Last updated: March 6, 2026
When you use ReadMeForge, we collect: your email address if you sign up, the GitHub repository URLs you submit, and generated READMEs (cached for 24 hours to improve performance). We never store your repository source code.
Repository data is used exclusively to generate your README. We read files from your repository to understand the project structure, then discard them immediately after generation. We never use your code or READMEs to train AI models. Generated READMEs are cached keyed to the specific commit SHA for 24 hours to reduce API costs and improve response time.
For private repositories (Pro plan), we request read-only OAuth access to your GitHub account. We request the minimum scopes necessary:repofor reading private repository contents. We do not fork, star, modify, or write to your repositories (except creating PRs when webhooks are registered with your explicit permission).
Generated READMEs are retained in your account history until you delete them. Repository source code is never persisted. Rate limit counters are deleted after 7 days. If you delete your account, all associated data is permanently deleted within 30 days.
We use Supabase for database and authentication, Stripe for payment processing, and Anthropic's Claude API for README generation. Each service has its own privacy policy. Your repository content is sent to Anthropic's API for generation purposes only.
For privacy concerns, email us at privacy@readmeforge.dev.