Company
Prilog.ai is operated by Prilog Inc. ("Prilog", "we", "us").
// effective date — 12 June 2026
Prilog.ai is operated by Prilog Inc. ("Prilog", "we", "us").
General: hello@prilog.ai
Support: support@prilog.ai
Privacy and legal: privacy@prilog.ai
Address: 2261 Market Street STE 12675, San Francisco, CA 94114, United States
This policy describes how we collect, use, and protect personal data for the Prilog.ai website, app, APIs, support, billing, and connected integrations.
Name, work email, role, and organization details provided when you request access or sign in.
Product interaction events, feature usage, device and browser details, and performance telemetry needed to run and improve the service.
Operational data you connect, such as logs, traces, metrics, error events, stack traces, repositories, code snippets, pull requests, tickets, alerts, and related configuration.
OAuth grants, installation identifiers, API tokens, webhook settings, and other credentials or configuration needed to connect systems you authorize.
Billing contact, legal name, country, tax identifiers, plan, usage, credits, invoices, receipts, and payment status. Payment methods are handled by our payment processor.
Messages you send through email, support chat, and product feedback channels, plus any survey responses you provide.
Cookie or local storage preferences, approximate country or locale from IP lookup, referral details, and website analytics events.
Deliver AI remediation workflows, correlate observability signals, draft fixes, and coordinate tickets, pull requests, and notifications.
Analyze connected signals and code context to produce summaries, suggested patches, test guidance, and review-ready workflow updates. Customer Data is not used to train foundation models or shared model-training datasets.
Sync data with source-control, observability, issue-tracking, chat, cloud, and support tools that you connect or instruct us to use.
Monitor for abuse, maintain service reliability, and protect our infrastructure.
Manage subscriptions, usage limits, credits, invoices, taxes, account administration, and customer communications.
Analyze usage and feedback to improve features, documentation, and customer experience, using aggregated or de-identified data where practical.
Processing required to provide the service and fulfill our agreement with you.
Operating, securing, and improving the service, balanced against your rights.
Marketing communications or optional analytics when required by law.
Compliance with applicable laws, accounting, and regulatory requirements.
We use vetted providers for hosting, analytics, support messaging, approximate locale detection, static font delivery, billing, SSO, and operational security.
AWS or other cloud infrastructure, PostHog EU analytics, Intercom support messaging, ipapi.co locale lookup, Google Fonts/static delivery, Stripe billing and payment processing where paid billing is used, and SSO providers such as Google, Microsoft, and GitHub when selected.
OpenAI, Anthropic, or customer-configured/self-hosted Ollama-compatible endpoints may process prompts, outputs, and relevant context only to provide requested remediation workflows.
Optional integrations include observability, logging, tracing, error monitoring, cloud logging, archives, event streams, source control, issue tracking, chat, notifications, and session-monitoring tools. Examples include Datadog, SigNoz, Grafana, New Relic, Sentry, Honeycomb, Splunk, Elastic, AWS, GCP, Azure, GitHub, GitLab, Bitbucket, Jira, Linear, Slack, Rollbar, Bugsnag, LogRocket, FullStory, Firebase Crashlytics, Instabug, and Embrace.
We may share data in connection with a merger, acquisition, or asset sale, subject to confidentiality.
Prilog-controlled service data is hosted and processed in the European Union where available. Customer-enabled integrations, AI/model providers, and support or billing providers may process data in other regions based on your configuration or the provider's infrastructure.
Where international transfers are required, we use appropriate safeguards such as adequacy decisions, Standard Contractual Clauses, or other lawful transfer mechanisms.
We retain account, usage, billing, support, and operational Customer Data for as long as needed to provide the service, comply with legal obligations, resolve disputes, and enforce agreements.
Integration tokens, credentials, and configuration are deleted or disabled when an integration is disconnected or when the account is terminated, subject to backup cycles and legal retention needs.
Upon termination, we delete or return Customer Data according to the DPA, your settings, and your documented instructions.
We maintain administrative, technical, and organizational measures including encryption in transit and at rest, monitoring, backups, incident response, vulnerability review, and secure development practices.
Access to Customer Data is limited to authorized personnel on a need-to-know basis using role-based access, least privilege, audit logging, and secrets protection.
You are responsible for choosing integrations, limiting submitted data, protecting your own credentials, and reviewing generated fixes before deploying them.
You may access, correct, delete, or restrict processing of your personal data. You may also object or request portability.
You may withdraw consent at any time where consent is the legal basis.
You may lodge a complaint with your local data protection authority.
We use PostHog EU for analytics and Intercom for support messaging to understand usage, answer requests, and improve the service. We do not sell personal data.
We may use ipapi.co for approximate country or locale detection, browser storage for language preferences, and Google Fonts or static font delivery for page rendering.
You can control cookies through your browser settings. Some features may not function without cookies.
We may update this policy and will post the updated version here with a new effective date.