GDPR Compliance

Last updated: March 22, 2026

1. Introduction

This document describes how the PR macOS application (“Application”) complies with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) for users in the European Union and European Economic Area.

The Application is developed and published by Instoll Inc., a company registered in Japan.

2. Data Controller and Processor Roles

2.1 Instoll Inc. as Data Controller

Under the GDPR, a data controller determines the purposes and means of processing personal data. For code review functionality, the Application processes data locally on your device and Instoll Inc. does not act as a data controller for that data. However, for subscription and licensing features, Instoll Inc. acts as a data controller for the personal data it collects and stores on its licensing server, including your email address, license key, subscription status, and payment metadata. Instoll Inc. also acts as a data controller for crash report and performance data collected via Sentry (see section 2.3).

2.2 Third-Party Data Controllers

When you use the Application, your data is transmitted to third-party services that act as independent data controllers:

• GitHub (Microsoft) — processes your pull request data, comments, and repository information under its own privacy policy and GDPR commitments
• Anthropic — processes code and review content sent via Claude AI under its own privacy policy and data processing terms
• Google — processes code and review content sent via Gemini under its own privacy policy and data processing terms
• OpenAI — processes code and review content sent via Codex under its own privacy policy and data processing terms
• Apple — Apple Intelligence processes data entirely on your device and is subject to Apple’s privacy policy
• Stripe — processes payment data under its own privacy policy and GDPR commitments

You should review the GDPR commitments and data processing agreements of these services independently.

2.3 Sentry as Data Processor

The Application uses Sentry (Functional Software, Inc.) to collect crash reports and performance data. Sentry acts as a data processor on behalf of Instoll Inc. Data sent to Sentry may include IP addresses (used for geolocation, then discarded), device identifiers (macOS version, device model, app version), crash stack traces, error messages, performance metrics, and interaction breadcrumbs. Sentry does not receive your source code, pull request content, review comments, or credentials. Sentry stores data in the United States and its processing is governed by Sentry’s Data Processing Agreement and Standard Contractual Clauses. Crash data is retained for 90 days.

2.4 You as Data Controller

As the user of the Application, you are the data controller for any personal data processed locally on your device through the Application. You determine what repositories, pull requests, and code to review, and you control the local storage of this data.

3. Legal Basis for Processing

The legal basis for processing is:

• Consent (Article 6(1)(a)) — you choose to install and use the Application, to connect it to your GitHub and AI provider accounts, and to opt in to marketing communications
• Legitimate interest (Article 6(1)(f)) — the Application processes data as necessary to provide the code review functionality you requested; crash and performance data is collected via Sentry to maintain app stability and fix bugs, which is reasonably expected by users of a software application
• Performance of a contract (Article 6(1)(b)) — processing is necessary to deliver the Application’s features as described in the End User License Agreement, and to manage your subscription and license
• Legal obligation (Article 6(1)(c)) — Instoll Inc. may retain certain account and payment data as required by applicable tax and accounting laws

4. Data Subject Rights

Under the GDPR, you have the following rights regarding your personal data:

4.1 Right of Access (Article 15)

Data processed locally by the Application is stored on your device. You can access it at any time by:

• Viewing cached data within the Application
• Reading the SQLite database at ~/Library/Application Support/PR/token_usage.sqlite
• Reviewing your macOS UserDefaults for the Application

For account and subscription data held on the Instoll licensing server, you may request access by visiting https://instoll.com.

4.2 Right to Rectification (Article 16)

For locally stored data, you can modify or correct it directly on your device. For account data held by Instoll Inc., you may request correction by visiting https://instoll.com.

4.3 Right to Erasure (Article 17)

You can delete locally stored Application data by:

• Deleting the Application from your device
• Removing the SQLite database at ~/Library/Application Support/PR/
• Resetting UserDefaults for the Application via macOS system tools

For account and subscription data held by Instoll Inc., you may request deletion by visiting https://instoll.com. Deletion of account data may result in termination of your subscription and license. Instoll Inc. may retain certain data as required by applicable law.

4.4 Right to Restriction of Processing (Article 18)

You can restrict processing at any time by closing the Application. No background processing occurs when the Application is not running.

4.5 Right to Data Portability (Article 20)

Application data is stored in standard formats (SQLite, macOS UserDefaults) that you can export or transfer using standard macOS tools.

4.6 Right to Object (Article 21)

You can object to any processing by discontinuing use of the Application. Since all processing is initiated by your direct actions within the Application, no processing occurs without your active participation.

5. Data Protection Impact Assessment

Given the Application’s local-first architecture:

• Data minimization — the Application only processes data necessary to display and review pull requests
• Purpose limitation — data is used solely for code review functionality
• Storage limitation — in-memory cache is automatically evicted; persistent data remains only until you choose to delete it
• Cross-border transfers — Instoll Inc. stores account data on its licensing server in Japan. Crash and performance data is transferred to Sentry in the United States under Sentry’s Data Processing Agreement and Standard Contractual Clauses. Cross-border transfers to GitHub, Anthropic, Google, OpenAI, and Stripe are governed by their respective GDPR data transfer mechanisms

6. Data Breach Notification

Instoll Inc. maintains account and subscription data on its licensing server. In the event of a data breach affecting personal data held by Instoll Inc., we will notify affected users and the relevant supervisory authorities in accordance with GDPR Articles 33 and 34. If a security vulnerability in the Application is discovered that could affect local data, we will notify users through the PR website.

For data breaches involving GitHub, Anthropic, Google, OpenAI, or Apple, those organizations are responsible for notification under their respective GDPR obligations.

7. International Data Transfers

Instoll Inc. is based in Japan, which has received an adequacy decision from the European Commission (January 23, 2019), meaning the European Commission has recognized Japan as providing an adequate level of data protection.

When you use the Application to send data to third-party services:

• GitHub (Microsoft) — may transfer data to the United States under Standard Contractual Clauses and Microsoft’s GDPR commitments
• Anthropic — may transfer data to the United States under its own GDPR transfer mechanisms
• Google — may transfer data to the United States under Standard Contractual Clauses and Google’s GDPR commitments
• OpenAI — may transfer data to the United States under its own GDPR transfer mechanisms
• Stripe — may transfer data to the United States under Standard Contractual Clauses and Stripe’s GDPR commitments
• Sentry — transfers crash and performance data to the United States under Sentry’s Data Processing Agreement and Standard Contractual Clauses

These transfers are initiated by you (or automatically by the Application in the case of Sentry) and are governed by the respective service providers’ data transfer safeguards.

8. Data Protection Officer

Given the limited scope of personal data processed by Instoll Inc. (account and subscription data only), Instoll Inc. has not appointed a Data Protection Officer at this time. If you have GDPR-related questions, please visit https://instoll.com.

9. EU Representative

Under GDPR Article 27, organizations outside the EU that process personal data of EU residents must designate an EU representative, unless the processing is occasional, does not include large-scale processing of special categories of data, and is unlikely to result in a risk to the rights and freedoms of individuals.

Instoll Inc. collects limited personal data (email address, subscription status, and payment metadata) for subscription and licensing purposes. Given that this processing is limited in scope, does not include large-scale processing of special categories of data, and is unlikely to result in a risk to the rights and freedoms of individuals, Instoll Inc. has determined that the designation of an EU representative is not required at this time. If this assessment changes, the EU representative’s contact information will be published on the PR website.

If you have GDPR-related questions, please visit https://instoll.com.

10. Changes to This Document

We may update this document from time to time. Changes will be posted on the PR website with an updated revision date.

11. Contact

For GDPR-related questions or operator identification required under Japanese law, please visit https://instoll.com.