Privacy Policy

Last updated: February 13, 2026

1. Introduction

Welcome to NeoRun ("we," "our," or "us"). We are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our services.

2. Information We Collect

We collect information in the following ways:

• Account Information: When you sign up, we collect your email address and authentication credentials (managed via Supabase Auth). If you sign in with GitHub, we receive your GitHub profile information and repository access tokens.
• Repository Data: When you deploy a project, we clone and analyze your repository code to generate build configurations. This analysis is performed by Google Gemini AI and our build agents.
• Usage Data: We collect anonymous analytics via Vercel Analytics and Speed Insights, including page views, session duration, and performance metrics.
• Cookies: We use essential cookies for authentication session management. We use Vercel Analytics which may set performance-related cookies. You can manage cookie preferences via the cookie banner.
• Container Data: Logs, build outputs, and runtime data from your deployed containers are stored temporarily for debugging and monitoring purposes.

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the NeoRun platform
• Analyze your repository code (via AI) to generate build configurations and Dockerfiles
• Authenticate you and manage your account
• Monitor and improve platform performance and reliability
• Send service-related notifications (build status, deployment alerts)
• Respond to support requests

4. AI Processing of Your Code

When you deploy a repository, your code is sent to Google Gemini AI for analysis. This analysis detects frameworks, dependencies, and generates optimized build plans. Google's AI processes your code according to their own privacy policy and data handling practices. We do not use your code to train AI models. The analysis results are stored in our database to enable quick redeployments.

5. Third-Party Services

We use the following third-party services that may process your data:

• Supabase: Database, authentication, and real-time features (hosted in the EU/US)
• Google Gemini AI: Code analysis and build plan generation
• GitHub API: Repository access, OAuth authentication
• Vercel: Frontend hosting, analytics, and speed insights
• Docker: Container runtime for deployed applications

6. Data Retention

We retain your account data for as long as your account is active. Build logs are automatically cleaned up after 30 days. Container data is deleted when you remove a pod. You may request deletion of your account and all associated data at any time.

7. Data Security

We implement security measures including encrypted secrets storage (via Supabase Vault with pgsodium AEAD encryption), Row-Level Security on all database tables, sandboxed container execution with gVisor, and HTTPS for all communications. However, no method of transmission over the Internet is 100% secure.

8. Your Rights

You have the right to:

• Access and export your personal data
• Request correction of inaccurate data
• Request deletion of your account and data
• Withdraw consent for optional data processing
• Object to data processing based on legitimate interests

9. Sharing Information

We do not sell your personal information. We only share information with your consent, to comply with laws, to provide you with services (via the third-party providers listed above), to protect your rights, or to fulfill business obligations.

10. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "last updated" date.