Privacy Policy

OpsHero ("we", "our", or "us") provides a hybrid CI/CD log analysis service. This Privacy Policy explains what data we collect, why we collect it, and how we protect it. By using OpsHero, you agree to the practices described here.

We are designed with a privacy-first architecture. Logs you submit for analysis are processed transiently and, by default, are not retained on our servers.

2.1 Account data

When you sign in via GitHub OAuth, we receive your GitHub username, public profile name, and primary email address. We use this only to authenticate you and associate your usage quota with your account.

2.2 Log data

Logs you submit for analysis are processed in memory and are not persisted to disk or database on our servers. We do not read, store, or index the content of your pipeline logs beyond the duration of a single analysis request. Analysis results (pattern name, confidence score, suggested fix) are stored per-user for your history view and for feedback learning.

2.3 Usage metadata

We collect anonymised usage metrics: number of analyses per account, analysis method used (regex or AI engine), pattern match rate, and response latency. This data contains no log content.

2.4 Feedback

If you submit a thumbs-up or thumbs-down on an analysis result, we record your rating associated with the matched pattern (not the log content). This powers our self-learning pattern ranking.

• To authenticate your account and enforce usage tiers.
• To display your analysis history in the dashboard.
• To improve pattern accuracy based on aggregated feedback.
• To monitor service health and detect abuse.
• We do not sell, rent, or share personal data with third parties for marketing purposes.

Pro tier users may have logs routed to our AI engine when no regex pattern matches. In this case, the log excerpt is sent to a third-party LLM inference provider under a data processing agreement that prohibits training on your data. The excerpt is not retained by the provider beyond the inference call.

If you use the CLI in offline mode, no data is transmitted. Pattern matching occurs entirely on your device.

Analysis results are retained for 90 days to populate your history view, after which they are automatically deleted. Account data is retained for the lifetime of your account plus 30 days after deletion. You can request deletion of your account and all associated data at any time via your account settings or by emailing us.

We use a single HTTP-only, SameSite=Strict session cookie to maintain your authenticated session. We do not use tracking cookies or third-party analytics scripts. The CLI stores your access token in your system keychain or a local config file — never in a web cookie.

All data in transit is encrypted via TLS 1.3. Tokens are stored hashed. We follow OWASP security guidelines and conduct regular dependency audits. In the event of a breach affecting personal data, we will notify affected users within 72 hours.

Depending on your jurisdiction, you may have rights to access, correct, export, or delete your personal data. To exercise any of these rights, contact us at the address below. We will respond within 30 days.

We may update this Privacy Policy as the service evolves. Material changes will be communicated via email or an in-app notice at least 14 days before taking effect. Continued use of OpsHero after that date constitutes acceptance of the revised policy.

For privacy-related questions or data requests, contact us at: opshero.dev@gmail.com