Bondsmith connects GitHub, Jira, Slack, and CI into one continuously updated view of your engineering organization. Instead of hunting across five tools to understand what's happening, your team shares one narrative: what changed, what's at risk, and what needs attention. Connect via GitHub App in 60 seconds with no code changes.

How do I stop context switching between GitHub, Jira, and Slack?

Bondsmith bonds your tools together so you don't have to switch between them. A Jira ticket is linked to the PR that closes it, the CI run that failed it, and the Slack thread where the decision was made. That full context lives in one place, continuously updated, without any manual compilation.

How do I manage PR reviews across multiple GitHub repositories?

Bondsmith gives you an org-wide PR queue sorted into zones: Merge Ready, Needs Fix, Waiting on Others, and Draft — across every repository at once. See who owes reviews, what's overdue, and where bottlenecks are forming before PRs go stale. No more checking repo by repo.

How do I get visibility into what my engineering team is working on?

Bondsmith provides a unified activity feed and org-wide dashboard that surfaces what shipped, what's at risk, and what needs attention across all your repositories. Engineering managers get the org-wide picture without compiling it manually from GitHub, Jira, and Slack.

How do I track GitHub Actions costs by workflow?

Connect your GitHub org and Bondsmith automatically breaks down Actions costs by workflow, job, and repository. You get monthly cost projections, trend analysis, runner-type breakdowns, optimization recommendations, and a billing simulator to model what-if scenarios before making changes.

How is Bondsmith different from GitHub, Jira, or Slack?

Those tools each do one thing well. Bondsmith bonds them together. GitHub shows repo-level data one page at a time — Bondsmith provides org-wide PR management, review queues, CI monitoring, and cost projections from a single view with no context-switching required.

How much does Bondsmith cost?

Bondsmith is free for individual developers with all features included, scoped to your own activity. Team plans for org-wide management are priced per Bondsmith user per month — not per GitHub contributor. A 50-person GitHub org with 5 people using Bondsmith pays for 5 seats. Anyone inactive for 30 days is automatically deactivated.

Does Bondsmith work with private repositories?

Yes, Bondsmith works with both public and private GitHub repositories via a secure GitHub App that only requests the minimum necessary permissions. We never access your source code — only metadata about workflow runs, PRs, costs, and performance metrics.

How does Bondsmith connect to GitHub, Jira, and Slack?

Bondsmith connects to GitHub via a secure GitHub App install — 60 seconds, no code changes. Jira connects via OAuth in minutes. Slack requires a workspace admin to install the bot, then individuals opt in for DMs. No CLI, no pipeline instrumentation, no workflow changes required.

Privacy Policy

Last Updated: May 21, 2026

Introduction

This Privacy Policy describes how we ("Company," "we," "us," or "our") collect, use, and share information when you use our developer productivity platform (the "Service"). The Service provides analytics, pull request review tools, workflow monitoring, and third-party ticket integrations for software development teams.

Information We Collect

Information You Provide

Account Information: Email address, name, and GitHub account details when you sign up
Payment Information: Processed securely through Stripe (we do not store credit card details)
Support Communications: Any information you provide when contacting support

Information We Collect Automatically

GitHub Data: Workflow runs, job data, repository information, pull requests, code review activity, and repository metadata via OAuth and webhooks
Usage Data: How you interact with the Service, features used, pages visited
Technical Data: IP address, browser type, device information, timestamps
Cookies: We use cookies to maintain your session and improve the Service

Information from Third Parties

GitHub: Repository data, workflow runs, pull request data, and account information via GitHub OAuth
Atlassian/JIRA: Issue keys, summaries, statuses, status categories, and assignees from JIRA workspaces you connect to the Service
Stripe: Payment status and billing information

How We Use Your Information

We use the collected information to:

Provide, maintain, and improve the Service
Process your transactions and send related information
Monitor and analyze workflow performance and trends
Display linked ticket context (JIRA issues) alongside your pull requests
Send administrative information, updates, and security alerts
Respond to your requests and provide customer support
Detect, prevent, and address technical issues or fraud
Comply with legal obligations

Third-Party Integrations

JIRA / Atlassian

When you connect a JIRA workspace, we access your Atlassian account via OAuth 2.0 on your behalf. Specifically:

What we access: Issue keys, summaries, statuses, status categories, and assignees for issues referenced in your pull requests
How we store it: OAuth access and refresh tokens are stored encrypted using AES-256 encryption. Issue data is cached temporarily (up to 5 minutes) in Redis to reduce API calls
How we use it: Solely to display linked ticket context alongside your pull requests within the Service
What we do not do: We do not sell, share, or use your JIRA data for any purpose other than providing the Service
Disconnecting: You can disconnect your JIRA workspace at any time via Settings → Integrations. Upon disconnect, your OAuth tokens are deleted immediately. Cached issue data expires within 5 minutes
Account deletion: Upon account deletion, all stored JIRA tokens and associated data are removed within 30 days

GitHub

When you connect your GitHub account, we access repository and workflow data via OAuth and GitHub App installation. We do not access your source code contents beyond what is necessary to display pull request metadata.

Data Sharing and Disclosure

We do not sell your personal information. We may share information with:

Service Providers

GitHub: To access your workflow and pull request data via their API
Atlassian: To access your JIRA workspace data via their API on your behalf
Stripe: To process payments
Google Cloud Platform: Where our infrastructure is hosted
Email Service Providers: To send transactional emails

Legal Requirements

We may disclose information if required by law, court order, or to:

Comply with legal process
Protect our rights, property, or safety
Prevent fraud or security issues

Business Transfers

If we are involved in a merger, acquisition, or sale, your information may be transferred as part of that transaction.

Data Storage and Security

Location: Data is stored on Google Cloud Platform servers in the United States
Retention: We retain your data while your account is active and for up to 30 days after deletion (unless longer retention is required by law)
Security: We implement industry-standard security measures including encryption in transit (TLS) and at rest (AES-256 for OAuth tokens)
Backfill Data: Historical workflow data is retained according to your subscription tier (Free: 90 days, Team: unlimited)

Your Rights and Choices

Access and Control

Account Settings: Update your profile and preferences
Integration Management: Connect or disconnect third-party integrations (JIRA, Slack) via Settings → Integrations
Data Export: Request a copy of your data (available on all plans)
Account Deletion: Delete your account at any time (data deleted within 30 days)

Marketing Communications

You can opt out of marketing emails via the unsubscribe link. We will still send transactional emails related to the Service.

Cookies

You can control cookies through your browser settings, though this may affect Service functionality.

Data Protection Rights (GDPR)

If you are in the European Economic Area, you have the right to:

Access your personal data
Correct inaccurate data
Request deletion of your data
Object to processing of your data
Request data portability
Withdraw consent

To exercise these rights, contact us at hello@bondsmith.dev

California Privacy Rights (CCPA)

California residents have the right to:

Know what personal information is collected
Know if personal information is sold or disclosed
Opt-out of the sale of personal information (we do not sell data)
Request deletion of personal information
Not be discriminated against for exercising these rights

Children's Privacy

The Service is not intended for users under 13 years old. We do not knowingly collect information from children under 13. If you believe we have collected such information, contact us immediately.

Third-Party Links

The Service may contain links to third-party websites or services (e.g., GitHub, Atlassian). We are not responsible for their privacy practices.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

Posting the new policy on this page
Updating the "Last Updated" date
Sending an email notification (for significant changes)

Continued use of the Service after changes constitutes acceptance of the updated policy.

International Data Transfers

If you are accessing the Service from outside the United States, your information may be transferred to and processed in the United States or other countries where our service providers operate.

Contact Us

For questions about this Privacy Policy or to exercise your rights, contact us at:

Email: hello@bondsmith.dev Support: hello@bondsmith.dev

For data protection inquiries (EU users): Data Protection Officer: hello@bondsmith.dev

Summary of Key Points

What data we collect:

GitHub account, repository, pull request, and workflow data
JIRA issue keys, summaries, statuses, and assignees (when JIRA is connected)
Email and payment information
Usage and technical data

How we use it:

Provide the Service
Display linked ticket context on pull requests
Improve features
Process payments
Send important updates

Your rights:

Access your data
Delete your account
Export your data
Disconnect integrations at any time
Opt-out of marketing

We do not:

Sell your data
Share data except as described above
Access your source code contents
Use your JIRA or GitHub data beyond providing the Service