Privacy Policy

Last Updated: April 25, 2026

FirstQA is committed to protecting your privacy. We collect only the minimum information necessary to provide our QA services. We do not sell your data to third parties.

1. What We Collect

When you use FirstQA, we may collect:

• Account information — GitHub username, email address, and OAuth tokens used to authenticate and connect your tools
• Repository data — PR diffs, commit metadata, and changed file contents, processed in memory to generate QA analysis
• Ticket data — Linear and Jira ticket content submitted for analysis
• Usage data — commands triggered, features used, and performance metrics to improve the Service
• Contact information — name and email provided via forms (support, early access, contact)
• Test execution data — environment URLs and context parameters passed with /qa testrun commands

2. How We Use Your Data

• To deliver QA analysis and browser test execution on your pull requests and tickets
• To post results as PR comments and GitHub Check Runs
• To communicate with you about your account, support requests, and the Service
• To improve the accuracy and performance of Ovi's AI analysis
• To send product updates and early access communications (you can unsubscribe at any time)

3. Code and Repository Access

FirstQA has read-only access to your repository contents. Code is processed in memory for analysis purposes and is never permanently stored. We only write PR comments and Check Run results back to GitHub — we never modify your code.

4. AI Processing

Code diffs and ticket content are sent to AI providers to generate QA analysis. Data sent to AI providers is subject to their respective privacy policies. We do not allow AI providers to use your code or content to train their models.

5. Data Sharing

We do not sell or rent your personal data. We may share data with:

• Service providers — infrastructure, AI, and browser automation providers necessary to operate the Service
• Legal requirements — if required by law, court order, or to protect our rights

6. Data Retention

Account data is retained as long as your account is active. Analysis results posted to GitHub are subject to GitHub's retention policies. You can request deletion of your FirstQA account data at any time.

7. Security

All data is transmitted over HTTPS/TLS. We use industry-standard security practices to protect your data. Access to production systems is limited to authorized personnel.

8. Your Rights

• Request access to the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your account and associated data
• Unsubscribe from marketing communications at any time

9. Cookies

We use session cookies to maintain your authenticated state. We do not use tracking or advertising cookies.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or through the Service. Continued use after changes constitutes acceptance of the updated policy.

11. Contact

For privacy-related questions or data requests, contact us at privacy@firstqa.dev or via the Contact page.