CodeTrotter
Features Pricing Blog Sign in

Privacy Policy

Last updated: April 24, 2026

CodeTrotter ("we," "us," or "our") operates the CodeTrotter platform at codetrotter.dev and the CodeTrotter mobile application. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our services.

1. Information We Collect

Account Information

When you create an account, we collect:

  • Email address — for account authentication and communications
  • Name and profile information — from your GitHub profile via OAuth
  • GitHub username and avatar — to identify your account

Repository Data

When you generate a walkthrough, we access and index:

  • Repository metadata — name, description, language, file structure, and line-of-code statistics
  • Source code — file contents and code chunks indexed in our database for walkthrough generation and caching
  • Code symbols and relationships — function signatures, imports, and cross-file references extracted during indexing
  • Dependency information — package files and dependency trees

Repository source code and metadata are indexed and stored in our database to enable walkthrough generation, caching, and future performance improvements. This includes the actual file contents, code chunks, extracted symbols, and the commit SHA the index was built from.

AI-generated explanations of code nodes are cached in our database (the "explanation cache") to avoid redundant AI API calls when the same code is requested again. These cached explanations are keyed to a specific commit SHA and source hash, so they are invalidated when the underlying code changes.

Local filesystem copies of repositories are ephemeral: they are used only during the indexing process and deleted immediately after indexing completes.

Usage Data

We automatically collect:

  • Pages visited and features used
  • Device type, browser, and operating system
  • IP address (anonymized for analytics)
  • Walkthrough generation events and model selections

Payment Information

Payment processing is handled entirely by Stripe. We do not store credit card numbers or bank account details. We receive only a transaction reference and subscription status from Stripe.

2. How We Use Your Information

We use collected information to:

  • Provide and improve the CodeTrotter service
  • Authenticate your account and manage access
  • Generate code walkthroughs from repositories you authorize
  • Process payments and manage subscriptions
  • Send service-related communications (account, billing, security)
  • Analyze usage patterns to improve features and performance
  • Detect and prevent fraud, abuse, and security incidents

3. Third-Party Services

We use the following third-party services that may process your data:

  • GitHub (OAuth authentication, repository access) — Privacy Policy
  • Stripe (payment processing) — Privacy Policy
  • PostHog (product analytics) — Privacy Policy
  • OpenAI / Anthropic / Google (AI model providers for walkthrough generation) — your code is sent to the selected model provider's API for processing. Each provider has its own data handling policies. We use API configurations that do not allow providers to train on your data.
  • Cloudflare (hosting, CDN, DDoS protection) — Privacy Policy

4. Data Retention

  • Account data is retained as long as your account is active
  • Generated walkthroughs are stored for sharing purposes until you delete them or your account is closed
  • Indexed repository data — including source code files, code chunks, symbols, and repository metadata — is retained in our database indefinitely to support walkthrough generation and caching. This data is associated with a specific commit SHA and is superseded (not automatically deleted) when a newer commit is indexed.
  • Explanation cache — AI-generated explanations of code nodes — is retained indefinitely in our database. Cache entries are keyed to a specific commit SHA and source hash; when the underlying code changes and a new version is indexed, new cache entries are created for the updated code.
  • Local repository copies used during indexing are deleted immediately after indexing completes and are never retained on disk.
  • Usage analytics are retained for up to 24 months in anonymized form
  • Payment records are retained as required by tax and accounting regulations

Private repository source code is stored under the same retention regime as public repository source code. Access to private repository data is restricted to the account that authorized the repository. There is no separate retention period or storage treatment for private repositories — all indexed data persists in our database until manually deleted at your request.

You may request deletion of indexed repository data and associated explanation cache entries for repositories you own by contacting us at privacy@codetrotter.dev. We will process such requests within 30 days.

5. Your Rights

Depending on your location, you may have the following rights:

All Users

  • Access — request a copy of data we hold about you
  • Deletion — request deletion of your account and associated data
  • Correction — request correction of inaccurate data
  • Export — receive your data in a portable format

EU/EEA Residents (GDPR)

  • Right to restrict processing
  • Right to object to processing
  • Right to withdraw consent
  • Right to lodge a complaint with a supervisory authority

Our legal basis for processing personal data is: (a) your consent, (b) performance of a contract (providing the service), and (c) our legitimate interests in operating and improving the service.

California Residents (CCPA)

  • Right to know what personal information is collected
  • Right to delete personal information
  • Right to opt out of the sale of personal information
  • Right to non-discrimination for exercising your rights

We do not sell personal information to third parties.

6. Data Security

We implement industry-standard security measures including:

  • Encryption in transit (TLS) and at rest
  • OAuth-based authentication (no password storage)
  • Regular security reviews and dependency auditing
  • Access controls and least-privilege principles

No method of transmission or storage is 100% secure. If you discover a security vulnerability, please report it to security@codetrotter.dev.

7. Cookies

We use essential cookies for authentication and session management. Our analytics provider (PostHog) may use cookies or similar technologies to collect usage data. You can manage cookie preferences in your browser settings.

8. Children's Privacy

CodeTrotter is not intended for use by anyone under the age of 13. We do not knowingly collect personal information from children under 13. If we discover such data has been collected, we will delete it promptly.

9. International Data Transfers

Your data may be processed in countries other than your own, including the United States. We ensure appropriate safeguards are in place for cross-border transfers in compliance with applicable data protection laws.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. Your continued use of CodeTrotter after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or want to exercise your data rights, contact us at:

  • Email: privacy@codetrotter.dev
CodeTrotter

The pace of software has changed, we help you keep up.

Product

Features Pricing App

Resources

Blog

Legal

Privacy Terms

© 2026 CodeTrotter. For devs designing software.