1. Data Controller
Revisor is operated by:
2. What Data We Process
2.1 Pull Request Diffs (Transient)
When a pull request is created or updated, Revisor reads the PR diff from the Bitbucket API and sends it to your configured AI provider for review. This data is:
- Transmitted directly from Atlassian Forge infrastructure to the AI provider
- Not stored by Revisor — it is processed in-memory during the review and discarded
- Subject to the AI provider's own data processing policies (see Section 5)
2.2 Workspace & Repository Identifiers
Revisor stores workspace slugs, repository slugs, and pull request IDs in Atlassian Forge storage to track review state and prevent duplicate processing. These are Bitbucket identifiers, not personal data.
2.3 API Keys (Encrypted)
API keys you provide for AI providers are stored as encrypted secrets in Atlassian Forge storage. They are never logged, never transmitted to any party other than the configured AI provider, and are deleted when the app is uninstalled.
2.4 Trial Usage Counters
For trial mode users, we store a review count and aggregate token count in Forge storage. These are anonymous counters with no personal data.
2.5 Repository Instructions
If you use the custom instructions feature (.bitbucket/instructions), the consolidated rules are stored in Forge storage associated with your repository. These are deleted when the app is uninstalled.
3. What We Do NOT Collect
- No personal data — we do not collect names, email addresses, or user profiles
- No analytics — no Google Analytics, Mixpanel, Segment, or any third-party tracking
- No cookies — this website and the Forge app set no cookies
- No telemetry — no usage tracking beyond the minimal trial counters described above
- No advertising — no ad networks, no retargeting pixels
4. Infrastructure
Revisor runs entirely on Atlassian Forge, Atlassian's serverless compute platform. All data processing occurs within Forge's infrastructure. We do not operate our own servers.
Forge provides:
- Encrypted secret storage for API keys
- Isolated execution environment per app
- Automatic data deletion on app uninstall
For details on Forge's security model, see Atlassian Forge Security.
5. AI Provider Sub-Processors
When Revisor reviews a pull request, it sends the PR diff to the AI provider you have configured. The data is subject to that provider's privacy policy:
| Provider | Privacy Policy |
|---|---|
| Anthropic | anthropic.com/privacy |
| OpenAI | openai.com/privacy |
| Google (Gemini) | policies.google.com/privacy |
| Mistral | mistral.ai/privacy-policy |
| DeepSeek | deepseek.com/privacy |
| Alibaba (Qwen) | alibabacloud.com/privacy-policy |
You choose which provider processes your data. Revisor only sends data to the single provider you have selected in your workspace settings. No data is sent to providers you have not configured.
6. Legal Basis for Processing
We process data under Article 6(1)(b) GDPR — processing necessary for the performance of a contract (providing the code review service you have installed and configured).
7. Data Retention
- PR diffs: Not retained. Processed in-memory and discarded immediately after the AI review completes.
- Settings and API keys: Retained in Forge storage until you change them or uninstall the app.
- Trial counters: Retained in Forge storage until the app is uninstalled.
- Repository instructions: Retained in Forge storage until the app is uninstalled.
Uninstalling Revisor from your workspace permanently deletes all stored data.
8. International Data Transfers
PR diff data may be transferred to AI providers located outside the European Economic Area (EEA), depending on which provider you configure. Each provider's data transfer mechanisms are governed by their own privacy policy (see Section 5). You are responsible for ensuring your chosen provider meets your compliance requirements.
9. Your Rights Under GDPR
As a data subject in the EU, you have the right to:
- Access — request a copy of any data we hold about you
- Rectification — request correction of inaccurate data
- Erasure — request deletion of your data (or uninstall the app)
- Restriction — request limitation of processing
- Portability — request your data in a machine-readable format
- Objection — object to processing of your data
To exercise any of these rights, contact us at . We will respond within 30 days.
You also have the right to lodge a complaint with the Polish data protection authority (UODO) at uodo.gov.pl.
10. Changes to This Policy
We may update this policy from time to time. Material changes will be noted with an updated "Last updated" date at the top of this page. Continued use of Revisor after changes constitutes acceptance.
11. Contact
For any privacy-related questions or requests: