koalr

Privacy Policy

Last updated: March 14, 2026

1. Who we are

Koalr, LLC. (“Koalr,” “we,” “us,” or “our”) operates the Koalr engineering intelligence platform at app.koalr.com and the marketing website at koalr.com. We are the data controller for personal data we collect about you.

Contact us about privacy matters at privacy@koalr.com.

2. What data we collect

We collect the following categories of data:

  • Account data: Email address, name, and organization name provided during sign-up via our authentication provider (Clerk).
  • GitHub OAuth data: Repository metadata, pull request data, commit history, CODEOWNERS files, and deployment events from repositories you authorize. We do not store raw source code.
  • Engineering metrics: DORA metrics, PR cycle time, deployment frequency, MTTR, on-call data, and coverage reports derived from your connected integrations.
  • Usage analytics: Feature usage patterns, page views, and session duration, collected using anonymized telemetry to improve the product.
  • Billing data: Payment information is processed directly by Stripe. We store only the last four digits of your payment method and billing email.

3. Legal basis for processing (GDPR)

For users in the European Economic Area, United Kingdom, and Switzerland, we process personal data on the following legal bases:

  • Contract performance: Processing necessary to provide the Koalr platform under our Terms of Service.
  • Legitimate interests: Product analytics, fraud prevention, and service security, where our interests do not override your fundamental rights.
  • Legal obligation: Processing required to comply with applicable law, including financial record-keeping.

4. Subprocessors

We share data with subprocessors that help us deliver the platform. A full list is available at koalr.com/legal/subprocessors. Key subprocessors include: Vercel (hosting), Railway (API and database infrastructure), Clerk (authentication), Anthropic (AI features), GitHub (source data), and Atlassian (Jira integration).

5. Data retention

Engineering metrics data is retained for the period covered by your subscription plan (30 days for Free, 90 days for Growth, 1 year for Business). Account data is retained for 30 days after account deletion. Audit logs are retained for 7 years for compliance purposes.

6. Your rights

You have the right to: access your personal data, correct inaccurate data, request deletion of your data, object to processing based on legitimate interests, request restriction of processing, and data portability. You may also lodge a complaint with your supervisory authority.

To exercise these rights, email privacy@koalr.com. We respond within 30 days.

7. International transfers

Koalr is incorporated in the United States. Data may be processed in the US and other countries where our subprocessors operate. We ensure appropriate safeguards are in place, including Standard Contractual Clauses for transfers from the EEA/UK to third countries.

8. Contact

For privacy inquiries: privacy@koalr.com