Privacy Policy

Account information: When you register, we collect your name, email address, and (optionally) your organisation name.

Pipeline & log data: When a CI/CD pipeline failure is ingested — either via our API or through OAuth-connected repository monitoring — we receive and process the error log excerpts you or your CI system sends us. We do not read or store full source code files.

Usage data: We collect information about how you interact with the platform — pages visited, features used, and actions taken — to improve the product.

Payment information: Billing is handled by Stripe, Inc. We do not store credit card numbers or full payment details on our servers. We receive only a tokenised reference from Stripe.

Communication data: If you contact us via email or the contact form, we retain that correspondence to respond and improve our support.

• To provide, operate, and maintain the FixMyBuild platform
• To analyse pipeline failure logs using AI and return root-cause results to you
• To send transactional emails (failure alerts, invite notifications, password resets)
• To process payments and manage your subscription via Stripe
• To detect, prevent, and address technical issues or abuse
• To improve our AI models and product features using anonymised, aggregated usage data
• To respond to your enquiries and support requests
• To comply with legal obligations

Log excerpts and failure analysis data are retained according to your plan:

• Free plan: 7 days
• Pro plan: 90 days
• Business plan: Unlimited (until account deletion)

Account information is retained for as long as your account is active. Upon account deletion, your personal data is permanently removed within 30 days, except where we are required to retain it for legal or financial compliance purposes.

We do not sell your personal information. We share data only with the following categories of trusted third parties:

• Stripe, Inc. — payment processing
• AI/LLM service providers — for analysing pipeline log excerpts (logs are not associated with your personal identity when sent for analysis)
• Cloud infrastructure providers — for hosting and database storage
• Analytics services — using anonymised, aggregated data only

All third-party processors are contractually required to handle data in accordance with applicable data protection laws.

We use cookies and similar tracking technologies to:

• Maintain your authenticated session
• Remember your theme preference (dark/light mode)
• Measure usage patterns to improve the platform (analytics cookies)

You can control cookie settings through your browser. Disabling session cookies will prevent you from logging in.

We implement industry-standard security measures to protect your data:

• All data in transit is encrypted using TLS (HTTPS)
• Passwords are hashed using BCrypt with a work factor of 12
• API keys are stored as SHA-256 hashes — the plain-text key is shown only once at creation
• Refresh tokens use 64-byte cryptographically random values, SHA-256 hashed in storage
• Database access is restricted to application-layer services only

No method of electronic transmission or storage is 100% secure. We strive to protect your data but cannot guarantee absolute security.

Depending on your location, you may have the following rights regarding your personal data:

• Right to access — request a copy of the data we hold about you
• Right to rectification — request correction of inaccurate data
• Right to erasure — request deletion of your personal data
• Right to restriction — request that we limit processing of your data
• Right to data portability — receive your data in a machine-readable format
• Right to object — object to processing based on legitimate interests
• Right to opt out of sale — we do not sell personal data

To exercise any of these rights, contact us at seemakakadiya@gmail.com. We will respond within 30 days.

FixMyBuild is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us immediately.

Your data may be processed in countries outside your own. We ensure that any such transfers comply with applicable data protection laws, including the use of Standard Contractual Clauses where required under GDPR.

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or via a prominent notice in the product. The “Last updated” date at the top of this page reflects the most recent revision.

If you have questions, concerns, or requests regarding this Privacy Policy, please contact us: