Privacy Policy

Last updated: February 20, 2026

This Privacy Policy describes how Tome HQ ("we") collects, uses, and protects your information when you use Tome ("the Service").

1. Information We Collect

Account information: Email address, GitHub username
Payment information: Processed by Stripe. We do not store credit card numbers.
Repository data: Code diffs, file trees, and documentation content accessed via GitHub API during analysis. This data is processed transiently and not stored long-term.
Usage data: API requests, scan results, documentation gaps detected

2. How We Use Your Information

To provide and improve the Service
To process payments
To communicate about your account and service updates
To detect and prevent abuse

3. Data Sharing

We do not sell your data. We share data only with:

Stripe for payment processing
GitHub for repository access (using your granted permissions)
LLM providers (xAI/Anthropic) for diff analysis — code snippets are sent for analysis but not stored by us beyond the request

4. Data Retention

Account data is retained while your account is active. Code diffs are processed transiently. Activity logs and gap reports are retained for the lifetime of your project. You may request deletion by contacting us.

5. Security

We use HTTPS encryption, secure API key storage, and follow security best practices. Repository access tokens are stored encrypted.

6. Your Rights

You may request access to, correction of, or deletion of your personal data at any time by emailing support@tomehq.net.

7. Changes

We may update this policy. We will notify users of material changes via email.

8. Contact

Questions? Email support@tomehq.net