Effective Date: April 20, 2025
This Privacy Policy describes how Minovative Mind ("we," "us," or "our") collects, uses, and shares information from users ("you") of the Minovative Mind project (the "Application"), a Next.js application designed to analyze code repositories and provide AI-assisted insights, including interactive mapping and chat features. We are committed to protecting your privacy and ensuring the security of your information.
We collect information necessary to provide the features and functionality of the Application. This includes:
- Account Information: When you register and sign in using Firebase authentication (currently supporting GitHub OAuth), we collect your basic user identifier provided by Firebase. If you connect your GitHub account, we obtain a GitHub access token which is securely stored as an HTTP-only cookie in your browser and used by our backend to access your GitHub data. We do NOT store your GitHub Personal Access Token directly in our database or in your browser's local storage.
- GitHub Repository Data: To perform analysis, mapping, and provide contextual chat, we access and process data from the GitHub repositories you select and authorize. This may include:
- Repository metadata (name, owner, ID, privacy status, default branch)
- File and folder structure (names, paths, types, SHAs, sizes)
- File content (source code, configuration, documentation) for selected files, subject to size limits, to generate AI context and analysis results.
- Branch names and commit SHAs for the branches you interact with.
- Pull Request details (titles, authors, descriptions) and file change diffs, subject to size limits, for chat analysis.
- Issue details (titles, authors, descriptions, labels) for chat analysis.
- Usage Data & Interaction History: We collect data about your interactions with the Service to understand how features are used and improve functionality. This includes:
- Features accessed and usage patterns (e.g., which pages you visit, buttons clicked)
- The repositories and files you analyze or chat about.
- Search queries performed within the application.
- Timestamp and duration of sessions and specific actions.
- AI Chat Session History: Your chat conversations, including user messages and AI responses, are stored persistently in our Firebase Firestore database, linked to your user ID and the specific repository session.
- Code Analysis Results: The results of AI code quality analysis (rating, explanation, timestamp) are stored persistently in our Firebase Firestore database, linked to your user ID, the repository, and the specific file path.
- Tracked Repositories: When you interact with a repository on the map, we track its ID, name, and full name in our Firebase Firestore database, linked to your user ID, to make it easily accessible on your dashboard.
- Device Information: We may collect information about the device you use to access the Application, such as your IP address, browser type, operating system, and device identifiers.
- Cookies and Similar Technologies: We may use cookies and similar technologies to maintain your session and collect information about your browsing activity on the Application.
We use the information we collect to provide, maintain, and improve the Minovative Mind Service. This includes using your data for the following purposes:
- Providing Core Service Functionality: To fetch repository data from GitHub (via secure backend proxy using your token), generate the interactive repository map, display file content previews, perform AI code quality analysis, conduct AI chat sessions based on repository context (including PRs and Issues), manage branches, and display your tracked repositories and analysis history.
- Account Management: To authenticate you, manage your user profile (via Firebase), and provide customer support.
- Personalization: To tailor your experience, such as displaying your tracked repositories on the dashboard.
- Communication: To communicate with you about your account, the Service, updates, and respond to inquiries (e.g., via feedback submission).
- Service Improvement and Development: To analyze usage patterns, troubleshoot issues, test new features, conduct research, and develop new functionalities. Where possible, we use aggregated or anonymized data for these purposes.
- Security and Fraud Prevention: To protect the Service and our users from fraudulent, abusive, or unlawful activity, enforce our Terms of Use, and maintain the security and integrity of the Service.
- Compliance with Legal Obligations: To comply with applicable laws, regulations, legal processes, and governmental requests.
We share your information only in the following circumstances and with the following categories of recipients:
- Service Providers: We engage trusted third-party service providers to perform functions and provide services for us. We share only the information necessary for them to perform these services. These include:
- Firebase (Google): For user authentication, storing user profiles, tracked repositories, chat session history, and code analysis results. Your data stored here is linked to your user ID. Firebase Privacy Policy
- Google Gemini AI: We send code snippets, file content (subject to size limits), repository structure context, chat message history, Pull Request diffs, and Issue details to Google's Gemini AI models to perform code analysis, generate chat responses, and suggest chat titles. Google Privacy Policy
- GitHub API (via Octokit): We use your secure GitHub access token to fetch repository data (structure, file content, branches, commits, PRs, Issues) and, with your authorization, create branches or submit feedback issues on our repository. This is done via a backend proxy; your token is not directly exposed to the frontend. GitHub Privacy Statement
These service providers are contractually obligated to protect your information and only use it for the purposes we specify, in compliance with their own privacy policies. - Feedback Submissions: If you use the feedback feature, the content of your feedback, your user ID, and any selected labels will be submitted as an Issue on our private GitHub repository.
- Aggregated or Anonymized Data: We may share aggregated or anonymized data that cannot reasonably be used to identify you. For example, we may publish trends about the types of files most often analyzed or the frequency of feature usage.
- Legal Requirements: We may disclose your information if required to do so by law, legal process, or governmental request, or to protect the rights, property, or safety of Minovative Mind, our users, or the public.
- Business Transfers: If we are involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such transfer and any changes to the privacy policy governing your information.
We are committed to protecting your information and employ a combination of technical, administrative, and physical security measures designed to protect your information. These measures include:
- Secure GitHub Token Handling: Your GitHub access token is stored as a secure, HTTP-only, SameSite=Lax cookie via a backend API route and is NOT stored in local storage. All GitHub API calls requiring the token are proxied through our backend.
- Firebase Security: Leveraging the security features provided by Firebase Authentication and Firestore, including access controls and planned implementation of detailed Firestore security rules.
- Data Size Limits: Implementing size limits for fetching file content and preparing AI context to mitigate risks associated with processing excessively large data.
- AI Safety Configurations: Utilizing safety settings on AI model calls to help mitigate the generation of harmful or inappropriate content.
- Encryption: We use encryption to protect your information during transmission and storage where appropriate.
- Access Controls: We restrict access to your information to authorized personnel who need it to perform their job functions.
While we strive to use commercially acceptable means to protect your information, no method of transmission over the Internet or method of electronic storage is 100% secure. Therefore, we cannot guarantee the absolute security of your information.
We retain your personal information for as long as necessary to provide the Service, maintain your account, and fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.
- Account Data: Information associated with your user account is retained as long as your account is active. If you delete your account, we will delete or anonymize your personal information as soon as possible, unless retention is required for legal compliance.
- AI Chat Session History: Your chat history is retained as long as you have an active account and until you choose to delete specific chat sessions or your entire account.
- Code Analysis Results: Code analysis results are retained as long as you have an active account and until you choose to delete the analysis data for specific repositories or your entire account.
- Tracked Repositories: The list of repositories you track is retained as long as your account is active and until you choose to untrack a repository or delete your entire account.
You have certain rights regarding your personal information, subject to applicable law. These may include the right to:
- Access: Request access to the personal information we hold about you.
- Correction: Request correction of inaccurate or incomplete personal information.
- Deletion: Request deletion of your personal information, including your user account, stored chat session history, and code analysis results. Note that deleting data may affect the functionality of the Service.
- Object: Object to our processing of your personal information under certain circumstances.
- Restrict Processing: Request that we restrict the processing of your personal information under certain circumstances.
- Data Portability: Request a copy of your personal information in a structured, commonly used, and machine-readable format.
- Withdraw Consent: If we process your information based on your consent, you may withdraw your consent at any time.
To exercise these rights, please contact us using the contact information provided below. We will respond to your request in accordance with applicable law.
The Application is not intended for children under the age of 13. We do not knowingly collect personal information from children under the age of 13. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us, and we will take steps to delete such information.
Your information may be transferred to and processed in countries outside of your country of residence, including the United States, where our service providers are located. These countries may have data protection laws that are different from the laws of your country. We will take steps to ensure that your information is protected in accordance with this Privacy Policy and applicable laws, including implementing appropriate safeguards where necessary.
We may update this Privacy Policy periodically to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will post the updated Privacy Policy on the Application and update the "Effective Date" at the top of this policy. We encourage you to review this Privacy Policy whenever you access the Service to stay informed about our information practices and the ways you can help protect your privacy. Your continued use of the Service after the updated policy becomes effective constitutes your acceptance of the changes.
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:
Minovative Technologies
support@minovativemind.dev