Last updated: May 2025
When you connect your GitHub account, Arbor reads your public repository metadata (names, languages, commit activity, star counts) via the GitHub REST API. We never read private repositories or repository contents beyond what the GitHub public API returns.
We store your GitHub login, display name, email address (from your GitHub profile), and avatar URL.
When a peer submits feedback on your work, we store their attestation responses linked to your account. Rater identity is kept private from your public profile.
For every rater session we record the IP address and User-Agent string for abuse prevention. These are not shared with other users and are purged after 30 days.
We log every call made to our AI provider (Anthropic) — including the prompt and response — for debugging and billing purposes. These logs are retained for 90 days.
When we send you an email we record delivery status, bounces, and unsubscribe events.
Your GitHub data is used to generate a skill assessment and public developer profile. Peer attestations are used to cross-validate and strengthen that assessment. Nothing is sold or used for advertising.
IP and User-Agent data is used only to detect and block abuse of the peer feedback system.
We do not use analytics, advertising, or social tracking pixels.
You may request access to, correction of, or deletion of your account data at any time. To delete your account, go to Settings and use the delete account link, or email us at the address below.
If you are in the EU or California, you have additional rights under GDPR and CCPA respectively. Contact us to exercise them.
Questions or requests: support@arbor.fyi