Skip to main content
DYKWYBLS

Privacy Policy

Your privacy matters to us. This policy explains what data DYKWYBLS collects, how we process it, and your rights. Last updated: March 2026.

What Data We Collect

When you run a DYKWYBLS audit, we collect only the information you provide. We store no personal data beyond what you provide during the audit process:

  • Your project description and answers to audit questions
  • Your GitHub repo URL and repo metadata (optional) — we only read repository files
  • Your tech stack selections
  • Your reflection answer
  • Generated scores and verdict from the AI analysis

How We Use Claude AI

Your answers and repository context are sent to Anthropic's Claude API for analysis. Claude generates the audit findings, scores, and recommendations in your report. Anthropic processes this data according to their API terms — data sent via the API is not used to train their models.

GitHub Access & Scope

If you provide a GitHub URL, we fetch publicly accessible files from your repository using the GitHub REST API. We only read files — we never write, modify, or store your source code beyond the temporary analysis session. For private repositories, a GitHub token with read-only access is required. GitHub tokens are session-scoped only and are never persisted to our database or stored after your audit session ends.

Data Retention

Completed audit reports are stored for 90 days to allow sharing via your unique report URL. After this period, reports are automatically and permanently deleted via a TTL-based auto-deletion mechanism. No backups of expired reports are kept.

Your Rights

  • Access: You can view your report anytime via the unique URL within the 90-day window.
  • Deletion: Contact us to request early deletion of your report before the 90-day expiration.
  • Portability: Download your report as a PDF for your records.

GDPR Data Deletion Requests

Under the General Data Protection Regulation (GDPR) and similar privacy laws, you have the right to request deletion of your personal data. We store no personal data beyond what you provide during the audit — your answers, project description, and the generated report.

To request deletion of your data before the 90-day automatic expiration, send an email to privacy@islandpitch.com with:

  • Your report URL (if available)
  • The email address you used (if any)
  • A description of the data you want deleted

We will process your request within 30 days. Once deleted, your data cannot be recovered.

Third Parties

Island Pitch does not sell your data. Your data is not sold, rented, or shared with third parties. The only external services that process your data are:

  • Anthropic (Claude API) — for AI analysis
  • GitHub API — for repository file access (if you provide a URL)
  • AWS — for infrastructure hosting and data storage
  • PostHog — for analytics (only with your explicit cookie consent)

Cookies & Analytics

We use essential cookies for consent tracking and session management. Analytics tracking (PostHog) is only enabled if you accept our cookie banner. You can use DYKWYBLS with essential cookies only. PostHog analytics data is collected with your explicit consent and is used solely to improve the DYKWYBLS experience.

Contact

For privacy questions or data requests, contact us at privacy@islandpitch.com.