Privacy Policy

Last Updated: January 28, 2026

At FunctionFlow, we take your privacy seriously. This policy explains how we collect, use, and protect your information.

Data Collection and Usage

What We Collect

• GitHub account information (username, email, avatar) via OAuth
• Repository metadata (name, owner, description) that you explicitly add
• Parsed function metadata (structure, nodes, connections) for visualization
• Usage statistics (workflow views, function analyses)

What We Do NOT Collect

• We do NOT collect or store raw repository code - Code is fetched on-demand from GitHub API
• We do NOT use your code for AI model training - Your code is never used to train AI models
• We do NOT use your code for educational purposes - Your code remains private
• We do NOT share your data with third parties - Your data stays private

Data Ownership

You retain full ownership of your repository data. We only use your data to:

• Display functions in a visual node view for validation purposes
• Provide the visualization and auditing features you request
• Improve our service (using aggregated, anonymized usage data only)

You can delete your repositories and associated data at any time through the application interface.

Data Storage

• Repository code is fetched on-demand from GitHub API - we do not store raw code
• Only parsed function metadata is stored in our database
• Cached code is stored temporarily for visualization purposes only
• All data is stored securely using industry-standard encryption
• You can request complete data deletion at any time

GitHub Integration

When you connect your GitHub account, we request the following permissions:

• Read repository access - To fetch repository metadata and code
• Read user information - To display your GitHub username and avatar

We only access repositories that you explicitly add to FunctionFlow. We never access repositories you haven't added.

AI Processing

FunctionFlow uses a two-step approach to analyze your functions:

1. AST-Based Parsing: We first attempt to parse your code using static analysis (AST parsing) to extract nodes and edges programmatically. This method works for most standard function patterns.
2. AI-Powered Analysis: For complex functions that cannot be fully parsed with AST analysis, we use Claude Opus (Anthropic) to reconstruct function visualizations. Your code is sent to Anthropic's API for processing, but:

• Anthropic does not use your code for training their models
• We cache AI analysis results using code hashing to minimize API calls and costs
• Functions are only re-analyzed if the code changes (detected via hash comparison)
• You can see which functions used AI analysis in the visualization
• AI analysis is only used when AST parsing cannot fully reconstruct the workflow

Data Security

We implement industry-standard security measures:

• All data transmission is encrypted using HTTPS
• GitHub tokens are stored encrypted in our database
• Database access is restricted using Row Level Security (RLS)
• Regular security audits and updates

Your Rights

You have the right to:

• Access your data at any time
• Delete your account and all associated data
• Remove repositories from FunctionFlow
• Request a copy of your data
• Opt out of data collection (by not using the service)

Workflow Usage Tracking

FunctionFlow tracks your workflow usage to enforce subscription limits:

• Each new AI analysis of a function counts toward your monthly workflow limit
• Viewing already-synced workflows (cached in our database) does not count against your limit
• If AI analysis fails or is cancelled, the usage credit is returned to your account
• Usage resets monthly based on your subscription tier
• You can view your current usage in your profile dashboard

Contact Us

If you have questions about this privacy policy or wish to exercise your rights, please contact us.