Privacy Policy

Pulsar Deploy ("we", "us", "our") is committed to protecting your privacy. This policy explains what information we collect, how we use it, and your rights regarding your data.

Pulsar Deploy is a self-hosted deployment platform. Your code, build artifacts, and environment variables are stored on infrastructure you own and control — they never pass through our systems.

When you use Pulsar Deploy, we collect the following:

• GitHub account information (username, email, avatar) — provided by GitHub during OAuth authentication
• Repository metadata — repository names, branch names, and commit messages needed to process deployments
• Build logs — generated during the deployment process and stored on your server
• Usage data — deployment counts, build durations, and error messages for analytics within your own instance
• IP addresses — logged for security and rate limiting purposes

We use the information we collect to:

• Authenticate you via GitHub OAuth
• Process and manage your deployments
• Send transactional emails (deploy success, deploy failure, SSL provisioning alerts)
• Monitor the health of your deployed projects
• Enforce rate limits and prevent abuse
• Improve the Pulsar Deploy platform

All data is stored on the server you designate when setting up Pulsar Deploy. We implement the following security measures:

• Environment variables are encrypted at rest using AES-256-GCM
• Authentication tokens use JWT with HMAC-SHA256 signing
• GitHub OAuth tokens are encrypted before storage
• All API traffic is served over HTTPS with TLS 1.2 or higher
• Passwords are never stored — we use GitHub OAuth exclusively

Pulsar Deploy uses the following cookies:

• access_token — a short-lived JWT (1 hour) used to authenticate your session
• refresh_token — a long-lived token (30 days) used to issue new access tokens

These cookies are strictly necessary for the service to function. We do not use tracking, advertising, or analytics cookies.

Pulsar Deploy integrates with the following third-party services:

• GitHub — for OAuth authentication and repository access. Subject to GitHub's Privacy Policy.
• Let's Encrypt (Certbot) — for SSL certificate provisioning. No personal data is shared.

We do not sell, rent, or share your personal information with any third parties for marketing purposes.

We retain your data for as long as your account is active. If you delete a project, all associated deployment history, build logs, and environment variables are permanently deleted. If you delete your account, all data associated with your account is permanently removed from the database.

You have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your data
• Export your data in a machine-readable format
• Withdraw consent for data processing at any time

To exercise any of these rights, contact us at team@pulsardeploy.com.

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or by displaying a notice on the platform. Continued use of Pulsar Deploy after changes constitutes acceptance of the updated policy.

If you have questions or concerns about this Privacy Policy, contact us at team@pulsardeploy.com.