Privacy Policy
Summary
This policy explains what data Dynvo ("we", "us") collects, why, and how we protect it. The short version: we analyze your repositories to build a feature map, and we are built so that your source code is never persisted at rest on our servers — on any tier. What we store is derived metadata, encrypted with a per-organization key.
Who we are
Dynvo provides code-observability tooling: we map repositories into features and flows, score risk and coverage, and surface that insight in pull requests, a dashboard, and via an MCP endpoint for AI agents. This policy covers dynvo.ai, the dashboard at app.dynvo.ai, and the Dynvo GitHub App. For data-protection questions, contact privacy@dynvo.ai.
Data we collect
Account data. When you sign up we store your name, email, organization name, and authentication identifiers from your OAuth sign-in provider (e.g. GitHub, Google).
Repository metadata. When you install the GitHub App and run a scan, we process your code in memory and persist derived metadata: feature and flow names, relative file paths, lines-of-code, commit counts and timestamps, author names, health scores, and coverage percentages. Which of these fields are stored in plaintext versus ciphertext depends on your privacy mode.
Runtime signal (opt-in). If you connect Sentry or PostHog, we read event metadata — stack-trace file paths, release commit SHAs (Sentry); page URLs and app version (PostHog) — to attribute production errors and usage to features. We do not ingest your application's source maps or full event payloads.
Billing data. Paid plans are processed by our merchant of record, Lemon Squeezy, which collects your payment method and billing address. We do not store full card numbers.
Usage analytics. We use product analytics on our own dashboard to understand how the product is used (page views, clicks). This concerns your use of Dynvo — not your scan data.
What we do NOT collect or store
- Your source code at rest. The scanner reads files into memory, builds the map, and discards the source.
- Secrets, .env files, or credentials found in your repository.
- LLM prompt bodies or responses — feature-name clustering uses the model you choose (Claude, OpenAI, or local Ollama) with your own API key, sent directly to that provider.
How we use your data
- To provide the service: build feature maps, post PR comments, power the dashboard and MCP.
- To attribute runtime signal to features when you connect Sentry or PostHog.
- To operate accounts, billing, and support.
- To secure the service, prevent abuse, and meet legal obligations.
We do not sell your data, and we do not use your repository content to train machine-learning models.
Privacy modes & encryption
You choose how much metadata our servers can read: Standard (feature names + counts as metadata, like Linear treats ticket titles), Private (opaque IDs only), or Sovereign (self-hosted in your own VPC — we see only a license-check ping). Scan content is encrypted with envelope encryption using a per-organization key in HSM-backed KMS; Customer-Managed Keys are available on higher tiers. Full detail lives on our Security page.
Subprocessors
If you use the hosted product, your data passes through a limited set of subprocessors — including KMS, our hosting and database providers, our payment processor, and the LLM provider you select. The current list, and what each one can see, is published on the Security page. Sovereign (self-hosted) deployments remove all external subprocessors from the data path except the LLM you choose.
Data retention & deletion
You can delete a scan or your account at any time. Deletion is immediate in our application database; encrypted backups are purged within 30 days. Deleting an encrypted scan removes both the ciphertext and its wrapped key. Enterprise customers can arrange custom retention windows and written attestation of deletion.
Your rights
Depending on where you live, you may have rights to access, correct, export, or delete your personal data, and to object to or restrict certain processing (GDPR for the EU/UK; CCPA/CPRA for California). To exercise any of these, email privacy@dynvo.ai. EU customers can request a Data Processing Addendum.
International transfers
Data is processed in the United States by default. Where data is transferred from the EU/UK, we rely on appropriate safeguards such as Standard Contractual Clauses. EU data residency is available on Enterprise.
Security
We protect your data with encryption in transit (TLS) and at rest, per-organization key isolation, least-privilege access, and audit logging of decryption. Dynvo staff have no standing access to your scan content; internal access requires explicit customer authorization and is logged. Report suspected issues to security@dynvo.ai.
Children
Dynvo is a tool for software teams and is not directed to anyone under 16. We do not knowingly collect data from children.
Changes to this policy
We may update this policy as the product evolves. Material changes will be announced in-product or by email, and the "Last updated" date above will change. Continued use after an update means you accept the revised policy.
Contact
Privacy questions: privacy@dynvo.ai. Security reports: security@dynvo.ai.