Privacy Policy

EFFECTIVE DATE: 13 JUNE 2026 · VERSION 1.1

1 — Who we are

This policy applies to services operated by ZeroNonsense.dev, a registered company in the Netherlands ("we", "us", "our"). We are the data controller for personal data processed in connection with the Zero-Nonsense Dev product suite, including SentinelPR and ReleaseScribe.

Contact:
privacy@zerononsense.dev

2 — What data we collect and why

Category	Examples	Purpose	Legal basis (GDPR)
Access logs	IP address, HTTP method, timestamp, response code	Security monitoring, abuse prevention	Art. 6(1)(f) — legitimate interests
Support correspondence	Email address, message content	Respond to enquiries	Art. 6(1)(b) or (f)

We do not process source code content. Pull-request diffs are sent directly to the AI provider you configure (Azure OpenAI or OpenAI) and are never stored by us.

3 — Third parties

Our products interact with the following third parties:

GitHub, Inc. — Marketplace listing, webhook delivery, token verification. Governed by GitHub's own privacy policy.
Azure OpenAI / OpenAI — AI inference for code review. Used only when you provide an API key; we do not retain inference inputs or outputs.

We do not sell or rent personal data to any third party.

4 — Data retention

Support correspondence is retained for 2 years. Access logs, where collected, are retained for 30 days. No source code or pull-request content is retained.

5 — Your rights under GDPR

As a data subject you have the right to:

Access — request a copy of the data we hold about you.
Rectification — ask us to correct inaccurate data.
Erasure — ask us to delete your data, subject to legal obligations.
Portability — receive your data in a structured, machine-readable format.
Objection — object to processing based on legitimate interests.
Restriction — ask us to restrict processing in certain circumstances.

To exercise any of these rights, email privacy@zerononsense.dev. We will respond within 30 days.

You also have the right to lodge a complaint with the Dutch supervisory authority: Autoriteit Persoonsgegevens (autoriteitpersoonsgegevens.nl).

6 — Cookies and tracking

The zerononsense.dev website does not use cookies or client-side tracking analytics.

7 — Security

All traffic is TLS-terminated. We will notify affected users of any personal data breach without undue delay as required by Art. 33–34 GDPR.

8 — Changes to this policy

We may update this policy to reflect changes in our services or legal requirements. The effective date at the top of this page will be updated accordingly. Material changes will be communicated via the GitHub Marketplace listing or by email where we hold your address.