1. Introduction
These Terms of Service govern access to and use of SafeCommit, a software service that helps engineering teams identify potential privacy, AI governance, and data-handling risks in GitHub pull requests and related engineering workflows.
2. Service description
SafeCommit analyzes pull request changes and related technical content to identify potential risks, including personal data in logs, raw customer data sent to AI systems, risky third-party API sharing, missing redaction, excessive data exposure, and retention-related concerns.
SafeCommit provides technical risk signals and recommendations. SafeCommit does not provide legal advice and does not guarantee compliance with GDPR, EU AI Act, UK GDPR, CCPA, HIPAA, SOC 2, ISO 27001, or any other law, regulation, or standard.
3. Access and authorization
SafeCommit currently operates through GitHub pull request analysis and does not require users to create separate SafeCommit login accounts. You are responsible for ensuring that any GitHub repository, pull request, code snippet, or metadata submitted to SafeCommit is submitted with proper authorization.
You must not submit repositories, PR diffs, code, secrets, credentials, or other content that you are not authorized to process or analyze.
4. Customer Content
“Customer Content” means pull request diffs, source code snippets, patch files, repository metadata, branch names, commit metadata, status check data, comments, configuration files, and other materials submitted to SafeCommit for analysis. You retain all rights to Customer Content and grant SafeCommit a limited right to process Customer Content solely to provide, maintain, secure, and improve the service.
5. Acceptable use
- Do not submit data you are not authorized to process.
- Do not use the service to violate laws or third-party rights.
- Do not attempt unauthorized access or disrupt the service.
- Do not submit secrets, credentials, or sensitive data unless strictly necessary for analysis.
- Do not treat findings as legal, security, or compliance advice.
6. AI analysis and limitations
SafeCommit may use automated rules and AI models to analyze Customer Content. Findings may be incomplete, inaccurate, or context-dependent. You are responsible for reviewing findings before relying on them or using them to make production, compliance, or security decisions.
7. Beta and early access
Some features may be provided as beta, preview, or early access features. Beta features may be changed, suspended, or discontinued at any time. Early access users may be asked to provide feedback to improve detection quality and product usability.
8. Fees and payment
Fees, billing cycles, and payment terms are agreed separately in an order form, invoice, checkout page, or written agreement. Unless otherwise agreed, fees are non-refundable and payable in advance.
9. Confidentiality
Each party may receive non-public information from the other. The receiving party will use reasonable care to protect confidential information and use it only for purposes related to the service.
10. Security
SafeCommit will use reasonable technical and organizational measures designed to protect Customer Content. No system is completely secure.
11. Disclaimers
The service is provided “as is” and “as available.” SafeCommit disclaims warranties to the maximum extent permitted by law.
12. Limitation of liability
SafeCommit will not be liable for indirect, incidental, special, consequential, exemplary, or punitive damages. SafeCommit’s total liability will not exceed fees paid in the three months before the event giving rise to liability, unless a separate written agreement states otherwise.
13. Contact
Questions can be sent through the or by contacting SafeCommit directly.