Privacy Policy

Updated: December 11, 2025

What We Store

  • Account info: Your name and email for sign-in
  • Azure DevOps connection: Your PAT token, encrypted with AES-256-GCM
  • Review activity: Your votes and AI-generated suggestions
  • Analytics: Usage patterns and team stats

What We Don't Store

Your work items. We fetch them on-demand from Azure DevOps when you review. Your content stays on your system. You control which projects Storyloop can access.

Third-Party Services

We use Azure DevOps to fetch your work items, Azure OpenAI to generate suggestions, and GitHub or Microsoft for sign-in.

Data Sharing

We don't sell your data. We share it with the services above to make Storyloop work, or if legally required.

Security

  • PAT tokens encrypted with AES-256-GCM
  • All traffic over HTTPS
  • Database access restricted to authorized services

Deletion

Delete your workspace and we delete all associated data.