Privacy Policy

Account Information: When you create a Koalr account, we collect your name, email address, and organization details. If you sign up via GitHub OAuth or SAML SSO, we receive the profile information you authorize.

Usage Data: We collect information about how you use Koalr, including feature usage, page views, and interaction patterns. This helps us improve the product and provide a better experience.

Integration Data: When you connect third-party tools such as GitHub, Jira, or Linear, we sync metadata about your development process. This includes pull request titles, commit metadata (author, timestamp, message), issue status, and review activity. We do not access or store your source code, file contents, or commit diffs.

Koalr is designed to analyze your development process, not your code. We do not collect:

• Source code content or file contents
• Commit diffs or patch data
• Keystrokes or typing patterns
• Screen recordings or screenshots
• Browser history outside of the Koalr application

We take the security of your data seriously. All data is encrypted at rest using AES-256 encryption and in transit using TLS 1.3. Our infrastructure is hosted on Amazon Web Services (AWS) in the US-East-1 region.

We are currently pursuing SOC 2 Type II certification, with completion expected in Q3 2026. Our security practices include regular penetration testing, vulnerability scanning, and access controls based on the principle of least privilege.

We use the following third-party services to operate Koalr. Each provider is selected for their strong security posture and compliance standards:

• Clerk — Authentication and user management
• Stripe — Payment processing and subscription billing
• Anthropic — AI-powered insights and recommendations. Your data is not used to train Anthropic's models.
• Resend — Transactional email delivery

We retain your account data and associated engineering metrics for as long as your subscription is active. If you close your account or your subscription expires, we will delete your data within 30 days of account closure.

Aggregated, anonymized metrics may be retained for industry benchmarking purposes. These metrics cannot be traced back to any individual user, team, or organization.

You have the right to:

• Access your personal data and engineering metrics
• Export your data in standard formats (CSV, JSON)
• Delete your account and all associated data
• Opt out of AI-powered features while continuing to use core metrics

To exercise any of these rights, contact us at privacy@koalr.com or use the data management tools in your account settings.

Koalr uses essential cookies by default to maintain your session, remember your preferences, and ensure the platform functions correctly. These cookies are strictly necessary and cannot be disabled.

We may use analytics cookies to understand how visitors use our marketing site. Analytics cookies are only set with your explicit consent and can be managed through our cookie preferences dialog.