// legal

Privacy Policy

Effective date: March 15, 2026

tl;dr

We collect your email (to send your license key) and subscription status via Stripe. We never see your code, your diffs, or your OpenAI API key. That's the whole point of how AutoPR works.

Who we are

AutoPR is a GitHub Action that reads your pull request diff and generates pull request descriptions using an LLM. It's built and operated by patchwork-eng. Questions? Email us at hello@difflog.io.

What we collect

We collect the minimum needed to run the service:

Email address — to deliver your license key after purchase. That's it.
Subscription status — whether your plan is active, via Stripe. We use this to validate your license key at runtime.

What we don't collect

This is the important part:

Your code. AutoPR runs inside your GitHub Actions runner on GitHub's infrastructure. Your source code never touches our servers.
Your diffs. The pull request diff AutoPR reads stays on your runner. It's sent directly from your runner to OpenAI — not through us.
Your OpenAI API key. Your key lives in your GitHub Secrets. We don't proxy it, store it, or have any way to access it.
Usage data, analytics, or telemetry. We don't run instrumentation on the Action itself.

How payment data works

All payment processing is handled by Stripe. We don't see or store your credit card number, billing address, or any payment details. When you complete a purchase, Stripe notifies us that a subscription was created, and we issue a license key to your email. That's the extent of our involvement in the transaction.

Stripe has its own privacy policy at stripe.com/privacy.

How we use your email

Your email is used for:

Delivering your license key
Sending transactional emails related to your subscription (renewals, cancellations, billing issues)

We don't send marketing emails. We don't sell your email to anyone.

Data retention

We keep your email and subscription record for as long as your account is active. If you cancel your subscription and want your data deleted, email us at hello@difflog.io and we'll take care of it.

Third-party services

The services we rely on:

Stripe — payment processing and subscription management
GitHub — the platform the Action runs on. Your use of GitHub Actions is subject to GitHub's privacy policy.
OpenAI — the LLM provider. Your pull request diff is sent to OpenAI using your API key, under your OpenAI account. We have no visibility into those calls. Review OpenAI's privacy policy for how they handle your data.

Cookies

This website doesn't use tracking cookies. Stripe may set cookies during checkout as part of their fraud prevention systems.

Changes to this policy

If we make meaningful changes, we'll update the effective date at the top. We'll also try to email affected users if the changes are significant. The policy lives at autopr.dev/privacy.

Contact

Privacy questions, data deletion requests, or anything else: hello@difflog.io.