Privacy Policy

Last updated: March 2026

Who We Are

RepoLens is operated by VeriduxLabs (guy.ruvio@gmail.com). RepoLens is a GitHub repository health dashboard that analyzes public (and optionally private) repositories for security vulnerabilities, outdated dependencies, maintenance signals, and code quality.

Information We Collect

When you use RepoLens, we collect:

  • GitHub repository URLs: We store the repository URLs you submit for analysis.
  • Health scores and analysis results: Computed health scores are cached to speed up repeat analyses.
  • GitHub OAuth tokens: If you connect your GitHub account for private repository analysis (Pro feature), we securely store your OAuth access token. This token is only used to read repository data you authorize.
  • Analytics data: Anonymous usage analytics through Veridux Analytics.

GitHub Data Access

For public repositories, RepoLens uses the GitHub API to read publicly available repository metadata, files, and commit history. No authentication is required for this.

For private repositories (Pro feature), we request read-only access through GitHub OAuth. We only access repositories you explicitly authorize. We read repository metadata, dependency files, security advisories, and commit history to compute health scores. We do not modify your repositories, create issues, or make any write operations.

How We Use Your Information

We use collected data to:

  • Analyze repository health across security, dependency, maintenance, and quality dimensions
  • Cache health scores for faster subsequent lookups
  • Authenticate your GitHub account for private repo access
  • Improve the accuracy and coverage of health assessments

Third-Party Services

RepoLens uses the following third-party services:

  • GitHub API: Repository data retrieval and OAuth authentication.
  • Supabase: Database storage for cached analysis results and user accounts.
  • Vercel: Application hosting and serverless infrastructure.
  • Veridux Analytics: Anonymous usage analytics operated by VeriduxLabs.

Data Retention

Cached health scores are retained to improve performance. GitHub OAuth tokens are stored securely and retained as long as your account is active. You can revoke RepoLens access at any time through your GitHub settings (Settings > Applications > Authorized OAuth Apps), which immediately invalidates the stored token.

Data Security

We use industry-standard security measures including encrypted connections (HTTPS), secure token storage, and access controls on our database. GitHub OAuth tokens are stored with encryption at rest.

Your Rights

You can revoke GitHub access at any time through your GitHub account settings. You can request deletion of all your data by contacting us. We will remove your account, cached results, and OAuth tokens within 30 days.

Changes to This Policy

We may update this privacy policy from time to time. Changes will be posted on this page with an updated revision date.

Contact Us

For privacy-related questions, contact us at privacy@veridux.ai.