Privacy Policy

Last updated: March 5, 2026

What we collect

When you create an account, we store your GitHub username, email address, and OAuth tokens necessary for authentication.

When you run the CLI, we collect:

• Profiling metadata — endpoint latencies, query counts, and timing data. This is used for billing and to generate your optimization report.
• Usage data — which commands you run, framework detected, and run status (success/failure). This helps us improve the product.

What we do not collect

Mikiri runs locally on your machine. We do not collect your source code, database contents, or application data. Code snippets are sent directly to the LLM provider (OpenAI) for analysis and are subject to their privacy policy. On the Team plan with BYOK, even LLM calls go to your own provider.

How we use your data

• To authenticate you and manage your account
• To bill for runs and track credit usage
• To improve Mikiri's detection and analysis capabilities

Data storage

Account data and profiling metadata are stored in a PostgreSQL database hosted on infrastructure we control. Data is encrypted in transit (TLS) and at rest.

Third parties

• GitHub — for OAuth authentication
• OpenAI — code snippets are sent for LLM analysis (unless BYOK)
• Supabase — for authentication services
• Cloudflare — for hosting and CDN

Data deletion

You can request deletion of your account and all associated data by emailing charles@mikiri.dev.

Contact

Questions about this policy? Email charles@mikiri.dev.