BrainIt.dev

Privacy Policy

Last updated: June 2026

Summary

BrainIt scans your GitHub repositories to generate agent-ready documentation. We collect the minimum needed to do that: your GitHub account identity, an OAuth access token, and the generation results you create. We do not sell your data.

What we collect

  • Account identity — your GitHub username and the email associated with your authenticated session.
  • GitHub OAuth token — captured at sign-in and stored so we can call the GitHub API on your behalf to read repository metadata and source files during a scan. It is requested with the read:user and repo scopes.
  • Generation data — the repositories you select, the mechanical scan result, and the documents produced. These are stored on your account so you can revisit them.

How we use it

Your GitHub token is used only to fetch the repository data required for a scan. Source excerpts and the compact scan are sent to Google's Gemini API solely to write the documents you requested; embeddings, when computed server-side, use the embedding model. We do not use your code to train models.

Storage & security

Data is stored in Supabase (PostgreSQL) with row-level security, so each user can only access their own rows. Access is over TLS. The GitHub token is stored to enable repeat scans; you can revoke BrainIt's access at any time from your GitHub settings (Settings → Applications → Authorized OAuth Apps), which invalidates the token.

Third-party services

  • GitHub — authentication and repository access.
  • Supabase — authentication, database, and storage.
  • Google Gemini — document and embedding generation.

Your rights

You can delete your generations at any time, and revoking the GitHub OAuth grant stops all further access. To request deletion of your account and associated data, contact us at the email below.

Contact

Questions about this policy? Email hello@brainit.dev.