Privacy Policy
Effective: February 21, 2026 · Last updated: February 21, 2026
This policy explains what data GreenCI collects, how we use it, and your rights. We believe in transparency — no surprises.
1. Who We Are
GreenCI is an AI-powered testing platform operated by Sam, based in Georgia, USA. When we say "GreenCI," "we," "us," or "our," we mean the operator of greenci.ai.
2. What We Collect
Information You Provide
- Account information: Email address, name, and billing details when you sign up
- GitHub profile information: Username, avatar, and organization memberships (via GitHub OAuth)
- Payment information: Processed by our payment provider — we do not store full credit card numbers
- Support communications: Messages you send us
Information We Collect Automatically
- Usage metrics: Features used, test generation counts, API calls, dashboard activity
- Technical data: Browser type, IP address, device information, timestamps
- Log data: Server logs for debugging and security
Information from GitHub
When you connect a repository, we access:
- Code diffs — changes in pull requests and commits, used to generate tests
- Repository metadata — repo name, branch info, file structure
We do not access:
- Repositories you haven't explicitly connected
- Your private messages or GitHub notifications
- Other users' data in shared repositories
- Full source code history — we process diffs, not entire codebases
Trace Files
When you use our GitHub Action, Playwright trace files may be uploaded from your CI environment. These contain test execution data (screenshots, network logs, DOM snapshots). Trace files are stored according to your plan's retention period and permanently deleted after expiry.
3. How We Use Your Data
We use your data to:
- Provide the service — generate tests, display results, manage your account
- Improve GreenCI — analyze usage patterns, fix bugs, develop new features
- Communicate with you — service updates, billing, support responses
- Ensure security — detect abuse, prevent fraud, maintain service integrity
We do not:
- Sell your personal data
- Use your code to train AI models (your code diffs are processed for test generation only)
- Share your data with advertisers
4. Bring Your Own LLM (BYOLLM)
When you use BYOLLM with your own API keys:
- Your code diffs and prompts are sent directly to your LLM provider. GreenCI facilitates this connection but does not store the LLM request/response content.
- Your LLM provider's privacy policy governs how they handle that data — not ours.
- Your API keys are encrypted at rest and never logged or exposed in our systems.
When you use GreenCI's default LLM:
- Your code diffs are sent to our LLM provider for test generation.
- We have data processing agreements with our LLM providers.
- Generated outputs are not used to train third-party models.
5. Where We Store Your Data
Your data is stored on Cloudflare's infrastructure (Workers and D1), which operates globally. Cloudflare maintains SOC 2 Type II certification and complies with major security standards.
We implement reasonable security measures including:
- Encryption in transit (TLS) and at rest
- API key encryption
- Access controls and authentication
- Regular security reviews
6. Who We Share Data With
| Recipient | Purpose | Data Shared |
|---|
| Cloudflare | Infrastructure & storage | All service data |
| GitHub | Authentication & repo access | OAuth tokens, repo queries |
| LLM providers | Test generation | Code diffs, prompts |
| Payment processor | Billing | Payment details |
We may also disclose data if required by law, court order, or to protect our rights and safety.
7. Data Retention
- Account data: Retained while your account is active, plus 30 days after deletion
- Trace files: Retained per your plan's retention period, then permanently deleted
- Usage logs: Retained for up to 12 months
- Billing records: Retained as required by law (typically 7 years)
8. Your Rights
All Users
You can:
- Access your data via the dashboard or by contacting us
- Update your account information at any time
- Delete your account and request data deletion
- Export your test results and trace files
California Residents (CCPA)
If you're a California resident, you have additional rights under the California Consumer Privacy Act:
- Right to Know: You can request what personal information we collect, use, and disclose.
- Right to Delete: You can request deletion of your personal information.
- Right to Opt-Out of Sale: We do not sell your personal information, so this right does not apply — but if that ever changes, we'll provide an opt-out mechanism.
- Right to Non-Discrimination: We won't discriminate against you for exercising your CCPA rights.
To exercise these rights, contact us at privacy@greenci.ai. We'll respond within 45 days.
Other US State Privacy Laws
We aim to honor privacy rights consistently for all US users, regardless of state. If your state provides additional privacy rights, contact us and we'll do our best to accommodate your request.
9. Cookies and Tracking
- Essential cookies — for authentication and session management (required)
- Analytics — basic, privacy-respecting usage analytics to improve the service
We do not use third-party advertising trackers.
10. Children's Privacy
GreenCI is not intended for children under 18. We do not knowingly collect data from minors. If you believe a minor has provided us data, contact us and we'll delete it promptly.
11. Changes to This Policy
We may update this policy. Material changes will be communicated via email or dashboard notification at least 30 days in advance. Continued use after changes constitutes acceptance.
12. Contact Us
For privacy questions or to exercise your rights: