Privacy Policy.

How automated decision-making works.

GOL V1.1 utilizes automated decision-making (ADM) to synthesize repairs. While our execution is ephemeral, we log decision-metadata to comply with APP 1.7 transparency requirements regarding how these decisions impact your infrastructure stability.

Our Level 4 Engine monitors infrastructure logs and repository snapshots in an ephemeral sandbox. No repository content is written to persistent storage, and the environment is wiped immediately upon completion.

The minimum required for service.

We minimize data collection to the absolute technical minimum required for service delivery:

• Infrastructure hooks: read-only access to log streams and repository metadata.
• Local AST telemetry (GOL IDE Package): if you install the GOL IDE Package, AST parsing and hallucination blocking occurs strictly on your local machine. We only securely transmit your API key for license verification. We do not transmit your local source code to our servers.
• Account data: email address and billing information (processed via Stripe).
• Diagnostic logs: metadata regarding engine performance and stability scores (anonymized).

No tracking. No analytics. No selling.

We do not use tracking pixels, cookies, or behavioral analytics. We do not follow you across the web. We do not sell your contact information to lead-generation lists. Our business is stability, not data arbitrage.

Sub-processors we use.

We utilize industry-standard sub-processors for essential operations:

• Stripe — payment processing and API key balance management.
• Cloudflare — CDN, DDoS protection, and Worker execution.
• Anthropic & Google — language model APIs for autonomous code synthesis. Data is not retained by these sub-processors for training.
• GitHub / GitLab API — for repository integration.
• Resend — transactional email delivery.

APP and the Privacy Act 1988.

GOL Productions complies with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). You have the right to access and correct personal information we hold, though in our zero-retention model, identifying information is limited to transactional history. To exercise these rights, contact our Data Protection Officer at dev@golproductions.com.

Our obligations under the NDB scheme.

In accordance with the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988, if we become aware of a data breach that is likely to result in serious harm to any individuals whose personal information is involved, we will:

• Notify the Office of the Australian Information Commissioner (OAIC) as soon as practicable.
• Notify affected individuals within 30 days of becoming aware of the breach.
• Provide a statement including the nature of the breach, the types of information involved, and recommended steps for affected individuals.

Rights under EU law.

While GOL Productions is based in Australia, we acknowledge users may access the Service from jurisdictions subject to the EU General Data Protection Regulation (GDPR) or similar laws. For such users:

• Legal basis: we process personal data on the basis of contractual necessity (to provide the Service) and legitimate interest (to improve reliability).
• Right of access: you may request a copy of all personal data we hold about you.
• Right to erasure: you may request deletion of your personal data, subject to legal retention requirements.
• Right to portability: you may request your data in a structured, machine-readable format.
• Right to object: you may object to processing of your personal data for specific purposes.

Requests should be sent to dev@golproductions.com and will be addressed within 30 days.

Rights under California law.

If you are a resident of California, you are granted specific rights regarding access to your personal information under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). GOL Productions does not sell or share your personal information (as defined by CCPA). You have the right to request access to the specific pieces of personal information we have collected about you, the right to request deletion, and the right to non-discrimination for exercising your privacy rights.

To make a verifiable consumer request, contact dev@golproductions.com.

What we keep, and for how long.

• Source code: zero retention. All submitted code is processed in volatile memory and is never written to persistent storage. Execution environments are destroyed immediately upon completion.
• Account data: email addresses and API key balances are retained while your account is active, and for 90 days following account closure, after which they are permanently deleted.
• Billing data: payment information is processed and stored exclusively by Stripe. GOL Productions does not store credit card numbers, CVVs, or other payment credentials.
• Diagnostic metadata: anonymized performance metrics (engine latency, severity classifications) may be retained for up to 12 months for service improvement purposes. These contain no personally identifiable information.

You may request deletion of your account data at any time by contacting dev@golproductions.com.

We don't use them.

GOL Productions does not use cookies, tracking pixels, browser fingerprinting, or any behavioral analytics technology. We do not use Google Analytics, Facebook Pixel, or any third-party tracking scripts. Our infrastructure provider (Cloudflare) may collect minimal server-side analytics (IP addresses, request counts) as part of their DDoS protection service, which is governed by Cloudflare's privacy policy.

Service intended for adults only.

GOL Productions is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a user under 18 has provided personal information, we will take steps to delete such information promptly.

How we communicate updates.

We may update this Privacy Policy from time to time. Material changes will be communicated via email to the address associated with your account. The "Last Updated" date at the top of this page will be revised accordingly. Your continued use of the Service after changes are posted constitutes acceptance of the revised policy.