we will respond within 30 days.

07Security

How your data is protected.

  • ·Encryption in transit (TLS) and at rest across our stack.
  • ·Per-tenant isolation: each organization's data, memory, and learned corpus are partitioned per organization and never mixed.
  • ·OAuth tokens for GitHub, Linear, and MCP-connected apps are stored encrypted, scoped to the minimum permissions needed, and revocable by you at any time.
  • ·Secrets and PII are redacted before any content is retained for learning.

Architectural detail lives at /security. Report vulnerabilities to security@sigilix.ai.

08Enterprise

Data Processing Agreements.

A Data Processing Agreement (DPA) is available on request for enterprise customers. Contact legal@sigilix.ai.

09Changes

How updates work.

We will revise this policy as we add features and sub-processors. Material changes will be announced by email to the billing contact and posted at sigilix.ai/privacy with the new effective date. Continued use of the service after a change constitutes acceptance.

10Contact

Reach a human.

Privacy questions: privacy@sigilix.ai. Security disclosures: security@sigilix.ai. Anything else: support@sigilix.ai.

Last updated July 2, 2026