Privacy Policy

Last updated: January 1, 2026

This Privacy Policy explains how GitSquid ("we," "us," or "our") collects, uses, and protects your personal data when you use the GitSquid desktop application ("the App") and the GitSquid website at gitsquid.dev ("the Website"), collectively referred to as "the Service."

We are committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

1. Data Controller

The data controller for the personal data processed through the Service is:

GT-ITECH (operating as GitSquid)
SIRET: 811 179 415 00013
Email:
Website: gitsquid.dev

2. Data We Collect

2.1 Data you provide

  • Email address (required for Pro purchase)
  • Name (optional, if provided during checkout)

2.2 Data generated through the Service

  • License keys associated with your purchase
  • Stripe customer and subscription IDs for payment management
  • Payment history (amounts, dates, subscription status)
  • Verification codes (temporary, for account access)

2.3 Data stored locally on your device

The following data is stored exclusively on your device and is never transmitted to our servers:

  • Third-party access tokens (GitHub, GitLab, BitBucket) — encrypted using Electron's safeStorage API
  • Repository data and Git history
  • Application preferences and settings

2.4 Data we do NOT collect

  • We do not collect analytics or telemetry data from the App.
  • We do not track your usage patterns, repositories, or code.
  • We do not store your credit card details (handled entirely by Stripe).
  • We do not use cookies for tracking on the Website.

3. How We Use Your Data

We process your personal data for the following purposes:

  • License management: to issue, validate, and manage your Pro license key.
  • Payment processing: to process purchases and manage subscriptions via Stripe.
  • Transactional emails: to send purchase confirmations and verification codes for account access.
  • Customer support: to respond to your inquiries.

4. Legal Basis for Processing (GDPR)

We process your data based on the following legal grounds:

  • Contract performance (Article 6(1)(b) GDPR): processing is necessary to fulfill our contract with you (providing the Pro license and related services).
  • Legitimate interest (Article 6(1)(f) GDPR): license validation and fraud prevention.
  • Legal obligation (Article 6(1)(c) GDPR): retaining payment records as required by tax and accounting regulations.

5. Third-Party Services

5.1 Stripe

We use Stripe to process payments. When you make a purchase, your payment information is handled directly by Stripe. We only receive and store your Stripe customer ID, subscription ID, and payment history. We never have access to your full credit card number.

5.2 OVH (Email)

Transactional emails (purchase confirmations, verification codes) are sent via SMTP hosted by OVH, a European hosting provider, from the address .

5.3 GitHub Releases

The App checks for updates via GitHub Releases. This request is made to GitHub's servers and is subject to GitHub's privacy policy. No personal data is transmitted during update checks.

5.4 License Validation

The App periodically contacts our servers to verify your Pro license status. This request transmits only your license key. No other personal or usage data is sent.

6. Data Retention

  • Account and license data: retained for as long as your account is active, plus a reasonable period after cancellation for support purposes.
  • Payment records: retained for the duration required by applicable tax and accounting laws (typically 10 years in France).
  • Verification codes: automatically expire and are deleted after use or after a short validity period.

7. Your Rights (GDPR)

Under the GDPR, you have the following rights regarding your personal data:

  • Right of access: request a copy of the data we hold about you.
  • Right to rectification: request correction of inaccurate data.
  • Right to erasure: request deletion of your data ("right to be forgotten"), subject to legal retention obligations.
  • Right to restriction: request limitation of how we process your data.
  • Right to data portability: receive your data in a structured, commonly used format.
  • Right to object: object to processing based on legitimate interest.

To exercise any of these rights, contact us at . We will respond within 30 days.

8. Data Security

We take reasonable technical and organizational measures to protect your personal data, including:

  • HTTPS encryption for all communications with our servers.
  • Secure storage of license and account data on our server infrastructure.
  • Local encryption of sensitive data (access tokens) on your device using Electron's safeStorage API.
  • No storage of credit card data on our infrastructure.

9. International Data Transfers

Your data is primarily processed within the European Union. Where third-party services (such as Stripe or GitHub) may process data outside the EU, they do so under appropriate safeguards such as Standard Contractual Clauses (SCCs) or equivalent mechanisms recognized under GDPR.

10. Children's Privacy

The Service is not directed at children under the age of 16. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us and we will promptly delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email or through the Website. The "Last updated" date at the top of this page indicates when the policy was last revised.

12. Contact

For any questions or concerns about this Privacy Policy or your personal data, contact us at: