Privacy Policy

Last Updated: January 14, 2025

At GitHunt ("we," "us," or "our"), we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website https://githunt.ai and use our services.

1. Information We Collect

1.1 Information You Provide

We collect information that you voluntarily provide to us when you:

• Use our search service: Search criteria including location, programming languages, and skills
• Make a purchase: Email address for report delivery (payment details are handled securely by Stripe)
• Contact us: Name, email address, and message content via our contact form

1.2 Automatically Collected Information

When you visit our website, we automatically collect certain information:

• Analytics Data: Through Google Analytics, we collect anonymized data about your visit including pages viewed, time spent, browser type, and referring website
• Cookies: We use essential cookies for functionality and analytics cookies (see Cookie Policy below)
• Technical Data: IP address (anonymized), device information, and browser type

1.3 Public GitHub Data

Our service analyzes publicly available GitHub profiles and repositories. We do not store this data permanently; it's processed in real-time to generate reports for our users.

2. How We Use Your Information

We use the collected information for the following purposes:

• Service Delivery: To search GitHub and generate developer talent reports based on your criteria
• Payment Processing: To process your payments securely through Stripe
• Report Delivery: To send you the purchased reports via email
• Customer Support: To respond to your inquiries and provide support
• Analytics: To understand how users interact with our website and improve our services
• Legal Compliance: To comply with applicable laws and regulations

3. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

• Consent: When you consent to analytics cookies through our cookie banner
• Contract Performance: When processing payments and delivering reports you've purchased
• Legitimate Interest: For website analytics, fraud prevention, and service improvement
• Legal Obligation: To comply with applicable laws and regulations

4. Data Sharing and Disclosure

We do not sell your personal information. We share your data only with trusted third-party service providers:

4.1 Service Providers

• Stripe: Payment processing (subject to Stripe's Privacy Policy)
• Google Analytics: Website analytics with IP anonymization
• Resend: Email delivery service for reports and communications
• AWS (Amazon Web Services): Cloud hosting and infrastructure
• GitHub API: To access public GitHub profiles and repositories

4.2 Legal Requirements

We may disclose your information if required by law, legal process, or to protect our rights and safety.

5. Data Storage and Security

We implement appropriate technical and organizational measures to protect your personal data:

• Encryption: All data transmitted is encrypted using SSL/TLS
• Access Controls: Strict access controls limit who can access personal data
• Secure Infrastructure: Data is stored on secure AWS servers
• CSRF Protection: Our contact forms use CSRF tokens to prevent malicious submissions

5.1 Data Retention

• Search Queries: Not permanently stored; processed in real-time
• Purchase Records: Retained for accounting and legal compliance (7 years)
• Generated Reports: Stored for 30 days for re-download, then permanently deleted
• Contact Form Messages: Retained for customer support purposes

6. Cookies and Tracking Technologies

We use cookies to enhance your experience on our website:

6.1 Essential Cookies

Required for website functionality (cannot be disabled):

• Session cookies for maintaining your search state
• CSRF protection tokens

6.2 Analytics Cookies

Used to understand website usage (can be disabled via cookie banner):

• Google Analytics cookies with IP anonymization

6.3 Managing Cookies

You can control cookies through our cookie consent banner and your browser settings. Note that disabling cookies may affect website functionality.

7. Your Rights Under GDPR

If you are in the European Economic Area (EEA), you have the following rights:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your data ("right to be forgotten")
• Right to Restriction: Request limitation of processing
• Right to Data Portability: Receive your data in a structured format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for analytics cookies at any time

To exercise these rights, please contact us at privacy@githunt.ai.

8. International Data Transfers

Your data may be transferred to and processed in countries outside the EEA, including the United States. We ensure appropriate safeguards are in place:

• AWS data centers with GDPR-compliant data processing agreements
• Standard Contractual Clauses (SCCs) for data transfers
• Service providers certified under EU-U.S. Data Privacy Framework where applicable

9. Children's Privacy

Our services are not directed to individuals under 16 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

10. Third-Party Links

Our website contains links to third-party websites (e.g., GitHub profiles). We are not responsible for the privacy practices of these websites. We encourage you to review their privacy policies.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on our website or sending you an email. The "Last Updated" date at the top indicates when this policy was last revised.

12. Contact Us

13. Supervisory Authority

If you are in the EEA and have concerns about our data processing practices, you have the right to lodge a complaint with your local data protection authority.