GRUG NOT SELL YOU. GRUG NOT EAT COOKIE. GRUG STORE LEAST POSSIBLE. YOU OWN YOUR CODE. GRUG NOT SELL YOU. GRUG NOT EAT COOKIE. GRUG STORE LEAST POSSIBLE. YOU OWN YOUR CODE.
Privacy · plain talk

Grug see code.
Grug not see you.

// Grug only look at what Grug need to look at. Nothing else. Grug not sell you, not feed you to ad-man, not train cousin LLM on your private repo. Read in caveman. Or read in lawyer. Both say same thing.

EFFECTIVE 24 MAY 2026 Last updated: today
Grug speak
01 · what grug take

What Grug take.

Grug take your GitHub login. Grug take name of repo and PR Grug check. Grug take diff so Grug can crush bug. Grug take email so Grug can shout when build break.

Grug not take your full repo. Grug not take your branches Grug not look at. Grug not take your other tabs.

02 · why grug take

Why Grug take.

Grug take diff because Grug must read code to find bug. If Grug not read code, Grug not find bug. If Grug not find bug, why you pay Grug.

Grug take email so Grug can tell you when bug found. Grug not write you about other thing.

03 · how long grug keep

How long Grug keep.

Diff stay in Grug cave 30 days. Then Grug burn diff in fire. Check Run result stay one year so you see history.

If you delete account, Grug burn everything in seven day. No begging Grug to come back.

04 · who grug share with

Who Grug share with.

Grug share with nobody. Grug have small cave. AWS hold cave. Stripe hold money. That all.

Grug not sell you to ad-man. Grug not train big LLM cousin on your code. Grug pinky promise.

05 · cookie

Grug eat cookie?

Grug eat one cookie. Cookie say "you are signed in". No tracker cookie. No ad cookie. Grug not even like sugar.

06 · your rights

What you can do.

You say "Grug, show me data". Grug show. You say "Grug, delete data". Grug delete. You say "Grug, give me data in JSON". Grug give. Email grug@grug.lol. Grug answer in seven sun.

07 · self-host

Or run Grug in your cave.

Don't trust Grug cave? Run Grug in your own cave. Grug is AGPL. Pulumi up. Fifteen minute. Your data never leave your VPC. Grug bring his own club.

Human speak
01 · what we collect

Data we collect.

  • GitHub account: handle, email, avatar, org list
  • Repos you install Grug on (name + visibility flag)
  • The PR diff and metadata of every Check Run Grug performs
  • Billing details via Stripe (we never see the card number)
  • Coarse usage analytics (no IP fingerprinting, no third-party trackers)
02 · why

Why we collect it.

To do the job. Grug needs the diff to review the diff, your email to notify you about failures, and your org list to scope which repos you can configure. That's it.

03 · retention

Retention windows.

  • Raw diff payloads: 30 days, then deleted
  • Check Run results & summaries: 12 months
  • Billing records: as required by tax law (~7 years)
  • Account deletion: full purge within 7 days
04 · subprocessors

Who else touches it.

  • AWS (us-east-1) — primary hosting
  • Stripe — payment processing
  • Postmark — transactional email
  • No advertising networks. No data brokers. No LLM training partnerships.
05 · cookies

What we set.

One first-party session cookie (grug_sid), HttpOnly, SameSite=Lax, 30-day rolling expiry. No marketing cookies. No third-party scripts that set cookies.

06 · your rights

GDPR / CCPA rights.

You can request access, export (JSON), correction, or deletion of your data at any time by emailing grug@grug.lol. We respond within 7 business days. EU/UK users may lodge complaints with their local DPA.

07 · self-hosting

The opt-out.

The entire Grug codebase is AGPL-3.0. Run it on your own infrastructure and this policy stops applying — your data never reaches Grug servers. See the self-host guide.

// summary
data_collected   :: minimum required for service
data_sold        :: never
data_for_training:: never
data_retention   :: 30 days raw / 12 months results
opt_out          :: self-host (AGPL-3.0)
contact          :: grug@grug.lol

Grug guard your code.
Grug not watch you.