DevieraDeviera
DevieraDeviera

Privacy Policy

Last updated: April 1, 2026

1. Introduction and Data Controller

Welcome to Deviera. This Privacy Policy explains how Ihab Hamdy, the individual owner and operator of Deviera ("we," "our," or "us"), collects, uses, discloses, and safeguards your information when you use the Service at deviera.dev.

Data Controller: Ihab Hamdy, operating as Deviera. For data-related inquiries, contact us at privacy@deviera.dev.

Please read this Privacy Policy carefully. If you do not agree with its terms, please do not access or use the Service.

2. Information We Collect

2.1 Information from Third-Party Services

When you sign in using GitHub, we collect:

  • Your GitHub username and profile information
  • Your email address associated with your GitHub account
  • Your GitHub avatar/profile picture
  • Access tokens to interact with GitHub on your behalf

2.2 Information You Provide

We collect information that you voluntarily provide when using the Service:

  • Tasks, projects, and notes you create
  • Automation rules and workflows you configure
  • Integration settings and preferences
  • Comments and collaboration data

2.3 Automatically Collected Information

When you use the Service, we automatically collect:

  • Device information (browser type, operating system)
  • Usage data (features used, time spent, interactions)
  • Log data (IP address, access times, pages viewed)
  • Cookies and similar tracking technologies

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the Service
  • Authenticate your identity and manage your account
  • Process and sync your tasks, projects, and data
  • Connect with third-party services (GitHub, Linear, Jira, GitLab, ClickUp, Vercel, Slack) on your behalf
  • Send you notifications about your tasks and automation triggers
  • Improve and optimize the Service
  • Analyze usage patterns and trends
  • Detect, prevent, and address technical issues and security threats
  • Respond to your inquiries and support requests
  • Comply with legal obligations

4. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

4.1 Third-Party Integrations

When you authorize integrations with third-party services (e.g., GitHub, Linear, Jira, GitLab, ClickUp, Vercel, Slack), we share necessary information to provide the integration functionality. These services have their own privacy policies.

4.2 Service Providers

We may share your information with service providers who perform services on our behalf, such as:

  • Cloud hosting and infrastructure providers
  • Database and storage services
  • Analytics services
  • Authentication services

4.3 Legal Requirements

We may disclose your information if required by law or in response to valid requests by public authorities.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

5. Data Security

We implement appropriate technical and organizational security measures to protect your information:

  • Encryption of all data in transit using TLS/HTTPS
  • AES-256 encryption of OAuth tokens and integration secrets stored in the database
  • Secure authentication using OAuth 2.0
  • Regular security audits and updates
  • Access controls and authentication requirements
  • Secure cloud infrastructure (Supabase with encryption at rest at the infrastructure level)

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to protect your information, we cannot guarantee absolute security.

6. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

  • Account data: Retained for the duration of your account, plus 30 days after deletion to allow recovery
  • Billing records: Retained for 7 years as required by applicable financial regulations
  • Signal / event data: Retained per your plan (Free: 30 days; Pro: 90 days; Team: 180 days; Enterprise: configurable)
  • Audit logs: Retained for the duration of your subscription on eligible plans
  • Security logs: Retained for 90 days for fraud prevention and security incident response

When you delete your account, we will delete or anonymize your personal information within 30 days, except where retention is required by law or for legitimate business purposes such as resolving disputes or enforcing our agreements.

7. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access: Request access to your personal information
  • Correction: Request correction of inaccurate or incomplete data
  • Deletion: Request deletion of your personal information
  • Portability: Request a copy of your data in a portable format
  • Objection: Object to our processing of your personal information
  • Restriction: Request restriction of processing your data
  • Withdraw Consent: Withdraw consent at any time where we rely on consent

To exercise these rights, please contact us through the Service or our support channels.

8. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to:

  • Maintain your session and keep you logged in
  • Remember your preferences and settings
  • Analyze usage and improve the Service
  • Provide security features

You can control cookies through your browser settings. However, disabling cookies may affect the functionality of the Service.

9. Third-Party Links

The Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies.

10. Children's Privacy

The Service is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us.

11. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have different data protection laws. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after any changes constitutes your acceptance of the new Privacy Policy.

13. California Privacy Rights

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA), including:

  • Right to know what personal information is collected
  • Right to know whether personal information is sold or disclosed
  • Right to opt-out of the sale of personal information
  • Right to deletion of personal information
  • Right to non-discrimination for exercising CCPA rights

14. GDPR Privacy Rights

If you are a resident of the European Economic Area (EEA), you have data protection rights under the General Data Protection Regulation (GDPR). We process your data based on:

  • Your consent
  • Performance of a contract with you
  • Compliance with legal obligations
  • Our legitimate interests

15. Contact and Data Requests

For questions, concerns, or to exercise your privacy rights, contact us:

We will respond to verifiable data subject requests within 30 days (or within the timeframe required by applicable law). We may need to verify your identity before processing your request.

If you are located in the EEA and believe we have not adequately addressed your privacy concern, you have the right to lodge a complaint with your local data protection authority.

← Back to Sign In