← Back to Dashboard

Privacy Policy

Last updated: March 18, 2026

1. Overview

The CushLabs OS Dashboard ("the Service") is an internal operations tool that displays live GitHub repository analytics. This policy explains what data the Service accesses, how it is used, and how it is protected.

2. Data We Access

When you authenticate via GitHub OAuth, the Service accesses:

  • Your GitHub profile information (name, email, avatar)
  • Repository metadata (names, descriptions, languages, stars, topics)
  • Commit statistics (contributor counts per repository)
  • Repository visibility and archived status
  • Homepage URLs (deployment indicators)

3. Data We Do Not Store

The Service does not:

  • Store repository data in any database or cache
  • Log API responses or user activity
  • Share data with third parties
  • Use tracking pixels, analytics scripts, or advertising cookies
  • Access source code content from your repositories

All GitHub data is fetched live at request time and exists only in memory during the server response. Nothing persists between page loads.

4. Authentication

The Service uses GitHub OAuth for authentication. Your GitHub access token is stored server-side in an encrypted JWT session cookie. The token is never exposed to client-side JavaScript, never logged, and never transmitted to any service other than the GitHub API.

OAuth scopes requested: read:user and repo.

5. Cookies

The Service uses a single session cookie:

  • next-auth.session-token — encrypted JWT containing your session data. Expires when you sign out or close your browser. No tracking cookies, no analytics cookies, no third-party cookies.

6. Local Storage

The Service stores one preference in your browser's local storage:

  • theme — your light/dark mode preference ("light" or "dark"). No personal data. Deletable via browser settings.

7. Infrastructure

The Service is hosted on Vercel. Server-side functions execute in Vercel's infrastructure. Vercel's privacy practices are governed by their own privacy policy.

8. Your Rights

You can at any time:

  • Sign out to end your session and clear the session cookie
  • Revoke the OAuth app's access at GitHub Settings > Applications
  • Clear local storage via browser developer tools

9. Contact

For privacy-related questions, contact: info@cushlabs.ai