Privacy Policy

What we collect

When you use Roast My Stack, we collect the following data:

• GitHub username — submitted by you to trigger an analysis. We only access publicly available GitHub data (repositories, languages, stars, followers, contribution activity). We never request private data or GitHub authentication.
• Email address (optional) — if provided, used solely to notify you when your analysis is ready or when re-analysis is available.
• IP address hash — a one-way hash of your IP address used for rate limiting (5 analyses per day). We do not store raw IP addresses.
• Payment data — if you purchase a Deep Roast, payment is processed entirely by Stripe. We never see or store your card details.

How we use your data

• To generate your developer profile analysis using AI (OpenAI)
• To display your analysis results to you
• To send email notifications (if you provided your email)
• To populate the public leaderboard (username, archetype, score only)
• To enable the optional README badge feature

Data retention

Analyses are automatically deleted after 30 days, except your most recent roast per username which is preserved for progress tracking. You can request deletion of your data at any time by contacting us.

Third-party services

• OpenAI — your public GitHub data is sent to OpenAI's API for analysis. See OpenAI's privacy policy.
• PostHog — we use PostHog for anonymous product analytics. No personal data is shared with PostHog.
• Stripe — payment processing for Deep Roast purchases. See Stripe's privacy policy.
• Cloudflare — CDN and security. See Cloudflare's privacy policy.

Cookies

We use essential cookies for session management and CSRF protection. PostHog may set analytics cookies. No advertising cookies are used.

Your rights

You have the right to access, correct, or delete your personal data. To make a request, contact us at the email below.