Legal, Privacy & Security

Service scope. Repofyi lets you share read-only views of private GitHub repositories you explicitly authorize. Access is time-boxed and view-limited.

No repository writes. We never write to, modify, or commit to your repositories.

Acceptable use. You agree not to scrape, bypass protections, or attempt to download or reproduce the full codebase by automated means.

Availability. The service is provided on a best-effort basis without uptime guarantees. We may suspend access to protect security or comply with policy.

Revocation. You can revoke shares at any time from your dashboard and revoke OAuth access from your GitHub account settings.

Data we collect. Your GitHub profile (ID, login, name, email), share metadata (repo owner/name, expiration, view limits, view counts, recipient label), and viewer session IDs with expiry timestamps. Minimal operational logs (timestamps and error context) may be recorded for reliability and abuse prevention.

Data we do not store. We do not persist raw repository contents in our database. File trees may be cached in memory briefly for performance; file contents are fetched from GitHub per request and streamed to the client without persistent storage.

Tokens. OAuth access tokens are encrypted at rest and decrypted only when needed to call the GitHub API. We do not log tokens.

Cookies. We set an httpOnly, path-scoped viewer session cookie for read-only access validation. Session cookies are not accessible to client-side scripts.

Third parties. We call the GitHub API to read repository metadata and files. We do not share your data with advertising or analytics providers.

Retention. Share records remain until you delete them. Viewer sessions auto-expire. You may delete shares and revoke GitHub access at any time.

GitHub OAuth scopes. We request repo and user:email to read private repository content and your verified email. We only use read operations and never write to your repositories.

Token handling. Tokens are encrypted using our server-side key and decrypted in-process when contacting GitHub. We avoid long-lived caches of sensitive data.

Viewer sessions. Each viewer session is time-limited (typically 30 minutes), httpOnly, and validated on every API call. Expiration and view limits are enforced server-side.

Content controls. UI-level copy/download shortcuts are blocked as a deterrent; however, no client-side control can guarantee perfect prevention. Server-side policies (no repo checkout, no archives) reduce exfiltration vectors.

Your controls. Delete shares in the dashboard to revoke access immediately and revoke GitHub authorization from your account settings to sever API access.