Burg AIburg ai
ConfigurationSecurity & Privacy

Data Access

What code Burg AI accesses and when

Data Access

What Code Is Accessed

When a PR is reviewed, Burg AI accesses:

  • PR diff — The changes in the pull request
  • Changed files — Full content of modified files
  • PR metadata — Title, description, author, labels

What Is NOT Accessed

  • Repository history (past commits not in the PR)
  • Other branches
  • Issues or discussions
  • Other PRs
  • Files not changed in the current PR

When Code Is Accessed

Code is accessed only when:

  1. A PR is opened or updated
  2. A review job is queued
  3. The job is picked up for processing

Code is not accessed:

  • When you browse the dashboard
  • When you change settings
  • At any scheduled interval

Where Code Is Processed

  1. Webhook received — GitHub sends PR metadata
  2. Code fetched — Via GitHub API using your installation token
  3. Sent to LLM — Using your BYOK key
  4. Results posted — Back to GitHub as comments
  5. Code discarded — Not stored after processing

Access Tokens

Burg AI uses:

  • GitHub App installation token — To fetch PR content
  • Your BYOK key — Sent to LLM provider

Your GitHub token is managed by GitHub's OAuth flow. Your BYOK key is encrypted at rest.

Security & Privacy

How Burg AI handles your code and data

Data Retention

What Burg AI stores and for how long

On this page

Data AccessWhat Code Is AccessedWhat Is NOT AccessedWhen Code Is AccessedWhere Code Is ProcessedAccess Tokens