Privacy Policy

Overview

This Privacy Policy describes how the AI Diff Review & Commit Gate plugin ("Plugin", "we", "us") handles information when you use our IntelliJ IDEA plugin.

Information We Collect and Process

Code Analysis Data

When you use the Plugin's analysis features, the following data may be processed:

• Source code diffs: Changes you've made to files in your project
• File content: Complete file content (when enabled in settings)
• File metadata: File paths, names, types, and modification status
• Project structure: Limited project context for analysis

Configuration Data

The Plugin stores locally on your machine:

• API Keys: Your OpenAI API key (stored securely by IntelliJ IDEA)
• Settings: Your preferences for analysis behavior, redaction patterns, and commit gate configuration
• Usage patterns: Local logs of analysis requests for debugging purposes

How We Handle Your Data

Data Transmission

• Third-party AI Services: Code analysis data is sent to OpenAI via their API using your personal API key
• No ContentaSoft Servers: We do not operate servers that receive or store your code
• Direct Connection: All API requests go directly from your IDE to OpenAI using your credentials

Data Storage

• Local Only: All configuration and settings are stored locally by IntelliJ IDEA
• No Remote Storage: ContentaSoft does not store, collect, or retain any of your code or personal data
• Temporary Processing: Code data exists only in memory during analysis and is not persisted

Secret Redaction

• Built-in Protection: The Plugin includes configurable patterns to redact sensitive information before sending to AI services
• User Control: You can customize redaction patterns, scope, and behavior
• Default Patterns: Pre-configured patterns for common secrets (API keys, passwords, tokens)

Third-Party Services

OpenAI API

When you use the analysis features:

• Code data is sent to OpenAI for processing according to their terms of service and privacy policy
• You are responsible for your OpenAI API usage and associated costs
• OpenAI's data handling practices are governed by their privacy policy at https://openai.com/privacy/

Data Security

Protection Measures

• Encryption: All API communications use HTTPS/TLS encryption
• Local Storage: Settings and API keys are stored using IntelliJ's secure storage mechanisms
• No Persistence: Analysis data is not saved to disk by the Plugin

User Responsibilities

• API Key Security: Keep your OpenAI API key secure and do not share it
• Sensitive Code: Use redaction patterns for highly sensitive code sections
• Network Security: Ensure your development environment follows security best practices

User Rights and Control

What You Can Control

• Enable/Disable: Turn analysis features on or off at any time
• Scope Control: Choose which files and content types to analyze
• Redaction Settings: Configure what information gets redacted before transmission
• API Key Management: Add, change, or remove your API key at any time

Data Deletion

• Uninstall: Removing the Plugin deletes all local configuration data
• Settings Reset: You can clear all Plugin settings through IntelliJ's settings interface
• No Remote Data: Since we don't store data remotely, there's nothing for us to delete

Changes to This Policy

We may update this Privacy Policy from time to time. When we do:

• The updated policy will be included with Plugin updates
• Material changes will be highlighted in release notes
• The effective date will be updated accordingly

Legal Basis for Processing

Where applicable under data protection laws:

• Legitimate Interest: Processing is necessary for providing the code analysis service you've requested
• Consent: By configuring and using the analysis features, you consent to the data processing described above

Contact Information

If you have questions about this Privacy Policy or our data practices:

Jurisdiction

This Privacy Policy is governed by the laws of [Jurisdiction to be specified based on ContentaSoft's location].