Last updated: 2 May 2026 ยท This is a best-effort private-beta policy. Subject to change before GA.
What fuggit stores
From your Google sign-in: display name and avatar URL only. We do not persist your email, phone, real name, or address.
Repository data you push: git objects (commits, trees, blobs) and ref tips. These live in our Google Cloud Storage bucket and Firestore in us-central1.
SSH public keys you enrol, hashed personal access tokens (PATs), audit-log entries for actions you take, and CI run metadata.
Waitlist email if you submit it on the homepage. This goes by email to the operator and is not persisted in fuggit.
What fuggit does not store
Your email address. The Google ID token we verify carries it; we do not write it to disk.
Phone number, address, real name (beyond display name).
Cookies for tracking, advertising, or analytics. Session state lives in your browser's localStorage only.
Anything received via fuggit-marketplace apps. Apps speak to fuggit's API; their own data lives on their own infrastructure.
Where it lives
Single Google Cloud project fuggit-dev in us-central1. Operators are matt@jupitersoft.net. There is no other backup destination today.
Deletion + export
Until self-service endpoints land (tracked at #196), email matt@jupitersoft.net from your enrolled Google address and we'll remove your account and all associated repos, branches, CI runs, SSH keys, PATs, audit entries within 30 days.
Subprocessors
Google Cloud Platform (compute, storage, identity, secret manager).
Resend (transactional email โ only fires for waitlist signup notifications today).