Privacy Policy

Last updated: 1/10/2026

1. Introduction

Bug Buddy ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our feedback widget system and related services (the "Service").

We are based in the United Kingdom, and we store and process personal data for the Service in the United Kingdom as described below.

2. Information We Collect

2.1 Information You Provide

We collect information that you provide directly to us, including:

  • Account Information: When you create an account, we collect information such as your name, email address, and profile information from OAuth providers (GitHub, Google)
  • Project Information: Information about your projects, including project names, descriptions, and configuration settings
  • Feedback Content: Screenshots, annotations, descriptions, and other content you submit through the feedback widget
  • Contact Information: If you provide your name and email when submitting feedback

2.2 Automatically Collected Information

When you use the Service, we automatically collect certain information, including:

  • Usage Data: Information about how you interact with the Service, including pages visited, features used, and time spent
  • Device Information: Browser type, operating system, device type, and user agent information
  • Log Data: IP addresses, access times, and error logs
  • URL Information: The URL where feedback was submitted from

2.3 Third-Party Authentication

When you sign in using OAuth providers (GitHub or Google), we receive information from these providers in accordance with their privacy policies and your account settings. This may include your name, email address, profile picture, and other information you have authorized to share.

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Process and manage your account and projects
  • Create and manage GitHub issues when you use the integration feature
  • Send you notifications and updates about your feedback and projects
  • Respond to your inquiries and provide customer support
  • Monitor and analyze usage patterns and trends
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations and enforce our Terms of Service

4. How We Share Your Information

4.1 Service Providers

We may share your information with third-party service providers who perform services on our behalf, including:

  • Hosting and Infrastructure: We use cloud hosting services to store and process your data
  • Analytics: We use PostHog and similar analytics services to understand how the Service is used
  • File Storage: We use Vercel Blob and similar services to store screenshots and other files
  • Database Services: We use PostgreSQL databases to store your data

4.2 GitHub Integration

When you use the GitHub integration feature, we share feedback content with GitHub to create issues in your repositories. This information is subject to GitHub's Privacy Policy and Terms of Service.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in response to valid requests by public authorities (e.g., a court or government agency).

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

4.5 With Your Consent

We may share your information with your explicit consent or at your direction.

5. Data Storage and Security

5.1 Data Storage

Your data is stored and processed on secure servers and cloud infrastructure located in the United Kingdom. We use industry-standard security measures to protect your information, including encryption in transit and at rest.

5.2 Security Measures

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. However, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

5.3 Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. When you delete your account, we will delete or anonymize your personal information, subject to applicable legal requirements.

6. Your Rights and Choices

6.1 Access and Correction

You can access and update your account information at any time through your account settings in the Service.

6.2 Data Deletion

You can request deletion of your account and associated data by contacting us or using the account deletion features in the Service.

6.3 Opt-Out

You can opt out of certain communications from us by adjusting your notification preferences in your account settings.

6.4 Cookies and Tracking

Most web browsers are set to accept cookies by default. You can usually modify your browser settings to decline cookies if you prefer. However, this may prevent you from taking full advantage of the Service.

6.5 UK GDPR, GDPR, and other rights

If you are located in the United Kingdom or the European Economic Area (EEA), you may have additional rights under the UK GDPR (and, where applicable, the EU GDPR) and related data protection laws. If you are located in California, you may have additional rights under the California Consumer Privacy Act (CCPA). These may include:

  • The right to access your personal data
  • The right to rectify inaccurate data
  • The right to erasure ("right to be forgotten")
  • The right to restrict processing
  • The right to data portability
  • The right to object to processing
  • The right to withdraw consent

To exercise these rights, please contact us through the support channels provided in the Service.

7. Third-Party Services

The Service integrates with third-party services, including GitHub, Google, PostHog, and Vercel. These services have their own privacy policies, and we encourage you to review them. We are not responsible for the privacy practices of these third-party services.

8. Children's Privacy

The Service is not intended for children under the age of 13. We do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, please contact us immediately, and we will take steps to delete such information.

9. International Data Transfers

We store and process personal data for the Service in the United Kingdom. In limited cases, your information may be transferred to or processed in other countries (for example, when you choose to use third-party integrations such as GitHub or Google, or where a third-party service provider processes data on our behalf). Where we transfer personal data outside the United Kingdom, we take steps to ensure appropriate safeguards are in place in accordance with applicable data protection laws.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. Your continued use of the Service after such modifications constitutes your acceptance of the updated Privacy Policy.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us through the support channels provided in the Service.