Back to Lunegit

Privacy Policy

Last updated
June 1, 2026
Applies to
lunegit.com, Lunegit downloads, and report intake APIs
Language
English is the authoritative version. Translations are for convenience only.

Information Lunegit may collect

Lunegit collects only the information needed to provide downloads, receive feedback, investigate bugs, diagnose crashes, secure the intake API, and operate the private owner dashboard.

  • User-written feedback, bug summaries, reproduction notes, and optional contact details when you choose to include them.
  • Coarse app context such as Lunegit version, operating system family and version, architecture, feature area, source, and timestamps.
  • Server-side abuse-prevention data such as install and IP hashes, rate-limit events, duplicate fingerprints, and rejection reasons.
  • Optional bug-report log attachments when attachment intake is enabled and you explicitly send one.

Information Lunegit tries not to collect

The desktop app and intake service are intended to avoid sensitive Git or machine data unless you manually include it in a message. Server-side validation, size limits, and redaction are used to reduce accidental collection.

  • Credentials, tokens, passwords, cookies, API keys, or other secrets.
  • Repository contents, diffs, patches, staged changes, or commit message bodies.
  • Remote URLs with embedded user info or full local repository paths.
  • Plaintext copies of accepted log attachments after server-side compression.

How information is used

Report data is used to understand product issues, prioritize fixes, reply when contact information is provided, detect spam or abuse, keep intake systems reliable, and maintain an audit trail for sensitive admin actions.

Website and server logs are used for security, reliability, and operational debugging. Request bodies are not logged by default.

Bug report attachments

Attachment intake, when enabled, accepts one plain text log file for bug reports. Attachments are size-limited, checked for unsafe content, compressed on the server, and stored privately. The owner dashboard shows attachment metadata first and downloads files as text only.

Service providers and sharing

Lunegit may use hosting, database, storage, rate-limiting, and authentication providers to run the service, including Vercel, Neon Postgres, Upstash Redis, Vercel Blob, and Clerk for owner authentication. These providers process information only as needed to operate Lunegit.

Lunegit does not sell personal information or share report content for advertising.

Retention

Current retention targets are 180 days for submissions, 30 days for attachments, 365 days for admin notes and audit events, 90 days for rate-limit and rejection events, and 24 hours for duplicate fingerprints. These targets may change as operational tooling matures.

Security

Lunegit uses server-side validation, install-scoped credentials, rate limits, duplicate detection, redaction, private attachment storage, and owner-only admin access. No internet service can be guaranteed perfectly secure, but privacy and abuse prevention are treated as core design requirements.

Your choices

You can choose not to send feedback, bug reports, crash notes, or attachments. If you include contact information in a report, it is used only to follow up about that report. To ask about a report or privacy request, contact the project owner through izzat.dev.

Changes to this policy

This page may be updated when Lunegit adds new features, changes service providers, or changes data retention practices. The updated date above will change when the policy changes.