Tluma Privacy Policy

Tluma is a product of Devforth sp. z o.o. This Privacy Policy explains, at a high level, how Tluma and Devforth sp. z o.o. process data when you use the Tluma website, hosted Ask AI pages, the Tluma widget, or related maintainer tools.

Data We May Process

Depending on how you use Tluma, we may process:

• repository and project information, such as GitHub repository identifiers, repository URLs, and project metadata;

• conversation and session data, such as prompts, responses, timestamps, identifiers, token metrics, and operational metadata;

• browser or device information needed to deliver the service, debug issues, and protect the service;

• local browser identifiers used to keep chat continuity, such as a generated asker identifier and stored session identifiers;

• maintainer account information when a maintainer signs in with GitHub, including GitHub user ID, login, email address, avatar or profile information, and login timestamps.

How We Use Data

We may use data to:

• provide, run, and improve Tluma;

• load project-specific Ask AI experiences and widget sessions;

• authenticate verified maintainers through GitHub;

• protect Tluma, investigate abuse, and debug incidents;

• monitor uptime, performance, quality, and reliability;

• comply with legal obligations and enforce our terms.

Maintainer Visibility And Access

Tluma is designed so that raw end-user chat histories are not directly exposed to the public or to project maintainers through the normal Tluma product experience.

Project maintainers whose relationship to a project is verified through GitHub authentication may, however, be allowed to review general summaries, topical overviews, or other high-level descriptions of what conversations about their project are about.

In other words:

• regular users do not get direct access to other users' chat histories;

• verified maintainers are intended to receive general summaries rather than a direct raw-history browser for end-user chats;

• authorized Tluma or Devforth sp. z o.o. personnel may access stored data when reasonably necessary to operate, secure, support, debug, investigate abuse, or comply with legal obligations.

Browser Storage And Authentication State

Tluma may store limited identifiers in the browser to keep session continuity working. Maintainer authentication may also rely on signed authentication cookies after GitHub sign-in.

Security And Data Risk

We use reasonable efforts to protect Tluma, but no system is perfectly secure. We cannot guarantee absolute security, uninterrupted availability, or that data will never be lost, corrupted, delayed, disclosed, or accessed without authorization.

Retention

We may retain data for as long as reasonably necessary to operate Tluma, maintain continuity, improve reliability, investigate abuse, comply with legal obligations, or resolve disputes.

Your Choices

• Do not submit data you are not comfortable sharing with an online AI-enabled service.

• Avoid using Tluma as your only storage or archival location.

• If you are a maintainer, you may choose whether to authenticate with GitHub to access maintainer features.

Changes To This Policy

Tluma may update this Privacy Policy from time to time by publishing a revised version on the site. Continued use of Tluma after the revised policy becomes effective means you accept the updated version.