Friendly.Reviewer
Home Agent CLI Benchmark Customize MCP Login

Privacy Policy

In force as of June 20, 2026

The purpose of this Privacy Policy is to inform users of the FriendlyReviewer platform (hereinafter "the Platform") about the methods of collection, processing, security, and retention of their personal data, in accordance with the General Data Protection Regulation (GDPR) and the French Data Protection Act (Loi Informatique et Libertés).

1. Data Controller

The data controller for personal data is Marc Hugon, Sole Proprietor (Entrepreneur Individuel EI), publisher of the website friendlyreviewer.fr and the FriendlyReviewer Platform.

Contact Email: admin@friendlyreviewer.fr

2. Data Collected, Purposes, and Legal Basis

In accordance with Article 13 of the GDPR, the Publisher lists below the data collected, its purposes, and the legal basis legitimizing its processing:

Account Data Email address.
Purpose Account creation, authentication, technical support.
Legal Basis Performance of a contract (necessary to provide you with access to the service).
Service Notifications Alert emails, credit expiration notifications.
Purpose To ensure the tracking and proper execution of your credit consumption.
Legal Basis Legitimate interest of the Publisher to inform users of the status of their consumption rights.
Transaction and Billing Data Purchase history of credit packs, name, billing address. Credit card payment data is processed exclusively, in an encrypted and secure manner, by our payment provider Stripe.
Purpose Sales management, accounting, and fraud prevention.
Legal Basis Legal obligation (French tax and accounting compliance) and Legitimate interest in payment security.
Access Tokens and Third-Party APIs (GitHub, GitLab, Jira, Linear)
Purpose To allow the application to analyze the semantic context, read Pull Requests, and automatically publish AI feedback on them.
Legal Basis Performance of a contract (at the explicit request of the user who connects their tools).
API Authentication Keys (Usage via IDE / Developer Tools / Vibe Coding Workflows) A unique token generated following authentication via a third party (e.g., GitHub). This applies specifically when the developer using the tool in their local workflow is distinct from the account administrator.
Purpose To identify the developer during automated analysis requests from their local environment/IDE (as a skill, workflow, etc.) and to verify in real-time that they hold valid access or Pull Request creation rights on the relevant repository before performing the review.
Security & Legal Basis The Publisher guarantees never to store a cleartext copy of this key. It is saved locally in the developer's environment. Only a cryptographic fingerprint (hash) is retained on our servers for technical validation. Legal Basis: Performance of a contract.

3. Specific Processing of Source Code (Security Guarantees)

The source code submitted by users undergoes highly secure, transitory processing:

Immediate Deletion: The entirety of the raw source code extracted for analysis is immediately and permanently deleted from the volatile memory and servers of the Platform as soon as the execution of the code review is finalized. No history of the original code is persistently retained.

Semantic Knowledge Base: To optimize the relevance of code reviews across versions, the Platform generates and stores an abstract knowledge base. This base is strictly limited to high-level metadata (textual descriptions of file intent, technical keywords, dependencies). No lines of raw source code, functions, or algorithms are stored in this base.

4. Data Sharing and Framework for Transfers Outside the EU (AI Models)

To generate code reviews, the necessary text snippets are transmitted via encrypted connections (APIs) to third-party artificial intelligence infrastructure providers: OpenRouter, Alibaba Cloud, and DeepSeek.

The Publisher guarantees to exclusively use professional paid API services whose contractual terms strictly prohibit the use of submitted data for training or refining public AI models.

These operations involve a secure cross-border transfer of data outside the European Union (notably to the United States, Singapore, or China). These transfers are governed by the contractual confidentiality guarantees provided by each of these suppliers within their professional terms of service (APIs), including, where available, the Standard Contractual Clauses (SCCs) of the European Commission.

5. Retention Periods and Purge Policy

In Event of Account Deletion: If the user decides to delete their account through their dashboard interface, all account data and access tokens are permanently purged and deleted from our servers within a maximum period of thirty (30) days.

In Event of Account Inactivity: Any user account that has recorded no activity (login or credit purchase) for a consecutive period of twenty-four (24) months will be considered inactive. After sending a reminder notification that remains unanswered, the account and its associated access tokens will be automatically and permanently deleted.

Billing Data: In accordance with the French Commercial Code (Code de commerce), invoices and associated transaction data are retained for a period of ten (10) years to comply with legal obligations.

6. Your Rights (GDPR)

In accordance with European regulations, you have the following rights regarding your personal data:

  • Right to access and rectify your data.
  • Right to erasure (right to be forgotten).
  • Right to restriction of processing and right to object to processing.
  • Right to data portability in a structured format.

To exercise these rights, or for any questions regarding the processing of your data, you can send a clear request to the dedicated email address: admin@friendlyreviewer.fr.

If you feel, after contacting us, that your rights are not being respected, you have the right to lodge a complaint with the CNIL (Commission Nationale de l'Informatique et des Libertés).

Terms of Service Privacy Policy Legal Notice

Built for teams who prefer useful reviews.