Privacy statement spring 2018 #101
Conversation
Over the last few months, we've gotten a few questions asking about our General Data Protection Regulation (GDPR) compliance. We are proud to announce that we are compliant with the GDPR. Additionally, we have always provided the same level of privacy protection to our users regardless of their residency, location, or citizenship, and that will not change. We provide strong privacy and security protection to _all_ of our users. For the most part, our changes to the Privacy Statement are only points of clarification. GitHub doesn't ask for more personal data from our users than we need to provide our services to you. Where we offer you the option of giving us more data, we provide you the ability to access and delete the data you have given us. For example, you can always remove your profile information, your comments in issues, and your repository contents. We have gone through our Privacy Statement to provide more context and transparency, though, so our users understand exactly why we ask for information and what we'll do with it. ### GDPR Compliance * The GDPR requires us to inform our users about the legal basis on which we process their data. In this update, we explain what data we collect and why. * We describe our security practices in more detail. * We now provide a separate page describing our tracking, our use of cookies, and listing our subprocessors (the vendors and third parties we have engaged to process personal data on our behalf). * Throughout the Privacy Statement, we provide greater transparency and insight into our data collection, data handling, data retention, and data deletion processes. * If you are a Corporate Terms of Service customer and you need a Data Protection Agreement with us, please [contact support](https://github.com/contact). We will be happy to provide one. Please understand that with the GDPR compliance deadline coming up, our volume of requests is high, but we will respond to you as promptly as possible.
This page provides a list of GitHub's subprocessors, such as our vendors and service providers. It also offers some transparency into the cookies we set and why we set them, as well as describing exactly where we do tracking for analytics purposes on our site and who our analytics providers are (at the moment, we use Google Analytics, but if we bring on additional providers, we will be able to provide fuller transparency here).
| | Box | Corporate document storage | United States | | ||
| | Braintree (PayPal) | Subscription credit card payment processor | United States | | ||
| | DocuSign | Contract signature processor | United States | | ||
| | DropBox | Corporate document storage | United States | |
| | Oracle | Corporate financial system | United States | | ||
| | Salesforce.com | Customer relations management | United States | | ||
| | Seal | Contract clause analysis system | United States | | ||
| | ZenDesk | Customer support ticketing system | United States | |
Policies/github-privacy-statement.md
Outdated
| | [How GitHub secures your information](#how-github-secures-your-information) | We take all measures reasonably necessary to protect the confidentiality, integrity, and availability of your personal information on GitHub and to protect the resiliance of our servers as they host your information. | | ||
| | [GitHub's global privacy practices](#githubs-global-privacy-practices) | GitHub complies with both the EU-US Privacy Shield Framework and the General Data Protection Regulation. Please see this section for more specific information. | | ||
| | [How we respond to compelled disclosure](#how-we-respond-to-compelled-disclosure) | We may share your information in response to a warrant, subpoena, or other court action, or if disclosure is necessary to protect our rights or the rights of the public at large. We strive for transparency, and will notify you when possible. | | ||
| | [How we communicate with you](#how-we-communicate-with-you) | We communicate with you by email. You can control the way we contact you in your account settings. | |
There was a problem hiding this comment.
This link should be [How we, and others, communicate with you](#how-we-and-others-communicate-with-you). The current link does not scroll down tot the header.
Policies/github-privacy-statement.md
Outdated
| The information we collect about all visitors to our website includes the visitor’s browser type, language preference, referring site, additional websites requested, and the date and time of each visitor request. We also collect potentially personally-identifying information like Internet Protocol (IP) addresses. | ||
|
|
||
| ##### Why do we collect this? | ||
| ##### Why we collect this |
There was a problem hiding this comment.
Should this be “Why we collect this information”?
There was a problem hiding this comment.
Why should we collect this information ?
Policies/github-privacy-statement.md
Outdated
| - We use your User Personal Information, specifically your user name, to identify you on GitHub. | ||
| - We use it to fill out your profile and share that profile with other users if you ask us to. | ||
| - We will use your email address to communicate with you, if you've said that's okay, **and only for the reasons you’ve said that’s okay**. Please see our section on [email communication](#how-we-communicate-with-you) for more information. | ||
| - We will use your email address to communicate with you, if you've said that's okay, **and only for the reasons you’ve said that’s okay**. Please see our section on [email communication](#how-we-communicate-with-you) for more information. |
There was a problem hiding this comment.
This link should be to #how-we-and-others-communicate-with-you, too.
There was a problem hiding this comment.
This is what happens when I rename a header and don't follow up. Thanks! Fixed.
Policies/github-privacy-statement.md
Outdated
| Under certain international laws (including GDPR), GitHub is required to notify you about the legal basis on which we process User Personal Information. GitHub processes User Personal Information on the following legal bases: | ||
|
|
||
| - When you create a GitHub account, you provide your user name and an email address. We require those data elements for you to enter into the Terms of Service agreement with us, and we process those elements on the basis of performing that contract. We also process your user name and email address on other bases. If you have a GitHub Hosted, GitHub Enterprise, or other paid account with us, there will be other data elements we must collect and process on the basis of performing that contract. GitHub does not collect or process a credit card number, but our third-party payment processor does. | ||
| - When you fill out the information in your [user profile](https://github.com/settings/profile), you have the option to provide User Personal Information such as your full name, an avatar which may include a photograph, your biography, your location, your company, and a URL to a third party website. You have the option of setting a publicly visible email address here. We process this information on the basis of consent. All of this information is entirely optional, and you have the ability to access, modify, and delete it at any time (while you are not able to delete your email address entirely, you can set it private). |
There was a problem hiding this comment.
you can make it private
or
you can set it to be private
?
Policies/github-privacy-statement.md
Outdated
| ### What information GitHub does not collect | ||
|
|
||
| We do not intentionally collect **sensitive personal information**, such as social security numbers, genetic data, health information, or religious information. Although GitHub does not request or intentionally collect any sensitive personal information, we realize that you might store this kind of information in your account, such as in a repository. If you store any sensitive personal information on our servers, you are consenting to our storage of that information on our servers, which are in the United States. | ||
| We do not intentionally collect **sensitive personal information**, such as social security numbers, genetic data, health information, or religious information. Although GitHub does not request or intentionally collect any sensitive personal information, we realize that you might store this kind of information in your account, such as in a repository. If you store any sensitive personal information on our servers, you are responsible for complying with any regulatory controls regarding that data. |
There was a problem hiding this comment.
religious information
This could go into your bio, too. Suggestion:
you might store this kind of information in your account, such as in a repository or in your public profile.
Policies/github-privacy-statement.md
Outdated
| We **do not** disclose User Personal Information outside GitHub, except in the situations listed in this section or in the section below on [Compelled Disclosure](#how-we-respond-to-compelled-disclosure). | ||
|
|
||
| We do not host advertising on GitHub. We may occasionally embed content from third party sites, such as YouTube, and that content may include ads. While we try to minimize the amount of ads our embedded content contains, we can't always control what third parties show. | ||
| We **do** share certain aggregated, non-personally identifying information with others about how our users, collectively, use GitHub, or how our users respond to our other offerings, such as our conferences or events. For example, we may [compile statistics on the usage of open source licenses across GitHub](https://github.com/blog/1964-open-source-license-usage-on-github-com). However, we do not sell this information to advertisers or marketers. |
There was a problem hiding this comment.
Changing the link to go to https://blog.github.com/2015-03-09-open-source-license-usage-on-github-com/ would avoid a redirect.
There was a problem hiding this comment.
Oh, nice catch. Fixed!
Policies/github-privacy-statement.md
Outdated
|
|
||
| #### GitHub applications | ||
|
|
||
| You also have the option of adding applications from GitHub, such as our Desktop app, our Mobile app, or other account features, to your account. These applications each have their own terms and may collect different kinds of User Personal Information; however, all GitHub applications are subject to this Privacy Statement, and we will always collect the minimum amount of User Personal Information necessary, and use it only for the purpose for which you have given it to us. |
There was a problem hiding this comment.
Oops. What I meant was Atom and Electron. Fixed!
| | `:"__Host-gist_user_session_same_site"` | This cookie is set to ensure that browsers that support SameSite cookies can check to see if a request originates from GitHub. | | ||
| | `:_ga` | This cookie is used by Google Analytics. | | ||
| | `:_octo` | This cookie is used by Octolytics, our internal analytics service, to distinguish unique users and clients. | | ||
| | `:tracker` | This cookie tracks the referring source for signup analytics. | |
There was a problem hiding this comment.
You shouldn’t need the : and "" around the cookie names — the cookie names in the browser don’t have them.
Policies/github-privacy-statement.md
Outdated
| We do share User Personal Information with your permission, so we can perform services you have requested or communicate on your behalf. For example, if you purchase an integration or other Developer Product from our Marketplace, we will share your account name to allow the integrator to provide you services. Additionally, you may indicate, through your actions on GitHub, that you are willing to share your User Personal Information. For example, if you join an organization, the owner of the organization will have the ability to view your activity in the organization's access log. We will respect your choices. | ||
|
|
||
| We do not disclose User Personal Information outside GitHub, except in the situations listed in this section or in the section below on [Compelled Disclosure](#how-we-respond-to-compelled-disclosure). | ||
| We **do not** share, sell, rent, or trade User Personal Information with third parties for their commercial purposes, expect where you have specifically told us to (such as by buying an integration from Marketplace). |
Policies/github-privacy-statement.md
Outdated
| We **do not** share, sell, rent, or trade User Personal Information with third parties for their commercial purposes, expect where you have specifically told us to (such as by buying an integration from Marketplace). | ||
|
|
||
| We **do** share certain aggregated, non-personally identifying information with others about how our users, collectively, use GitHub, or how our users respond to our other offerings, such as our conferences or events. For example, we may [compile statistics on the usage of open source licenses across GitHub](https://github.com/blog/1964-open-source-license-usage-on-github-com). However, we do not sell this information to advertisers or marketers. | ||
| We **do not** host advertising on GitHub. We may occasionally embed content from third party sites, such as YouTube, and that content may include ads. While we try to minimize the amount of ads our embedded content contains, we can't always control what third parties show. Any advertisements on individual GitHub Pages or in GitHub repositories are not sponsored by, or tracked by, GitHub. |
There was a problem hiding this comment.
Needs more clarification. I don't understand what this is about. I have never seen ads embedded into GitHub or any videos from YouTube (but I saw links to videos, but I had to open YT to view them, and I guess these videos are not considered "on GitHub").
There was a problem hiding this comment.
There aren't any ads, but every now and then there's a link to YouTube in our blog, and we never know what stuff YouTube's going to put in there. Those aren't on GitHub, of course, but we want to be clear.
| We **do** share certain aggregated, non-personally identifying information with others about how our users, collectively, use GitHub, or how our users respond to our other offerings, such as our conferences or events. For example, we may [compile statistics on the usage of open source licenses across GitHub](https://github.com/blog/1964-open-source-license-usage-on-github-com). However, we do not sell this information to advertisers or marketers. | ||
|
|
||
| We may share User Personal Information with your permission, so we can perform services you have requested. | ||
| We **do** share User Personal Information with a limited number of third party vendors who process it on our behalf to provide or improve our service, and who have agreed to privacy restrictions similar to our own Privacy Statement by signing data protection agreements. Our vendors perform services such as payment processing, customer support ticketing, network data transmission, and other similar services. When we transfer your data to our vendors under [Privacy Shield](/articles/github-privacy-statement/#githubs-global-privacy-practices), we remain responsible for it. While GitHub processes all User Personal Information in the United States, our third party vendors may process data outside of the United States or the European Union. If you would like to know who our third party vendors are, please see our page on [Subprocessors](/articles/github-subprocessors-and-cookies/). |
There was a problem hiding this comment.
It would be nice to clarify if data associated to free accounts is shared.
There was a problem hiding this comment.
This statement covers all accounts. We don't share information about free accounts differently from paid accounts, except that we share information with a payment processor for paid accounts.
We don't sell our users' information just because they have a free account.
There was a problem hiding this comment.
Could you explicitly clarify to which parties (i.e. NSA) which kind of data (i.e. all the data) is shared about which kind of accounts (i.e. all the ones GH is legally responsible for doing that) (for now the table lacks this information). Data in the form unusable for that entity doesn't count, for example if the ISP only sees encrypted connections like TLS and unable to break TLS and will never have access to the keys, I guess it's safe to assume that it doesn't get the access to the information transferred encrypted.
There was a problem hiding this comment.
Our annual Transparency Report covers what we share with government entities. We aren't able to disclose that much information in that kind of detail.
There was a problem hiding this comment.
My question is not only about government agencies, but also about third parties, like DropBox. I guess it'd be nice to know which kind of data is shared in which cases.
There was a problem hiding this comment.
I'm not sure I understand the question. Our third party subprocessors are listed, as you saw, and they receive data for the purpose listed. For example, we store corporate documents on Dropbox; we don't store user repository contents on Dropbox, because that wouldn't work very well. 😆 If you have more specific questions, drop us an email.
Policies/github-privacy-statement.md
Outdated
| - includes security safeguards reasonably designed to protect the confidentiality, integrity, availability, and resilience of our users' data; | ||
| - is appropriate to the nature, size, and complexity of GitHub’s business operations; | ||
| - includes incident response and data breach notification processes; and | ||
| - complies with applicable information security related laws and regulations in the geographic regions where GitHub does business. |
There was a problem hiding this comment.
it would be nice to explicitly clarify about security-undermining regulations.
There was a problem hiding this comment.
We cover that in our section on Compelled Disclosure, which talks about what we do if a government agency tries to force us to reveal information.
There was a problem hiding this comment.
I mind mostly not that, but crypto or software backdoors or bans on using secure software or hardware or practices.
| - We offer you simple methods of accessing, correcting, or deleting the data we have collected. | ||
| - We provide our users notice, choice, accountability, security, and access, and we limit the purpose for processing. We also provide our users a method of recourse and enforcement. These are the Privacy Shield Principles, but they are also just good practices. | ||
| - GitHub adheres to the [Privacy Shield Framework](https://www.privacyshield.gov/). You may view our entry in the [Privacy Shield List](https://www.privacyshield.gov/participant?id=a2zt000000001K2AAI). In addition to providing our users methods of unambiguous, informed consent and control over their data, we participate in and comply with the Privacy Shield framework, and we are committed to subject any Personal Information we receive from the EU and EEA to the Privacy Shield Principles. In addition, we continue to participate in the Safe Harbor Framework for Swiss data transfers to the US. Please read more about [GitHub's Privacy Shield and Safe Harbor commitments](/articles/global-privacy-practices/). | ||
| Transmission of data on GitHub is encrypted using SSH, HTTPS, and SSL/TLS. While our data is not encrypted at rest, we manage our own cages and racks at top-tier data centers with excellent physical and network security, and when data is stored with a third party storage provider, it is encrypted. |
There was a problem hiding this comment.
I'd be nice to clarify:
1 if crypto is used in internal network(s);
2 which ciphersuites are used;
3 how the keys are generated (I mean which (P)RNG is used);
There was a problem hiding this comment.
We probably won't post that level of detail. 😁 But keep an eye out: more detail is coming. The Privacy Statement isn't really the right place for all that.
Policies/github-privacy-statement.md
Outdated
| Depending on your email settings, GitHub may occasionally send notification emails about changes in a repository you’re watching, new features, requests for feedback, important policy changes, or offer customer support. We also send marketing emails, but only with your consent, if you opt in to our list. There's an unsubscribe link located at the bottom of each of the marketing emails we send you. Please note that you can not opt out of receiving important communications from us, such as mails from our Support team or system emails, but you can configure your notifications settings in your profile. | ||
|
|
||
| If you would like to cancel your account or delete your User Personal Information, you may do so in your [user profile](https://github.com/settings/admin). We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements, but barring legal requirements, we will delete your full profile (within reason) within 30 days. | ||
| Our emails might contain a pixel tag, which is a small, clear image that can tell us whether or not you have opened an email and what your IP address is. We use this pixel tag to make our email more effective for you and to make sure we’re not sending you unwanted email. |
There was a problem hiding this comment.
I guess you should really think about removing it. Pixel tags are effective only on some low-quality email servers and software, high quality ones have some protection against that similar to the ones GH does to third-party images: they are downloaded, cached and provided from cache. The sole fact of using them harms GH reputation.
There was a problem hiding this comment.
Cool, I'll pass that along.
|
|
||
| ### Cookies on GitHub | ||
|
|
||
| GitHub uses cookies to make interactions with our service easy and meaningful. We use cookies (and similar technologies, like HTML5 localStorage) to keep you logged in, remember your preferences, and provide information for future development of GitHub. |
There was a problem hiding this comment.
I guess all the "similar technologies" (including browser fingerprinting, and if it is used, the detailed info about every fingerprint modality should be provided) should be named, and for every one it should be clearly stated if it is used or if it is not used.
There was a problem hiding this comment.
We've explained above, in the section on Information from website browsers, exactly what information we collect from visitors to the site via their browsers. We don't go down into collecting fonts and plug-ins, because we don't care. Live your best life.
|
|
||
| A cookie is a small piece of text that our web server stores on your computer or mobile device, which your browser sends to us when you return to our site. Cookies do not necessarily identify you if you are merely visiting GitHub; however, a cookie may store a unique identifier for each logged in user. The cookies GitHub sets are essential for the operation of the website, or are used for performance or functionality. By using our website, you agree that we can place these types of cookies on your computer or device. If you disable your browser or device’s ability to accept cookies, you will not be able to log in or use GitHub’s services. | ||
|
|
||
| GitHub sets the following cookies on our users for the following reasons: |
|
|
||
| "[Do Not Track](https://www.eff.org/issues/do-not-track)" is a privacy preference you can set in your browser if you do not want online services — specifically ad networks — to collect and share certain kinds of information about your online activity from third party tracking services. GitHub does not currently respond differently to an individual browser's Do Not Track setting. If you would like to set your browser to signal that you would not like to be tracked, please check your browser's documentation for how to enable that signal. There are also good applications that block online tracking, such as [Privacy Badger](https://www.eff.org/privacybadger). | ||
|
|
||
| We do not track your online browsing activity on other online services over time and we do not host third-party advertising on GitHub that might track your activity on our site. We do have agreements with certain vendors, such as analytics providers, who help us track visitors' movements on certain pages on our site. Only our vendors, who are collecting data on our behalf, may collect data on our pages, and we have signed data protection agreements with every vendor who collects this data on our behalf. We use the data we receive from these vendors to better understand our visitors' interests, to understand our website's performance, and to improve our content. Any analytics vendor will be listed in our Subprocessor List above, and you may see a list of every page where we collect this kind of data below. |
There was a problem hiding this comment.
It'd be nice to have an official list of all the tracking scripts on GitHub in μBlock Origin - compatible format ;)
There was a problem hiding this comment.
That should be pretty easy to build, though, with the information provided here.
There was a problem hiding this comment.
I prefer GitHub providing a one as a gesture of goodwill :) Of course it doesn't prevent us from having an own one.
There was a problem hiding this comment.
We'll give it some thought, but we probably won't show partiality to one block format over another, and y'know, we're an open source community, we do like to encourage some independence and sharing. 😁
| | ZenDesk | Customer support ticketing system | United States | | ||
| | Zuora | Corporate billing system | United States | | ||
|
|
||
| When we bring on a new vendor or other subprocessor who handles our Users' Personal Information, or remove a subprocessor, or we change how we use a subprocessor, we will update this page. |
There was a problem hiding this comment.
Article 28 (2) of the GDPR requires that Controllers provide consent to any change of subprocessors. This paragraph does not seem to be compliant.
(No, I don't see how 28(2) is going to be workable in practice)
There was a problem hiding this comment.
Yeah, that's about as close as we can come. As you can see, we tried really hard to get our Privacy Statement to the point of compliance with Article 28. It was fun!
|
In relation to the GDPR requirements, how is Github going to handle the "Right to Erasure" requests within Repositories that don't belong to Github or the User requesting the Erasure. I'm specifically referring to the voluntary User's Name and Email within the Git commit history of a project. Will Github remove all references to that user in the Git history or will Github move to be more in line with Gitlab's new policy which can be summed up like this: |
|
@dhollinger Actually, we've had a process in place for some time on that — we enable a git commit history entry to be owned by a "ghost" user without disrupting the history itself. This deidentifies the personal data while maintaining the integrity of the contribution. |
|
Thanks, everyone, for all your input here! We're closing out our comment period and getting ready to ship. We really appreciate your work, you've made our policies better! |
|
Thanks to all |
|
Likewise.
Lucio Juan Blanco Carrasco
intuitionist27@outlook.com
960743604
Sent from Outlook<http://aka.ms/weboutlook>
…________________________________
From: MD NAZMUL HOSAN BABUL <notifications@github.com>
Sent: Tuesday, June 19, 2018 7:35:37 AM
To: github/site-policy
Cc: intuitionist27; Manual
Subject: Re: [github/site-policy] Privacy statement spring 2018 (#101)
Thanks to all
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub<#101 (comment)>, or mute the thread<https://github.com/notifications/unsubscribe-auth/Alq_TwhuiEJnJNeXUjYMJXwf4JXLjthPks5t-PAZgaJpZM4TcnQ5>.
|
|
Nice to change the privacy policy |
|
I'd just like to say thank you for putting up your policies with Git so we can diff them! It'll make going over future changes much, much easier than it is with most places. |
|
Thank you all in here to allow me to become one of your team members. Expecting to learn more from you. May God less you! |
Updates to our Privacy Statement
Over the last few months, we've gotten a few questions asking about our General Data Protection Regulation (GDPR) compliance. We are proud to announce that we are compliant with the GDPR. Additionally, we have always provided the same level of privacy protection to our users regardless of their residency, location, or citizenship, and that will not change. We provide strong privacy and security protection to all of our users.
For the most part, our changes to the Privacy Statement are only points of clarification. GitHub doesn't ask for more personal data from our users than we need to provide our services to you. Where we offer you the option of giving us more data, we provide you the ability to access and delete the data you have given us. For example, you can always remove your profile information, your comments in issues, and your repository contents. We have gone through our Privacy Statement to provide more context and transparency, though, so our users understand exactly why we ask for information and what we'll do with it.
GDPR Compliance
Subprocessors, Cookies, and Tracking
We also now provide a page that lists our subprocessors, such as our vendors and service providers. We also offer some transparency into what cookies GitHub sets and why, and exactly which pages on GitHub do any tracking for analytics purposes and who our analytics providers are (at the moment, it's Google Analytics, but if that changes, we'll be able to use this page to provide greater transparency).