Last updated: January 2025
Welcome to Ciallo's privacy policy. We know privacy policies can be tedious to read, filled with legal jargon that makes your eyes glaze over. We'll try to keep this as straightforward as possible while still covering everything we need to. Think of this as a conversation about how we handle your information when you interact with projects that use Ciallo.
You might be reading this because you submitted a bug report, feature request, or other feedback to a project that uses Ciallo for automated issue management. Ciallo is an AI agent that helps development teams handle community feedback more efficiently. When you submit an issue or comment, Ciallo may be the first to respond, helping to categorize your feedback, request additional information, or connect your report to related issues. This policy explains what information Ciallo processes about you, how that information is used, and how we protect your privacy.
Ciallo is operated by sdjz.wiki Lab, an independent technology collective. We provide automation tools that help open source and team projects manage community feedback at scale. We're not a data broker or advertising company. We don't make money by selling your information or building profiles about you. We exist to help development teams respond to their communities more effectively, and we take the privacy responsibilities that come with that seriously.
When we say "we," "us," or "our" in this policy, we're referring to sdjz.wiki Lab and the Ciallo service. If you have questions about how your information was handled by Ciallo, you can reach us at shuakami@sdjz.wiki. We're real people, and we genuinely want to help address your concerns.
When you submit an issue, comment, or other feedback to a project using Ciallo, we process information about that interaction. This includes the content of your issue or comment, your username or display name as shown on the platform, the timestamp of when you submitted it, and any technical details you included like error messages, screenshots, or system information. If Ciallo responds to ask clarifying questions, we process your replies as well. This is all information that's already visible on the public issue tracker, and Ciallo processes it to help the project team understand and respond to your feedback effectively.
Here's what makes Ciallo different from many systems: we actively work to minimize the amount of personally identifiable information we retain. When Ciallo learns from your issue to improve its responses in the future, it strips away who you are and focuses on what the problem was and how it was solved. Our internal knowledge base stores patterns like "when users report this error message on MacOS, it's usually related to this component," not "user XYZ reported this issue." Your username appears in communications back to you and in the public issue thread, but it doesn't become part of a permanent profile we build about you.
Your information is used to help the project team respond to your feedback efficiently. When you submit an issue, Ciallo reads it to understand what you're reporting, searches the project's code to help diagnose the problem, and checks if other users have reported something similar. It then labels your issue appropriately, estimates its priority, and may link it to related reports so the team can see the bigger picture. If Ciallo determines your issue is similar to one that's already been reported, it will let you know and create a connection between the reports, ensuring your feedback isn't lost even if the issues get merged.
Ciallo may also communicate with you directly. If your issue is missing information the team needs to help you, Ciallo might reply asking for clarification, additional details, or steps to reproduce the problem. It uses standardized templates to keep these requests clear and professional. As your issue moves through the workflow, Ciallo might send you updates about its status or let you know when it's been addressed in a fix. All of these communications happen in the public issue thread where your original report lives.
Finally, your feedback helps improve Ciallo's effectiveness over time. After handling your issue, Ciallo creates a de-identified summary of what it learned. This might include patterns like "this type of error message usually indicates this kind of problem" or "users reporting issues on this platform often need this specific piece of information." These learnings help Ciallo get better at helping future users, but they don't include information about who you are. We'll never sell your information to anyone. Our business model is providing automation services to development teams, not monetizing user data.
One of Ciallo's core design principles is maximizing de-identification of your information. When Ciallo processes your issue or comment, it distinguishes between what needs to remain attributed to you and what can be anonymized. Your username stays visible in the public conversation with you and in the issue thread where attribution matters. However, in Ciallo's internal learning systems, we strip away identifying information whenever possible. When Ciallo stores a memory about a bug pattern you reported, it records the technical details and solution, not your identity.
This approach serves several purposes. It protects your privacy by ensuring Ciallo doesn't build a persistent profile about you across multiple projects or interactions. It prevents our systems from learning biases based on who reports what kind of issues. It keeps the focus on technical patterns rather than tracking people. And it means that if our systems were ever compromised, very little personally identifiable information would be exposed. We believe this is the right way to build an AI system that processes community feedback, treating you as someone with valuable information to share, not as a data point to be tracked.
The information we process about you is stored on secure servers with industry-standard encryption. We take reasonable precautions to protect it from unauthorized access, disclosure, alteration, and destruction. This includes encrypted connections when communicating with issue tracking platforms, strict access controls on who can view production data, regular security audits, and monitoring for suspicious activity. However, we need to be honest: no system is perfectly secure. While we do everything we can to protect your information, we can't guarantee absolute security against determined attackers or catastrophic failures.
We retain information about your interactions only as long as necessary for the purposes described in this policy. Your issue content and communications remain visible in the public issue tracker as long as the project chooses to keep them there, which is outside our control. In Ciallo's internal systems, we keep operational logs for a limited time to help debug problems and improve the service. De-identified learnings from your interactions may be retained indefinitely in our knowledge base, but these don't include information that identifies you personally. If a project stops using Ciallo, we delete their project-specific data within a reasonable timeframe, though anonymized learnings may be retained.
To provide Ciallo's automated assistance, we work with several third-party service providers. When you submit an issue, your text may be processed by AI language models to understand what you're reporting and generate appropriate responses. These AI providers see the content of your issue, but we strip out unnecessary identifying details when possible before sending data to them. We also use cloud hosting providers to run Ciallo's infrastructure and store operational data. We choose partners who have strong privacy practices and use contracts to require them to protect your information.
It's important to understand the limits of our control. Once your information is sent to a third-party service for processing, that service's own privacy policy governs how they handle it. We choose partners carefully based on their privacy commitments, but we can't control their internal practices. If you're concerned about which third parties might process your information when you interact with Ciallo, feel free to reach out and ask. We're happy to explain our current setup and discuss any concerns you have.
You have rights regarding the information Ciallo processes about you. If you have concerns about how Ciallo handled your issue or communication, you can reach out to us directly and we'll work with you to address them. Depending on where you live, you may have legal rights under data protection laws like GDPR in the European Union or CCPA in California. These might include the right to access what information we hold about you, request corrections if something is wrong, or ask us to delete your personal data.
We'll honor these rights to the extent we legally can and practically can. However, there are some important limitations to understand. Since your issue or comment is posted on a public issue tracker, that's where it primarily lives. We can delete information from our internal systems, but we can't remove your public posts from the project's issue tracker, that's controlled by the project maintainers. Additionally, anonymized learnings derived from your interactions may be retained because they no longer identify you personally. If you want to exercise any privacy rights, contact us and we'll explain what we can do and work with you to address your concerns.
In most cases, you interact with Ciallo indirectly, through the project's issue tracker. You submit an issue or comment on a platform like GitHub, and Ciallo processes that information to help the project team. We don't typically set cookies on your browser or track you across websites. The information we process comes from what you post publicly on the issue tracker. If Ciallo ever develops a direct user interface that you log into, we'll update this policy to explain how that works, but for now, your interaction with Ciallo happens through the project platforms you're already using.
The internet is global, and open source projects have contributors and users from around the world. When you submit an issue to a project using Ciallo, your information may be transferred to, stored in, and processed in countries other than your own. These countries may have different data protection laws than where you live. We take reasonable steps to ensure your information remains protected according to this policy regardless of where it's processed, but you should understand that cross-border data transfer is an inherent part of participating in global online communities.
We may update this privacy policy from time to time as Ciallo evolves, as laws change, or as we find better ways to explain our practices. When we make changes, we'll update the "Last updated" date at the top of this policy. If we make significant changes that materially affect how we handle your information, we'll post a notice about the changes and, where required by law, seek your consent. We won't quietly change the rules on you.
Since most users interact with Ciallo indirectly through project issue trackers, we rely on projects using Ciallo to help inform their communities about significant changes. If you're concerned about staying informed, you can check back here periodically or reach out to ask about recent updates.
If you have questions about this privacy policy, concerns about how Ciallo processed your information, or want to exercise your privacy rights, we're here to help. You can reach us at shuakami@sdjz.wiki, and we'll respond as promptly as we can. We genuinely care about getting this right, and your feedback helps us do that.
This policy represents our commitment to treating you with respect when you interact with projects using Ciallo. We built this tool to make open source collaboration more efficient, not to surveil or exploit the people who make that collaboration happen. Your contributions to projects are valuable, and you deserve to know how your information is handled. We'll do our best to honor that.