DIJJI.ai Apply for access
← Back to home
Legal

Privacy Policy

Last updated: 23 May 2026

1. Introduction

DIJJI.ai is an AI-Augmented Delivery platform operated by DIJJI.ai Inc., a corporation incorporated in the State of Delaware, United States. This Privacy Policy describes how personal data is collected, used, stored, and protected when you access or use the DIJJI.ai website, applications, APIs, and related services (collectively, the “Services”).

By using the Services, you acknowledge and agree to the practices described in this policy.

2. Legal Entity and Scope

The Services are operated by DIJJI.ai Inc. (“DIJJI”, “DIJJI.ai”, “we”, “us”, or “our”), a corporation incorporated in the State of Delaware, United States.

Where you access the Services through an organization or team account, your organization is the data controller for the personal data of its members and end-users that is processed through that account, and DIJJI acts as data processor on your organization’s behalf.

3. Information We Collect

We collect information necessary to operate, secure, and improve the Services.

Information you provide:

  • Account details such as name, email address, organization name, role, and billing contact information.
  • Authentication credentials, including passwords.
  • Communications, support requests, and feedback you submit to us.
  • Payment information collected and processed by our payment processor (see Section 8).

Information generated through your use of the Services:

  • Task descriptions, prompts, instructions, and other inputs you submit to DIJJI agents (“Inputs”).
  • Plans, code, commit messages, pull request descriptions, test results, review comments, and other outputs generated by DIJJI agents (“Outputs”).
  • Configuration data related to your projects, pipelines, agents, gates, and integrations.
  • Execution logs, including shell commands run by agents, command outputs, file changes, and traces retained for debugging, billing, and security purposes.
  • Usage data such as credit consumption, task counts, run durations, and feature interactions.
  • Technical data such as IP address, browser type, operating system, device identifiers, and session timestamps.

Information received from third-party services you connect:

When you connect a third-party account to your DIJJI workspace, we receive data from that service as described in Section 5.

Sensitive data: We do not intentionally collect sensitive personal data (such as government identification numbers, financial account numbers beyond what our payment processor collects, health information, biometric data, or information revealing racial origin, political views, religion, or sexual orientation). You agree not to submit such data as part of your Inputs.

4. How We Use Information

We use collected data to:

  • Provide and operate the Services, including planning, code generation, testing, code review, end-to-end testing, and pull request workflows.
  • Authenticate users and manage accounts and organization memberships.
  • Maintain platform security, detect abuse, and prevent misuse.
  • Meter usage and bill customers in accordance with their subscription plan.
  • Improve the performance, reliability, and user experience of the Services.
  • Communicate with you about service updates, security alerts, and support.
  • Comply with legal obligations and enforce our Terms of Service.

We do not sell personal data. We do not use Customer Data to train any AI or machine-learning model. The Services operate on the codebase and inputs you provide for the specific task you have initiated.

5. Third-Party Integrations

DIJJI is designed to operate against the systems where your software actually lives. When you authorise DIJJI to connect to a third-party service, we access only the data and permissions necessary to deliver the features you have chosen to use.

5.1 Source Code Hosting (GitHub, and future providers)

To enable DIJJI agents to read, modify, and propose changes to your code, you may connect a source code hosting account such as GitHub. With your authorisation, DIJJI may:

  • Read repository metadata, branch lists, commit history, file contents, and pull request information for repositories you select.
  • Create branches, commit changes, push commits, open pull requests, and add comments to pull requests on your behalf.
  • Read and write check runs, statuses, and labels associated with pull requests created by DIJJI.

We only request the scopes necessary for the features you enable. You can revoke DIJJI’s access at any time through your provider’s account settings or by disconnecting the integration within DIJJI.

5.2 Messaging and Notifications (Slack)

When you connect Slack, DIJJI may send messages to channels you authorise (for example, task completion notifications, failure alerts, and deployment approval prompts) and receive interactive responses (for example, approval or rejection of a gate). Slack workspace metadata required to route those messages is stored and processed solely for that purpose.

5.3 Project Tracking (Jira)

When you connect Jira, DIJJI may read issues, transitions, and metadata you authorise, and may create or update issues in response to agent actions. Permissions are scoped to the projects you select.

5.4 General Principles

For all third-party integrations:

  • We access only the scopes you authorise.
  • We use the data only to deliver the features you have enabled.
  • We do not use third-party integration data to serve advertising, to sell to data brokers, or to train general-purpose AI models.
  • You may revoke access at any time, and we will cease accessing the relevant third-party data on revocation.

6. AI Processing and Model Providers

DIJJI is built on top of large language models and other AI services. To deliver the Services:

  • Your Inputs, relevant Customer Data (such as the contents of repositories you have connected), and intermediate Outputs are transmitted to third-party AI model providers solely to process your requests and return Outputs.
  • These providers act as data sub-processors under contractual safeguards. They do not retain your data beyond what is necessary to process your request, and they do not use your Inputs or Outputs to train their general-purpose models, except where you have explicitly opted in.
  • Where DIJJI uses caching or context-management features offered by AI providers to improve latency and cost, cached data is held only for the duration permitted by the provider and is scoped to your account.

Customer Data is not used to train DIJJI’s proprietary models or any third-party model unless you have explicitly agreed in writing.

7. Code Execution and Sandbox Environments

A core function of DIJJI is to execute code on your behalf. When an agent runs, it operates within an isolated cloud sandbox. During execution we may collect:

  • Files present in or generated within the sandbox during a task run.
  • Shell commands executed by the agent and their stdout and stderr output.
  • Code, dependencies, and configuration written by the agent or pulled from your connected repositories.
  • Resource usage metrics (CPU, memory, network) for billing, capacity, and abuse detection.
  • Execution traces and logs retained to enable replay, debugging, and security investigation.

Sandboxes are isolated per task and are torn down after the task completes. Logs and artefacts may be retained for the periods described in Section 10.

8. Data Sharing

We share data only:

  • With sub-processors and service providers that host, store, monitor, and operate the Services on our behalf, including infrastructure and cloud providers, third-party AI model providers, payment processors, email and notification providers, error-tracking providers, and analytics providers, all under contractual safeguards.
  • With third-party services you have connected, but only to the extent necessary to deliver the features you have enabled.
  • When required by law or in response to valid legal process, regulatory request, or to protect the rights, property, or safety of DIJJI, our users, or the public.
  • In connection with corporate transactions such as a merger, acquisition, or sale of assets, in which case the recipient will be required to honour this Privacy Policy or provide equivalent protection.
  • With your consent or at your direction.

We do not sell personal data and we do not share personal data for cross-context behavioural advertising.

9. Data Storage and Security

Customer Data is stored in secure, encrypted environments. We apply technical and organisational safeguards including:

  • Encryption in transit and at rest using industry-standard cryptographic controls.
  • Principle-of-least-privilege access controls; access to production data is restricted to authorised personnel and is logged.
  • Per-task sandbox isolation for agent execution, with restricted outbound network egress where applicable.
  • Routine security review of code, dependencies, and infrastructure.

No security measure is absolute. You acknowledge that transmission over the internet is not perfectly secure and that you use the Services at your own risk.

10. Data Retention

Personal data is retained only as long as necessary to:

  • Provide the Services.
  • Comply with legal, accounting, audit, and tax obligations.
  • Resolve disputes and enforce agreements.
  • Investigate and prevent abuse.

Indicative retention periods:

  • Account and billing records: for the duration of your account plus the period required by applicable law (typically up to seven years for financial records).
  • Task execution logs and sandbox artefacts: up to ninety (90) days after the task completes, unless extended for security investigation or legal preservation.
  • Telemetry and aggregated usage data: indefinitely, in de-identified form.

You may request deletion of your account and associated data by writing to hi@dijji.ai. Following deletion, we will remove or anonymise associated data within ninety (90) days, except where retention is required by law.

11. International Data Transfers

DIJJI is operated from the United States. Customer Data and personal data may be processed in the United States and in other jurisdictions where DIJJI or its sub-processors operate. Where required by applicable law, we apply appropriate safeguards for international transfers, including the European Commission’s Standard Contractual Clauses and the UK International Data Transfer Addendum.

12. Your Rights

Depending on your jurisdiction (including under the GDPR, the UK GDPR, the California Consumer Privacy Act, and similar laws), you may have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate or incomplete data.
  • Request deletion or restriction of processing.
  • Object to processing based on our legitimate interests.
  • Withdraw consent where processing is based on consent.
  • Receive your personal data in a portable format.
  • Lodge a complaint with your local data protection authority.

To exercise any of these rights, contact us at hi@dijji.ai. We may need to verify your identity before fulfilling your request. For data processed on behalf of an organization, please direct requests to that organization in the first instance.

13. Cookies and Tracking

The Services use cookies and similar technologies to:

  • Maintain authenticated sessions.
  • Remember preferences and settings.
  • Monitor platform performance and detect errors.
  • Measure aggregate, de-identified usage of features.

We do not use third-party advertising cookies and we do not engage in cross-site behavioural tracking. You can manage cookies through your browser settings.

14. Children

The Services are not directed to children. We do not knowingly collect personal information from individuals under the age of 18. If you believe a child has provided us with personal information, please contact us and we will delete it.

15. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be posted on this page with an updated “Last updated” date, and where required by law we will provide additional notice or seek your consent. Continued use of the Services after an update constitutes acceptance of the revised policy.

16. Contact

For privacy-related questions or to exercise your rights: