milonmaze / privacy-terms-observatory-beta

3 stars 1 forks source link

docs.github.com #67

Open milonmaze opened 3 years ago

milonmaze commented 3 years ago

Tracking updates of docs.github.com

milonmaze commented 3 years ago

4a047afbb914bac500b44bc9c0e03341ee6986a4: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2021-04-12

added new file

milonmaze commented 3 years ago

b748702ac8592c8113abc1bb17b0ec7642cfa20b: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2021-05-19

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index f79a277..d3ebf9d 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -1,7 +1,7 @@
 GitHub Docs
 English

-GitHub.com  Site policy  GitHub Privacy Statement
+GitHub.comSite policyGitHub Privacy Statement
 GitHub Privacy Statement
 In this article
 The short version
milonmaze commented 3 years ago

fb7c0827ad2755b3f4387693418f44049a1bac23: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2021-06-09

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index d3ebf9d..d438f00 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -353,9 +353,7 @@ Other translations

 For translations of this statement into other languages, please visit https://docs.github.com/ and select a language from the drop-down menu under “English.”

-Did this doc help you?
-
-Privacy policy
+Did this doc help you? Privacy policy
milonmaze commented 3 years ago

70bf20f50e45b3a7da75cb1b16bc9aaf6a493e03: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2021-06-23

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index d438f00..860dd76 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -1,6 +1,4 @@
 GitHub Docs
-English
- 
 GitHub.comSite policyGitHub Privacy Statement
 GitHub Privacy Statement
 In this article
@@ -353,20 +351,18 @@ Other translations

 For translations of this statement into other languages, please visit https://docs.github.com/ and select a language from the drop-down menu under “English.”

-Did this doc help you? Privacy policy
-
- 
+Did this doc help you?Privacy policy

 Help us make these docs great!

 All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.

- Make a contribution
+Make a contribution

 Or, learn how to contribute.

 Still need help?
- Ask the GitHub community  Contact support
+Ask the GitHub communityContact support
 © 2021 GitHub, Inc.
 Terms
 Privacy
milonmaze commented 3 years ago

d3c74e9475ba8df70774617cb37356e6706ef484: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2021-07-21

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 860dd76..42749ff 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -1,5 +1,5 @@
 GitHub Docs
-GitHub.comSite policyGitHub Privacy Statement
+GitHubSite policyGitHub Privacy Statement
 GitHub Privacy Statement
 In this article
 The short version
milonmaze commented 3 years ago

b4c9e02023b7176e40de1754dcf3908c953ba1f6: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2021-07-30

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 42749ff..51f7f9d 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -1,5 +1,5 @@
 GitHub Docs
-GitHubSite policyGitHub Privacy Statement
+GitHub/Site policy/GitHub Privacy Statement
 GitHub Privacy Statement
 In this article
 The short version
milonmaze commented 3 years ago

ea1a0e05a131572a4a1486c2589197330a713283: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2021-08-06

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 51f7f9d..6b0b9c1 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -227,9 +227,9 @@ You can also add applications from GitHub, such as our Desktop app, our Atom app

 How you can access and control the information we collect

-If you're already a GitHub user, you may access, update, alter, or delete your basic user profile information by editing your user profile or contacting GitHub Support or GitHub Premium Support. You can control the information we collect about you by limiting what information is in your profile, by keeping your information current, or by contacting GitHub Support or GitHub Premium Support.
+If you're already a GitHub user, you may access, update, alter, or delete your basic user profile information by editing your user profile or contacting GitHub Support. You can control the information we collect about you by limiting what information is in your profile, by keeping your information current, or by contacting GitHub Support.

-If GitHub processes information about you, such as information GitHub receives from third parties, and you do not have an account, then you may, subject to applicable law, access, update, alter, delete, or object to the processing of your personal information by contacting GitHub Support or GitHub Premium Support.
+If GitHub processes information about you, such as information GitHub receives from third parties, and you do not have an account, then you may, subject to applicable law, access, update, alter, delete, or object to the processing of your personal information by contacting GitHub Support.

 Data portability

@@ -239,7 +239,7 @@ Data retention and deletion of data

 Generally, GitHub retains User Personal Information for as long as your account is active or as needed to provide you services.

-If you would like to cancel your account or delete your User Personal Information, you may do so in your user profile. We retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements, but barring legal requirements, we will delete your full profile (within reason) within 90 days of your request. You may contact GitHub Support or GitHub Premium Support to request the erasure of the data we process on the basis of consent within 30 days.
+If you would like to cancel your account or delete your User Personal Information, you may do so in your user profile. We retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements, but barring legal requirements, we will delete your full profile (within reason) within 90 days of your request. You may contact GitHub Support to request the erasure of the data we process on the basis of consent within 30 days.

 After an account has been deleted, certain data, such as contributions to other Users' repositories and comments in others' issues, will remain. However, we will delete or de-identify your User Personal Information, including your username and email address, from the author field of issues, pull requests, and comments by associating them with a ghost user.
milonmaze commented 3 years ago

f6b59489c1b2be573341a46e6abbfef2310c09f5: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2021-08-28

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 6b0b9c1..7d9c6f1 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -1,4 +1,3 @@
-GitHub Docs
 GitHub/Site policy/GitHub Privacy Statement
 GitHub Privacy Statement
 In this article
@@ -362,15 +361,4 @@ Make a contribution
 Or, learn how to contribute.

 Still need help?
-Ask the GitHub communityContact support
-© 2021 GitHub, Inc.
-Terms
-Privacy
-Security
-Status
-Help
-Contact GitHub
-Pricing
-Developer API
-Training
-About
\ No newline at end of file
+Ask the GitHub communityContact support
\ No newline at end of file
milonmaze commented 3 years ago

d8e78875d4ea2a229b48ea4b30ad4f058628460a: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2021-09-05

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 7d9c6f1..a25ef39 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -1,4 +1,3 @@
-GitHub/Site policy/GitHub Privacy Statement
 GitHub Privacy Statement
 In this article
 The short version
milonmaze commented 3 years ago

e590fd8fc1a0eafe3325b8e664ede5f60c517618: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2021-10-02

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index a25ef39..13c86cc 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -1,4 +1,3 @@
-GitHub Privacy Statement
 In this article
 The short version
 Summary
@@ -20,6 +19,7 @@ Changes to our Privacy Statement
 License
 Contacting GitHub
 Translations
+GitHub Privacy Statement

 Effective date: December 19, 2020
milonmaze commented 3 years ago

dd1a6e6e9bb6bb47b3bc318094a575829f4c76aa: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2021-10-08

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 13c86cc..9ce721c 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -349,8 +349,8 @@ Other translations

 For translations of this statement into other languages, please visit https://docs.github.com/ and select a language from the drop-down menu under “English.”

-Did this doc help you?Privacy policy
-
+Did this doc help you?
+Privacy policy
 Help us make these docs great!

 All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.
@@ -360,4 +360,5 @@ Make a contribution
 Or, learn how to contribute.

 Still need help?
-Ask the GitHub communityContact support
\ No newline at end of file
+Ask the GitHub community
+Contact support
\ No newline at end of file
milonmaze commented 3 years ago

73a939df4e75f59507db5e4b295071a9f435ac50: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2021-10-31

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 9ce721c..039c592 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -1,3 +1,4 @@
+GitHub Privacy Statement
 In this article
 The short version
 Summary
@@ -19,7 +20,6 @@ Changes to our Privacy Statement
 License
 Contacting GitHub
 Translations
-GitHub Privacy Statement

 Effective date: December 19, 2020
milonmaze commented 2 years ago

e65860f851e7461ebe07b593df83241a7f54ce20: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2021-12-15

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 039c592..006b23a 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -361,4 +361,5 @@ Or, learn how to contribute.

 Still need help?
 Ask the GitHub community
-Contact support
\ No newline at end of file
+Contact support
+Scroll to top
\ No newline at end of file
milonmaze commented 2 years ago

97c4d07da9c5af5a56c518568a43b14262ac7614: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2022-01-26

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 006b23a..af10393 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -1,3 +1,4 @@
+Skip to main content
 GitHub Privacy Statement
 In this article
 The short version
@@ -347,19 +348,4 @@ Cliquez ici pour obtenir la version française: Déclaration de confidentialité

 Other translations

-For translations of this statement into other languages, please visit https://docs.github.com/ and select a language from the drop-down menu under “English.”
-
-Did this doc help you?
-Privacy policy
-Help us make these docs great!
-
-All GitHub docs are open source. See something that's wrong or unclear? Submit a pull request.
-
-Make a contribution
-
-Or, learn how to contribute.
-
-Still need help?
-Ask the GitHub community
-Contact support
-Scroll to top
\ No newline at end of file
+For translations of this statement into other languages, please visit https://docs.github.com/ and select a language from the drop-down menu under “English.”
\ No newline at end of file
milonmaze commented 2 years ago

4c6eaaa8c393c72dbe28dd6fa46e2af9e8244c32: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2022-04-20

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index af103931..7ad99e3a 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -1,351 +1,2 @@
-Skip to main content
-GitHub Privacy Statement
-In this article
-The short version
-Summary
-GitHub Privacy Statement
-What information GitHub collects
-What information GitHub does not collect
-How GitHub uses your information
-How we share the information we collect
-Repository contents
-Other important information
-Additional services
-How you can access and control the information we collect
-Our use of cookies and tracking
-How GitHub secures your information
-GitHub's global privacy practices
-How we communicate with you
-Resolving complaints
-Changes to our Privacy Statement
-License
-Contacting GitHub
-Translations
-
-Effective date: December 19, 2020
-
-Thanks for entrusting GitHub Inc. (“GitHub”, “we”) with your source code, your projects, and your personal information. Holding on to your private information is a serious responsibility, and we want you to know how we're handling it.
-
-All capitalized terms have their definition in GitHub’s Terms of Service, unless otherwise noted here.
-
-The short version
-
-We use your personal information as this Privacy Statement describes. No matter where you are, where you live, or what your citizenship is, we provide the same high standard of privacy protection to all our users around the world, regardless of their country of origin or location.
-
-Of course, the short version and the Summary below don't tell you everything, so please read on for more details.
-
-Summary
-Section    What can you find there?
-What information GitHub collects   GitHub collects information directly from you for your registration, payment, transactions, and user profile. We also automatically collect from you your usage information, cookies, and device information, subject, where necessary, to your consent. GitHub may also collect User Personal Information from third parties. We only collect the minimum amount of personal information necessary from you, unless you choose to provide more.
-What information GitHub does not collect   We don’t knowingly collect information from children under 13, and we don’t collect Sensitive Personal Information.
-How GitHub uses your information   In this section, we describe the ways in which we use your information, including to provide you the Service, to communicate with you, for security and compliance purposes, and to improve our Service. We also describe the legal basis upon which we process your information, where legally required.
-How we share the information we collect    We may share your information with third parties under one of the following circumstances: with your consent, with our service providers, for security purposes, to comply with our legal obligations, or when there is a change of control or sale of corporate entities or business units. We do not sell your personal information and we do not host advertising on GitHub. You can see a list of the service providers that access your information.
-Other important information    We provide additional information specific to repository contents, public information, and Organizations on GitHub.
-Additional services    We provide information about additional service offerings, including third-party applications, GitHub Pages, and GitHub applications.
-How you can access and control the information we collect  We provide ways for you to access, alter, or delete your personal information.
-Our use of cookies and tracking    We only use strictly necessary cookies to provide, secure and improve our service. We offer a page that makes this very transparent. Please see this section for more information.
-How GitHub secures your information    We take all measures reasonably necessary to protect the confidentiality, integrity, and availability of your personal information on GitHub and to protect the resilience of our servers.
-GitHub's global privacy practices  We provide the same high standard of privacy protection to all our users around the world.
-How we communicate with you    We communicate with you by email. You can control the way we contact you in your account settings, or by contacting us.
-Resolving complaints   In the unlikely event that we are unable to resolve a privacy concern quickly and thoroughly, we provide a path of dispute resolution.
-Changes to our Privacy Statement   We notify you of material changes to this Privacy Statement 30 days before any such changes become effective. You may also track changes in our Site Policy repository.
-License    This Privacy Statement is licensed under the Creative Commons Zero license.
-Contacting GitHub  Please feel free to contact us if you have questions about our Privacy Statement.
-Translations   We provide links to some translations of the Privacy Statement.
-GitHub Privacy Statement
-What information GitHub collects
-
-"User Personal Information" is any information about one of our Users which could, alone or together with other information, personally identify them or otherwise be reasonably linked or connected with them. Information such as a username and password, an email address, a real name, an Internet protocol (IP) address, and a photograph are examples of “User Personal Information.”
-
-User Personal Information does not include aggregated, non-personally identifying information that does not identify a User or cannot otherwise be reasonably linked or connected with them. We may use such aggregated, non-personally identifying information for research purposes and to operate, analyze, improve, and optimize our Website and Service.
-
-Information users provide directly to GitHub
-Registration information
-
-We require some basic information at the time of account creation. When you create your own username and password, we ask you for a valid email address.
-
-Payment information
-
-If you sign on to a paid Account with us, send funds through the GitHub Sponsors Program, or buy an application on GitHub Marketplace, we collect your full name, address, and credit card information or PayPal information. Please note, GitHub does not process or store your credit card information or PayPal information, but our third-party payment processor does.
-
-If you list and sell an application on GitHub Marketplace, we require your banking information. If you raise funds through the GitHub Sponsors Program, we require some additional information through the registration process for you to participate in and receive funds through those services and for compliance purposes.
-
-Profile information
-
-You may choose to give us more information for your Account profile, such as your full name, an avatar which may include a photograph, your biography, your location, your company, and a URL to a third-party website. This information may include User Personal Information. Please note that your profile information may be visible to other Users of our Service.
-
-Information GitHub automatically collects from your use of the Service
-Transactional information
-
-If you have a paid Account with us, sell an application listed on GitHub Marketplace, or raise funds through the GitHub Sponsors Program, we automatically collect certain information about your transactions on the Service, such as the date, time, and amount charged.
-
-Usage information
-
-If you're accessing our Service or Website, we automatically collect the same basic information that most services collect, subject, where necessary, to your consent. This includes information about how you use the Service, such as the pages you view, the referring site, your IP address and session information, and the date and time of each request. This is information we collect from every visitor to the Website, whether they have an Account or not. This information may include User Personal information.
-
-Cookies
-
-As further described below, we automatically collect information from cookies (such as cookie ID and settings) to keep you logged in, to remember your preferences, to identify you and your device and to analyze your use of our service.
-
-Device information
-
-We may collect certain information about your device, such as its IP address, browser or client application information, language preference, operating system and application version, device type and ID, and device model and manufacturer. This information may include User Personal information.
-
-Information we collect from third parties
-
-GitHub may collect User Personal Information from third parties. For example, this may happen if you sign up for training or to receive information about GitHub from one of our vendors, partners, or affiliates. GitHub does not purchase User Personal Information from third-party data brokers.
-
-What information GitHub does not collect
-
-We do not intentionally collect “Sensitive Personal Information”, such as personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. If you choose to store any Sensitive Personal Information on our servers, you are responsible for complying with any regulatory controls regarding that data.
-
-If you are a child under the age of 13, you may not have an Account on GitHub. GitHub does not knowingly collect information from or direct any of our content specifically to children under 13. If we learn or have reason to suspect that you are a User who is under the age of 13, we will have to close your Account. We don't want to discourage you from learning to code, but those are the rules. Please see our Terms of Service for information about Account termination. Different countries may have different minimum age limits, and if you are below the minimum age for providing consent for data collection in your country, you may not have an Account on GitHub.
-
-We do not intentionally collect User Personal Information that is stored in your repositories or other free-form content inputs. Any personal information within a user's repository is the responsibility of the repository owner.
-
-How GitHub uses your information
-
-We may use your information for the following purposes:
-
-We use your Registration Information to create your account, and to provide you the Service.
-We use your Payment Information to provide you with the Paid Account service, the Marketplace service, the Sponsors Program, or any other GitHub paid service you request.
-We use your User Personal Information, specifically your username, to identify you on GitHub.
-We use your Profile Information to fill out your Account profile and to share that profile with other users if you ask us to.
-We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay. Please see our section on email communication for more information.
-We use User Personal Information to respond to support requests.
-We use User Personal Information and other data to make recommendations for you, such as to suggest projects you may want to follow or contribute to. We learn from your public behavior on GitHub—such as the projects you star—to determine your coding interests, and we recommend similar projects. These recommendations are automated decisions, but they have no legal impact on your rights.
-We may use User Personal Information to invite you to take part in surveys, beta programs, or other research projects, subject, where necessary, to your consent .
-We use Usage Information and Device Information to better understand how our Users use GitHub and to improve our Website and Service.
-We may use your User Personal Information if it is necessary for security purposes or to investigate possible fraud or attempts to harm GitHub or our Users.
-We may use your User Personal Information to comply with our legal obligations, protect our intellectual property, and enforce our Terms of Service.
-We limit our use of your User Personal Information to the purposes listed in this Privacy Statement. If we need to use your User Personal Information for other purposes, we will ask your permission first. You can always see what information we have, how we're using it, and what permissions you have given us in your user profile.
-Our legal bases for processing information
-
-To the extent that our processing of your User Personal Information is subject to certain international laws (including, but not limited to, the European Union's General Data Protection Regulation (GDPR)), GitHub is required to notify you about the legal basis on which we process User Personal Information. GitHub processes User Personal Information on the following legal bases:
-
-Contract Performance:
-When you create a GitHub Account, you provide your Registration Information. We require this information for you to enter into the Terms of Service agreement with us, and we process that information on the basis of performing that contract. We also process your username and email address on other legal bases, as described below.
-If you have a paid Account with us, we collect and process additional Payment Information on the basis of performing that contract.
-When you buy or sell an application listed on our Marketplace or, when you send or receive funds through the GitHub Sponsors Program, we process Payment Information and additional elements in order to perform the contract that applies to those services.
-Consent:
-We rely on your consent to use your User Personal Information under the following circumstances: when you fill out the information in your user profile; when you decide to participate in a GitHub training, research project, beta program, or survey; and for marketing purposes, where applicable. All of this User Personal Information is entirely optional, and you have the ability to access, modify, and delete it at any time. While you are not able to delete your email address entirely, you can make it private. You may withdraw your consent at any time.
-Legitimate Interests:
-Generally, the remainder of the processing of User Personal Information we perform is necessary for the purposes of our legitimate interest, for example, for legal compliance purposes, security purposes, or to maintain ongoing confidentiality, integrity, availability, and resilience of GitHub’s systems, Website, and Service.
-If you would like to request deletion of data we process on the basis of consent or if you object to our processing of personal information, please use our Privacy contact form.
-How we share the information we collect
-
-We may share your User Personal Information with third parties under one of the following circumstances:
-
-With your consent
-
-We share your User Personal Information, if you consent, after letting you know what information will be shared, with whom, and why. For example, if you purchase an application listed on our Marketplace, we share your username to allow the application Developer to provide you with services. Additionally, you may direct us through your actions on GitHub to share your User Personal Information. For example, if you join an Organization, you indicate your willingness to provide the owner of the Organization with the ability to view your activity in the Organization’s access log.
-
-With service providers
-
-We share User Personal Information with a limited number of service providers who process it on our behalf to provide or improve our Service, and who have agreed to privacy restrictions similar to the ones in our Privacy Statement by signing data protection agreements or making similar commitments. Our service providers perform payment processing, customer support ticketing, network data transmission, security, and other similar services. While GitHub processes all User Personal Information in the United States, our service providers may process data outside of the United States or the European Union. If you would like to know who our service providers are, please see our page on Subprocessors.
-
-For security purposes
-
-If you are a member of an Organization, GitHub may share your username, Usage Information, and Device Information associated with that Organization with an owner and/or administrator of the Organization, to the extent that such information is provided only to investigate or respond to a security incident that affects or compromises the security of that particular Organization.
-
-For legal disclosure
-
-GitHub strives for transparency in complying with legal process and legal obligations. Unless prevented from doing so by law or court order, or in rare, exigent circumstances, we make a reasonable effort to notify users of any legally compelled or required disclosure of their information. GitHub may disclose User Personal Information or other information we collect about you to law enforcement if required in response to a valid subpoena, court order, search warrant, a similar government order, or when we believe in good faith that disclosure is necessary to comply with our legal obligations, to protect our property or rights, or those of third parties or the public at large.
-
-For more information about our disclosure in response to legal requests, see our Guidelines for Legal Requests of User Data.
-
-Change in control or sale
-
-We may share User Personal Information if we are involved in a merger, sale, or acquisition of corporate entities or business units. If any such change of ownership happens, we will ensure that it is under terms that preserve the confidentiality of User Personal Information, and we will notify you on our Website or by email before any transfer of your User Personal Information. The organization receiving any User Personal Information will have to honor any promises we made in our Privacy Statement or Terms of Service.
-
-Aggregate, non-personally identifying information
-
-We share certain aggregated, non-personally identifying information with others about how our users, collectively, use GitHub, or how our users respond to our other offerings, such as our conferences or events.
-
-We do not sell your User Personal Information for monetary or other consideration.
-
-Please note: The California Consumer Privacy Act of 2018 (“CCPA”) requires businesses to state in their privacy policy whether or not they disclose personal information in exchange for monetary or other valuable consideration. While CCPA only covers California residents, we voluntarily extend its core rights for people to control their data to all of our users, not just those who live in California. You can learn more about the CCPA and how we comply with it here.
-
-Repository contents
-Access to private repositories
-
-If your repository is private, you control the access to your Content. If you include User Personal Information or Sensitive Personal Information, that information may only be accessible to GitHub in accordance with this Privacy Statement. GitHub personnel do not access private repository content except for
-
-security purposes
-to assist the repository owner with a support matter
-to maintain the integrity of the Service
-to comply with our legal obligations
-if we have reason to believe the contents are in violation of the law, or
-with your consent.
-
-However, while we do not generally search for content in your repositories, we may scan our servers and content to detect certain tokens or security signatures, known active malware, known vulnerabilities in dependencies, or other content known to violate our Terms of Service, such as violent extremist or terrorist content or child exploitation imagery, based on algorithmic fingerprinting techniques (collectively, "automated scanning"). Our Terms of Service provides more details on private repositories.
-
-Please note, you may choose to disable certain access to your private repositories that is enabled by default as part of providing you with the Service (for example, automated scanning needed to enable Dependency Graph and Dependabot alerts).
-
-GitHub will provide notice regarding our access to private repository content, unless for legal disclosure, to comply with our legal obligations, or where otherwise bound by requirements under law, for automated scanning, or if in response to a security threat or other risk to security.
-
-Public repositories
-
-If your repository is public, anyone may view its contents. If you include User Personal Information, Sensitive Personal Information, or confidential information, such as email addresses or passwords, in your public repository, that information may be indexed by search engines or used by third parties.
-
-Please see more about User Personal Information in public repositories.
-
-Other important information
-Public information on GitHub
-
-Many of GitHub services and features are public-facing. If your content is public-facing, third parties may access and use it in compliance with our Terms of Service, such as by viewing your profile or repositories or pulling data via our API. We do not sell that content; it is yours. However, we do allow third parties, such as research organizations or archives, to compile public-facing GitHub information. Other third parties, such as data brokers, have been known to scrape GitHub and compile data as well.
-
-Your User Personal Information associated with your content could be gathered by third parties in these compilations of GitHub data. If you do not want your User Personal Information to appear in third parties’ compilations of GitHub data, please do not make your User Personal Information publicly available and be sure to configure your email address to be private in your user profile and in your git commit settings. We currently set Users' email address to private by default, but legacy GitHub Users may need to update their settings.
-
-If you would like to compile GitHub data, you must comply with our Terms of Service regarding information usage and privacy, and you may only use any public-facing User Personal Information you gather for the purpose for which our user authorized it. For example, where a GitHub user has made an email address public-facing for the purpose of identification and attribution, do not use that email address for the purposes of sending unsolicited emails to users or selling User Personal Information, such as to recruiters, headhunters, and job boards, or for commercial advertising. We expect you to reasonably secure any User Personal Information you have gathered from GitHub, and to respond promptly to complaints, removal requests, and "do not contact" requests from GitHub or GitHub users.
-
-Similarly, projects on GitHub may include publicly available User Personal Information collected as part of the collaborative process. If you have a complaint about any User Personal Information on GitHub, please see our section on resolving complaints.
-
-Organizations
-
-You may indicate, through your actions on GitHub, that you are willing to share your User Personal Information. If you collaborate on or become a member of an Organization, then its Account owners may receive your User Personal Information. When you accept an invitation to an Organization, you will be notified of the types of information owners may be able to see (for more information, see About Organization Membership). If you accept an invitation to an Organization with a verified domain, then the owners of that Organization will be able to see your full email address(es) within that Organization's verified domain(s).
-
-Please note, GitHub may share your username, Usage Information, and Device Information with the owner(s) of the Organization you are a member of, to the extent that your User Personal Information is provided only to investigate or respond to a security incident that affects or compromises the security of that particular Organization.
-
-If you collaborate on or become a member of an Account that has agreed to the Corporate Terms of Service and a Data Protection Addendum (DPA) to this Privacy Statement, then that DPA governs in the event of any conflicts between this Privacy Statement and the DPA with respect to your activity in the Account.
-
-Please contact the Account owners for more information about how they might process your User Personal Information in their Organization and the ways for you to access, update, alter, or delete the User Personal Information stored in the Account.
-
-Additional services
-Third party applications
-
-You have the option of enabling or adding third-party applications, known as "Developer Products," to your Account. These Developer Products are not necessary for your use of GitHub. We will share your User Personal Information with third parties when you ask us to, such as by purchasing a Developer Product from the Marketplace; however, you are responsible for your use of the third-party Developer Product and for the amount of User Personal Information you choose to share with it. You can check our API documentation to see what information is provided when you authenticate into a Developer Product using your GitHub profile.
-
-GitHub Pages
-
-If you create a GitHub Pages website, it is your responsibility to post a privacy statement that accurately describes how you collect, use, and share personal information and other visitor information, and how you comply with applicable data privacy laws, rules, and regulations. Please note that GitHub may collect User Personal Information from visitors to your GitHub Pages website, including logs of visitor IP addresses, to comply with legal obligations, and to maintain the security and integrity of the Website and the Service.
-
-GitHub applications
-
-You can also add applications from GitHub, such as our Desktop app, our Atom application, or other application and account features, to your Account. These applications each have their own terms and may collect different kinds of User Personal Information; however, all GitHub applications are subject to this Privacy Statement, and we collect the amount of User Personal Information necessary, and use it only for the purpose for which you have given it to us.
-
-How you can access and control the information we collect
-
-If you're already a GitHub user, you may access, update, alter, or delete your basic user profile information by editing your user profile or contacting GitHub Support. You can control the information we collect about you by limiting what information is in your profile, by keeping your information current, or by contacting GitHub Support.
-
-If GitHub processes information about you, such as information GitHub receives from third parties, and you do not have an account, then you may, subject to applicable law, access, update, alter, delete, or object to the processing of your personal information by contacting GitHub Support.
-
-Data portability
-
-As a GitHub User, you can always take your data with you. You can clone your repositories to your desktop, for example, or you can use our Data Portability tools to download information we have about you.
-
-Data retention and deletion of data
-
-Generally, GitHub retains User Personal Information for as long as your account is active or as needed to provide you services.
-
-If you would like to cancel your account or delete your User Personal Information, you may do so in your user profile. We retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements, but barring legal requirements, we will delete your full profile (within reason) within 90 days of your request. You may contact GitHub Support to request the erasure of the data we process on the basis of consent within 30 days.
-
-After an account has been deleted, certain data, such as contributions to other Users' repositories and comments in others' issues, will remain. However, we will delete or de-identify your User Personal Information, including your username and email address, from the author field of issues, pull requests, and comments by associating them with a ghost user.
-
-That said, the email address you have supplied via your Git commit settings will always be associated with your commits in the Git system. If you choose to make your email address private, you should also update your Git commit settings. We are unable to change or delete data in the Git commit history — the Git software is designed to maintain a record — but we do enable you to control what information you put in that record.
-
-Our use of cookies and tracking
-Cookies
-
-GitHub only uses strictly necessary cookies. Cookies are small text files that websites often store on computer hard drives or mobile devices of visitors.
-
-We use cookies solely to provide, secure, and improve our service. For example, we use them to keep you logged in, remember your preferences, identify your device for security purposes, analyze your use of our service, compile statistical reports, and provide information for future development of GitHub. We use our own cookies for analytics purposes, but do not use any third-party analytics service providers.
-
-By using our service, you agree that we can place these types of cookies on your computer or device. If you disable your browser or device’s ability to accept these cookies, you will not be able to log in or use our service.
-
-We provide more information about cookies on GitHub on our GitHub Subprocessors and Cookies page that describes the cookies we set, the needs we have for those cookies, and the expiration of such cookies.
-
-DNT
-
-"Do Not Track" (DNT) is a privacy preference you can set in your browser if you do not want online services to collect and share certain kinds of information about your online activity from third party tracking services. GitHub responds to browser DNT signals and follows the W3C standard for responding to DNT signals. If you would like to set your browser to signal that you would not like to be tracked, please check your browser's documentation for how to enable that signal. There are also good applications that block online tracking, such as Privacy Badger.
-
-How GitHub secures your information
-
-GitHub takes all measures reasonably necessary to protect User Personal Information from unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of User Personal Information.
-
-GitHub enforces a written security information program. Our program:
-
-aligns with industry recognized frameworks;
-includes security safeguards reasonably designed to protect the confidentiality, integrity, availability, and resilience of our Users' data;
-is appropriate to the nature, size, and complexity of GitHub’s business operations;
-includes incident response and data breach notification processes; and
-complies with applicable information security-related laws and regulations in the geographic regions where GitHub does business.
-
-In the event of a data breach that affects your User Personal Information, we will act promptly to mitigate the impact of a breach and notify any affected Users without undue delay.
-
-Transmission of data on GitHub is encrypted using SSH, HTTPS (TLS), and git repository content is encrypted at rest. We manage our own cages and racks at top-tier data centers with high level of physical and network security, and when data is stored with a third-party storage provider, it is encrypted.
-
-No method of transmission, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security. For more information, see our security disclosures.
-
-GitHub's global privacy practices
-
-GitHub, Inc. and, for those in the European Economic Area, the United Kingdom, and Switzerland, GitHub B.V. are the controllers responsible for the processing of your personal information in connection with the Service, except (a) with respect to personal information that was added to a repository by its contributors, in which case the owner of that repository is the controller and GitHub is the processor (or, if the owner acts as a processor, GitHub will be the subprocessor); or (b) when you and GitHub have entered into a separate agreement that covers data privacy (such as a Data Processing Agreement).
-
-Our addresses are:
-
-GitHub, Inc., 88 Colin P. Kelly Jr. Street, San Francisco, CA 94107.
-GitHub B.V., Vijzelstraat 68-72, 1017 HL Amsterdam, The Netherlands.
-
-We store and process the information that we collect in the United States in accordance with this Privacy Statement, though our service providers may store and process data outside the United States. However, we understand that we have Users from different countries and regions with different privacy expectations, and we try to meet those needs even when the United States does not have the same privacy framework as other countries.
-
-We provide the same high standard of privacy protection—as described in this Privacy Statement—to all our users around the world, regardless of their country of origin or location, and we are proud of the levels of notice, choice, accountability, security, data integrity, access, and recourse we provide. We work hard to comply with the applicable data privacy laws wherever we do business, working with our Data Protection Officer as part of a cross-functional team that oversees our privacy compliance efforts. Additionally, if our vendors or affiliates have access to User Personal Information, they must sign agreements that require them to comply with our privacy policies and with applicable data privacy laws.
-
-In particular:
-
-GitHub provides clear methods of unambiguous, informed, specific, and freely given consent at the time of data collection, when we collect your User Personal Information using consent as a basis.
-We collect only the minimum amount of User Personal Information necessary for our purposes, unless you choose to provide more. We encourage you to only give us the amount of data you are comfortable sharing.
-We offer you simple methods of accessing, altering, or deleting the User Personal Information we have collected, where legally permitted.
-We provide our Users notice, choice, accountability, security, and access regarding their User Personal Information, and we limit the purpose for processing it. We also provide our Users a method of recourse and enforcement.
-Cross-border data transfers
-
-GitHub processes personal information both inside and outside of the United States and relies on Standard Contractual Clauses as the legally provided mechanism to lawfully transfer data from the European Economic Area, the United Kingdom, and Switzerland to the United States. In addition, GitHub is certified to the EU-US and Swiss-US Privacy Shield Frameworks. To learn more about our cross-border data transfers, see our Global Privacy Practices.
-
-How we communicate with you
-
-We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay. For example, if you contact our Support team with a request, we respond to you via email. You have a lot of control over how your email address is used and shared on and through GitHub. You may manage your communication preferences in your user profile.
-
-By design, the Git version control system associates many actions with a User's email address, such as commit messages. We are not able to change many aspects of the Git system. If you would like your email address to remain private, even when you’re commenting on public repositories, you can create a private email address in your user profile. You should also update your local Git configuration to use your private email address. This will not change how we contact you, but it will affect how others see you. We set current Users' email address private by default, but legacy GitHub Users may need to update their settings. Please see more about email addresses in commit messages here.
-
-Depending on your email settings, GitHub may occasionally send notification emails about changes in a repository you’re watching, new features, requests for feedback, important policy changes, or to offer customer support. We also send marketing emails, based on your choices and in accordance with applicable laws and regulations. There's an “unsubscribe” link located at the bottom of each of the marketing emails we send you. Please note that you cannot opt out of receiving important communications from us, such as emails from our Support team or system emails, but you can configure your notifications settings in your profile to opt out of other communications.
-
-Our emails may contain a pixel tag, which is a small, clear image that can tell us whether or not you have opened an email and what your IP address is. We use this pixel tag to make our email more effective for you and to make sure we’re not sending you unwanted email.
-
-Resolving complaints
-
-If you have concerns about the way GitHub is handling your User Personal Information, please let us know immediately. We want to help. You may contact us by filling out the Privacy contact form. You may also email us directly at privacy@github.com with the subject line "Privacy Concerns." We will respond promptly — within 45 days at the latest.
-
-You may also contact our Data Protection Officer directly.
-
-Our United States HQ   Our EU Office
-GitHub Data Protection Officer GitHub BV
-88 Colin P. Kelly Jr. St.  Vijzelstraat 68-72
-San Francisco, CA 94107    1017 HL Amsterdam
-United States  The Netherlands
-privacy@github.com privacy@github.com
-Dispute resolution process
-
-In the unlikely event that a dispute arises between you and GitHub regarding our handling of your User Personal Information, we will do our best to resolve it. Additionally, if you are a resident of an EU member state, you have the right to file a complaint with your local supervisory authority, and you might have more options.
-
-Changes to our Privacy Statement
-
-Although most changes are likely to be minor, GitHub may change our Privacy Statement from time to time. We will provide notification to Users of material changes to this Privacy Statement through our Website at least 30 days prior to the change taking effect by posting a notice on our home page or sending email to the primary email address specified in your GitHub account. We will also update our Site Policy repository, which tracks all changes to this policy. For other changes to this Privacy Statement, we encourage Users to watch or to check our Site Policy repository frequently.
-
-License
-
-This Privacy Statement is licensed under this Creative Commons Zero license. For details, see our site-policy repository.
-
-Contacting GitHub
-
-Questions regarding GitHub's Privacy Statement or information practices should be directed to our Privacy contact form.
-
-Translations
-
-Below are translations of this document into other languages. In the event of any conflict, uncertainty, or apparent inconsistency between any of those versions and the English version, this English version is the controlling version.
-
-French
-
-Cliquez ici pour obtenir la version française: Déclaration de confidentialité de GitHub
-
-Other translations
-
-For translations of this statement into other languages, please visit https://docs.github.com/ and select a language from the drop-down menu under “English.”
\ No newline at end of file
+The request is blocked.
+0eRJgYgAAAADNRF6FOO24QIzXymnwy9hsU0pDRURHRTA1MTEANTk2ZDc4YTItY2E1Zi00NzlkLWJjZGMtMDgzNTgzMzE3NGIy
\ No newline at end of file
milonmaze commented 2 years ago

046443a3c72a6c08da2e5dbdddd31215d51613f9: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2022-04-22

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 7ad99e3..669bd25 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -1,2 +1,2 @@
 The request is blocked.
-0eRJgYgAAAADNRF6FOO24QIzXymnwy9hsU0pDRURHRTA1MTEANTk2ZDc4YTItY2E1Zi00NzlkLWJjZGMtMDgzNTgzMzE3NGIy
\ No newline at end of file
+0gbViYgAAAAC8Yw7XgtF6TZ9Uc6IC9ITpU0pDRURHRTA1MDcANTk2ZDc4YTItY2E1Zi00NzlkLWJjZGMtMDgzNTgzMzE3NGIy
\ No newline at end of file
milonmaze commented 2 years ago

a70b280edfa61bc862abe83a3b313a52310d9dae: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2022-04-24

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 669bd25..93874e0 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -1,2 +1,2 @@
 The request is blocked.
-0gbViYgAAAAC8Yw7XgtF6TZ9Uc6IC9ITpU0pDRURHRTA1MDcANTk2ZDc4YTItY2E1Zi00NzlkLWJjZGMtMDgzNTgzMzE3NGIy
\ No newline at end of file
+0eVhlYgAAAACE2BiauI4PQIk/4ZkQ1Q+IU0pDRURHRTAzMTIANTk2ZDc4YTItY2E1Zi00NzlkLWJjZGMtMDgzNTgzMzE3NGIy
\ No newline at end of file
milonmaze commented 2 years ago

2d0c90422eea3586fe1eb061fa137feefa93fb42: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2022-04-25

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 93874e0..7614b6b 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -1,2 +1,2 @@
 The request is blocked.
-0eVhlYgAAAACE2BiauI4PQIk/4ZkQ1Q+IU0pDRURHRTAzMTIANTk2ZDc4YTItY2E1Zi00NzlkLWJjZGMtMDgzNTgzMzE3NGIy
\ No newline at end of file
+096lmYgAAAAAZWIioQgG1TJgxTp6wHNMxU0pDRURHRTA1MDYANTk2ZDc4YTItY2E1Zi00NzlkLWJjZGMtMDgzNTgzMzE3NGIy
\ No newline at end of file
milonmaze commented 2 years ago

1844ed4f23a1f2b61fbcbdad4416b995df5a3351: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2022-04-27

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 7614b6b..e9732e1 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -1,2 +1,2 @@
 The request is blocked.
-096lmYgAAAAAZWIioQgG1TJgxTp6wHNMxU0pDRURHRTA1MDYANTk2ZDc4YTItY2E1Zi00NzlkLWJjZGMtMDgzNTgzMzE3NGIy
\ No newline at end of file
+0Ek1pYgAAAADiCujFW7cXTLVZ3ZC3haADU0pDRURHRTAzMjEANTk2ZDc4YTItY2E1Zi00NzlkLWJjZGMtMDgzNTgzMzE3NGIy
\ No newline at end of file
milonmaze commented 2 years ago

744eb1190ae5e66dba90cfbc027e33cbe40e611a: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2022-04-29

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index e9732e1f..af103931 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -1,2 +1,351 @@
-The request is blocked.
-0Ek1pYgAAAADiCujFW7cXTLVZ3ZC3haADU0pDRURHRTAzMjEANTk2ZDc4YTItY2E1Zi00NzlkLWJjZGMtMDgzNTgzMzE3NGIy
\ No newline at end of file
+Skip to main content
+GitHub Privacy Statement
+In this article
+The short version
+Summary
+GitHub Privacy Statement
+What information GitHub collects
+What information GitHub does not collect
+How GitHub uses your information
+How we share the information we collect
+Repository contents
+Other important information
+Additional services
+How you can access and control the information we collect
+Our use of cookies and tracking
+How GitHub secures your information
+GitHub's global privacy practices
+How we communicate with you
+Resolving complaints
+Changes to our Privacy Statement
+License
+Contacting GitHub
+Translations
+
+Effective date: December 19, 2020
+
+Thanks for entrusting GitHub Inc. (“GitHub”, “we”) with your source code, your projects, and your personal information. Holding on to your private information is a serious responsibility, and we want you to know how we're handling it.
+
+All capitalized terms have their definition in GitHub’s Terms of Service, unless otherwise noted here.
+
+The short version
+
+We use your personal information as this Privacy Statement describes. No matter where you are, where you live, or what your citizenship is, we provide the same high standard of privacy protection to all our users around the world, regardless of their country of origin or location.
+
+Of course, the short version and the Summary below don't tell you everything, so please read on for more details.
+
+Summary
+Section    What can you find there?
+What information GitHub collects   GitHub collects information directly from you for your registration, payment, transactions, and user profile. We also automatically collect from you your usage information, cookies, and device information, subject, where necessary, to your consent. GitHub may also collect User Personal Information from third parties. We only collect the minimum amount of personal information necessary from you, unless you choose to provide more.
+What information GitHub does not collect   We don’t knowingly collect information from children under 13, and we don’t collect Sensitive Personal Information.
+How GitHub uses your information   In this section, we describe the ways in which we use your information, including to provide you the Service, to communicate with you, for security and compliance purposes, and to improve our Service. We also describe the legal basis upon which we process your information, where legally required.
+How we share the information we collect    We may share your information with third parties under one of the following circumstances: with your consent, with our service providers, for security purposes, to comply with our legal obligations, or when there is a change of control or sale of corporate entities or business units. We do not sell your personal information and we do not host advertising on GitHub. You can see a list of the service providers that access your information.
+Other important information    We provide additional information specific to repository contents, public information, and Organizations on GitHub.
+Additional services    We provide information about additional service offerings, including third-party applications, GitHub Pages, and GitHub applications.
+How you can access and control the information we collect  We provide ways for you to access, alter, or delete your personal information.
+Our use of cookies and tracking    We only use strictly necessary cookies to provide, secure and improve our service. We offer a page that makes this very transparent. Please see this section for more information.
+How GitHub secures your information    We take all measures reasonably necessary to protect the confidentiality, integrity, and availability of your personal information on GitHub and to protect the resilience of our servers.
+GitHub's global privacy practices  We provide the same high standard of privacy protection to all our users around the world.
+How we communicate with you    We communicate with you by email. You can control the way we contact you in your account settings, or by contacting us.
+Resolving complaints   In the unlikely event that we are unable to resolve a privacy concern quickly and thoroughly, we provide a path of dispute resolution.
+Changes to our Privacy Statement   We notify you of material changes to this Privacy Statement 30 days before any such changes become effective. You may also track changes in our Site Policy repository.
+License    This Privacy Statement is licensed under the Creative Commons Zero license.
+Contacting GitHub  Please feel free to contact us if you have questions about our Privacy Statement.
+Translations   We provide links to some translations of the Privacy Statement.
+GitHub Privacy Statement
+What information GitHub collects
+
+"User Personal Information" is any information about one of our Users which could, alone or together with other information, personally identify them or otherwise be reasonably linked or connected with them. Information such as a username and password, an email address, a real name, an Internet protocol (IP) address, and a photograph are examples of “User Personal Information.”
+
+User Personal Information does not include aggregated, non-personally identifying information that does not identify a User or cannot otherwise be reasonably linked or connected with them. We may use such aggregated, non-personally identifying information for research purposes and to operate, analyze, improve, and optimize our Website and Service.
+
+Information users provide directly to GitHub
+Registration information
+
+We require some basic information at the time of account creation. When you create your own username and password, we ask you for a valid email address.
+
+Payment information
+
+If you sign on to a paid Account with us, send funds through the GitHub Sponsors Program, or buy an application on GitHub Marketplace, we collect your full name, address, and credit card information or PayPal information. Please note, GitHub does not process or store your credit card information or PayPal information, but our third-party payment processor does.
+
+If you list and sell an application on GitHub Marketplace, we require your banking information. If you raise funds through the GitHub Sponsors Program, we require some additional information through the registration process for you to participate in and receive funds through those services and for compliance purposes.
+
+Profile information
+
+You may choose to give us more information for your Account profile, such as your full name, an avatar which may include a photograph, your biography, your location, your company, and a URL to a third-party website. This information may include User Personal Information. Please note that your profile information may be visible to other Users of our Service.
+
+Information GitHub automatically collects from your use of the Service
+Transactional information
+
+If you have a paid Account with us, sell an application listed on GitHub Marketplace, or raise funds through the GitHub Sponsors Program, we automatically collect certain information about your transactions on the Service, such as the date, time, and amount charged.
+
+Usage information
+
+If you're accessing our Service or Website, we automatically collect the same basic information that most services collect, subject, where necessary, to your consent. This includes information about how you use the Service, such as the pages you view, the referring site, your IP address and session information, and the date and time of each request. This is information we collect from every visitor to the Website, whether they have an Account or not. This information may include User Personal information.
+
+Cookies
+
+As further described below, we automatically collect information from cookies (such as cookie ID and settings) to keep you logged in, to remember your preferences, to identify you and your device and to analyze your use of our service.
+
+Device information
+
+We may collect certain information about your device, such as its IP address, browser or client application information, language preference, operating system and application version, device type and ID, and device model and manufacturer. This information may include User Personal information.
+
+Information we collect from third parties
+
+GitHub may collect User Personal Information from third parties. For example, this may happen if you sign up for training or to receive information about GitHub from one of our vendors, partners, or affiliates. GitHub does not purchase User Personal Information from third-party data brokers.
+
+What information GitHub does not collect
+
+We do not intentionally collect “Sensitive Personal Information”, such as personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. If you choose to store any Sensitive Personal Information on our servers, you are responsible for complying with any regulatory controls regarding that data.
+
+If you are a child under the age of 13, you may not have an Account on GitHub. GitHub does not knowingly collect information from or direct any of our content specifically to children under 13. If we learn or have reason to suspect that you are a User who is under the age of 13, we will have to close your Account. We don't want to discourage you from learning to code, but those are the rules. Please see our Terms of Service for information about Account termination. Different countries may have different minimum age limits, and if you are below the minimum age for providing consent for data collection in your country, you may not have an Account on GitHub.
+
+We do not intentionally collect User Personal Information that is stored in your repositories or other free-form content inputs. Any personal information within a user's repository is the responsibility of the repository owner.
+
+How GitHub uses your information
+
+We may use your information for the following purposes:
+
+We use your Registration Information to create your account, and to provide you the Service.
+We use your Payment Information to provide you with the Paid Account service, the Marketplace service, the Sponsors Program, or any other GitHub paid service you request.
+We use your User Personal Information, specifically your username, to identify you on GitHub.
+We use your Profile Information to fill out your Account profile and to share that profile with other users if you ask us to.
+We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay. Please see our section on email communication for more information.
+We use User Personal Information to respond to support requests.
+We use User Personal Information and other data to make recommendations for you, such as to suggest projects you may want to follow or contribute to. We learn from your public behavior on GitHub—such as the projects you star—to determine your coding interests, and we recommend similar projects. These recommendations are automated decisions, but they have no legal impact on your rights.
+We may use User Personal Information to invite you to take part in surveys, beta programs, or other research projects, subject, where necessary, to your consent .
+We use Usage Information and Device Information to better understand how our Users use GitHub and to improve our Website and Service.
+We may use your User Personal Information if it is necessary for security purposes or to investigate possible fraud or attempts to harm GitHub or our Users.
+We may use your User Personal Information to comply with our legal obligations, protect our intellectual property, and enforce our Terms of Service.
+We limit our use of your User Personal Information to the purposes listed in this Privacy Statement. If we need to use your User Personal Information for other purposes, we will ask your permission first. You can always see what information we have, how we're using it, and what permissions you have given us in your user profile.
+Our legal bases for processing information
+
+To the extent that our processing of your User Personal Information is subject to certain international laws (including, but not limited to, the European Union's General Data Protection Regulation (GDPR)), GitHub is required to notify you about the legal basis on which we process User Personal Information. GitHub processes User Personal Information on the following legal bases:
+
+Contract Performance:
+When you create a GitHub Account, you provide your Registration Information. We require this information for you to enter into the Terms of Service agreement with us, and we process that information on the basis of performing that contract. We also process your username and email address on other legal bases, as described below.
+If you have a paid Account with us, we collect and process additional Payment Information on the basis of performing that contract.
+When you buy or sell an application listed on our Marketplace or, when you send or receive funds through the GitHub Sponsors Program, we process Payment Information and additional elements in order to perform the contract that applies to those services.
+Consent:
+We rely on your consent to use your User Personal Information under the following circumstances: when you fill out the information in your user profile; when you decide to participate in a GitHub training, research project, beta program, or survey; and for marketing purposes, where applicable. All of this User Personal Information is entirely optional, and you have the ability to access, modify, and delete it at any time. While you are not able to delete your email address entirely, you can make it private. You may withdraw your consent at any time.
+Legitimate Interests:
+Generally, the remainder of the processing of User Personal Information we perform is necessary for the purposes of our legitimate interest, for example, for legal compliance purposes, security purposes, or to maintain ongoing confidentiality, integrity, availability, and resilience of GitHub’s systems, Website, and Service.
+If you would like to request deletion of data we process on the basis of consent or if you object to our processing of personal information, please use our Privacy contact form.
+How we share the information we collect
+
+We may share your User Personal Information with third parties under one of the following circumstances:
+
+With your consent
+
+We share your User Personal Information, if you consent, after letting you know what information will be shared, with whom, and why. For example, if you purchase an application listed on our Marketplace, we share your username to allow the application Developer to provide you with services. Additionally, you may direct us through your actions on GitHub to share your User Personal Information. For example, if you join an Organization, you indicate your willingness to provide the owner of the Organization with the ability to view your activity in the Organization’s access log.
+
+With service providers
+
+We share User Personal Information with a limited number of service providers who process it on our behalf to provide or improve our Service, and who have agreed to privacy restrictions similar to the ones in our Privacy Statement by signing data protection agreements or making similar commitments. Our service providers perform payment processing, customer support ticketing, network data transmission, security, and other similar services. While GitHub processes all User Personal Information in the United States, our service providers may process data outside of the United States or the European Union. If you would like to know who our service providers are, please see our page on Subprocessors.
+
+For security purposes
+
+If you are a member of an Organization, GitHub may share your username, Usage Information, and Device Information associated with that Organization with an owner and/or administrator of the Organization, to the extent that such information is provided only to investigate or respond to a security incident that affects or compromises the security of that particular Organization.
+
+For legal disclosure
+
+GitHub strives for transparency in complying with legal process and legal obligations. Unless prevented from doing so by law or court order, or in rare, exigent circumstances, we make a reasonable effort to notify users of any legally compelled or required disclosure of their information. GitHub may disclose User Personal Information or other information we collect about you to law enforcement if required in response to a valid subpoena, court order, search warrant, a similar government order, or when we believe in good faith that disclosure is necessary to comply with our legal obligations, to protect our property or rights, or those of third parties or the public at large.
+
+For more information about our disclosure in response to legal requests, see our Guidelines for Legal Requests of User Data.
+
+Change in control or sale
+
+We may share User Personal Information if we are involved in a merger, sale, or acquisition of corporate entities or business units. If any such change of ownership happens, we will ensure that it is under terms that preserve the confidentiality of User Personal Information, and we will notify you on our Website or by email before any transfer of your User Personal Information. The organization receiving any User Personal Information will have to honor any promises we made in our Privacy Statement or Terms of Service.
+
+Aggregate, non-personally identifying information
+
+We share certain aggregated, non-personally identifying information with others about how our users, collectively, use GitHub, or how our users respond to our other offerings, such as our conferences or events.
+
+We do not sell your User Personal Information for monetary or other consideration.
+
+Please note: The California Consumer Privacy Act of 2018 (“CCPA”) requires businesses to state in their privacy policy whether or not they disclose personal information in exchange for monetary or other valuable consideration. While CCPA only covers California residents, we voluntarily extend its core rights for people to control their data to all of our users, not just those who live in California. You can learn more about the CCPA and how we comply with it here.
+
+Repository contents
+Access to private repositories
+
+If your repository is private, you control the access to your Content. If you include User Personal Information or Sensitive Personal Information, that information may only be accessible to GitHub in accordance with this Privacy Statement. GitHub personnel do not access private repository content except for
+
+security purposes
+to assist the repository owner with a support matter
+to maintain the integrity of the Service
+to comply with our legal obligations
+if we have reason to believe the contents are in violation of the law, or
+with your consent.
+
+However, while we do not generally search for content in your repositories, we may scan our servers and content to detect certain tokens or security signatures, known active malware, known vulnerabilities in dependencies, or other content known to violate our Terms of Service, such as violent extremist or terrorist content or child exploitation imagery, based on algorithmic fingerprinting techniques (collectively, "automated scanning"). Our Terms of Service provides more details on private repositories.
+
+Please note, you may choose to disable certain access to your private repositories that is enabled by default as part of providing you with the Service (for example, automated scanning needed to enable Dependency Graph and Dependabot alerts).
+
+GitHub will provide notice regarding our access to private repository content, unless for legal disclosure, to comply with our legal obligations, or where otherwise bound by requirements under law, for automated scanning, or if in response to a security threat or other risk to security.
+
+Public repositories
+
+If your repository is public, anyone may view its contents. If you include User Personal Information, Sensitive Personal Information, or confidential information, such as email addresses or passwords, in your public repository, that information may be indexed by search engines or used by third parties.
+
+Please see more about User Personal Information in public repositories.
+
+Other important information
+Public information on GitHub
+
+Many of GitHub services and features are public-facing. If your content is public-facing, third parties may access and use it in compliance with our Terms of Service, such as by viewing your profile or repositories or pulling data via our API. We do not sell that content; it is yours. However, we do allow third parties, such as research organizations or archives, to compile public-facing GitHub information. Other third parties, such as data brokers, have been known to scrape GitHub and compile data as well.
+
+Your User Personal Information associated with your content could be gathered by third parties in these compilations of GitHub data. If you do not want your User Personal Information to appear in third parties’ compilations of GitHub data, please do not make your User Personal Information publicly available and be sure to configure your email address to be private in your user profile and in your git commit settings. We currently set Users' email address to private by default, but legacy GitHub Users may need to update their settings.
+
+If you would like to compile GitHub data, you must comply with our Terms of Service regarding information usage and privacy, and you may only use any public-facing User Personal Information you gather for the purpose for which our user authorized it. For example, where a GitHub user has made an email address public-facing for the purpose of identification and attribution, do not use that email address for the purposes of sending unsolicited emails to users or selling User Personal Information, such as to recruiters, headhunters, and job boards, or for commercial advertising. We expect you to reasonably secure any User Personal Information you have gathered from GitHub, and to respond promptly to complaints, removal requests, and "do not contact" requests from GitHub or GitHub users.
+
+Similarly, projects on GitHub may include publicly available User Personal Information collected as part of the collaborative process. If you have a complaint about any User Personal Information on GitHub, please see our section on resolving complaints.
+
+Organizations
+
+You may indicate, through your actions on GitHub, that you are willing to share your User Personal Information. If you collaborate on or become a member of an Organization, then its Account owners may receive your User Personal Information. When you accept an invitation to an Organization, you will be notified of the types of information owners may be able to see (for more information, see About Organization Membership). If you accept an invitation to an Organization with a verified domain, then the owners of that Organization will be able to see your full email address(es) within that Organization's verified domain(s).
+
+Please note, GitHub may share your username, Usage Information, and Device Information with the owner(s) of the Organization you are a member of, to the extent that your User Personal Information is provided only to investigate or respond to a security incident that affects or compromises the security of that particular Organization.
+
+If you collaborate on or become a member of an Account that has agreed to the Corporate Terms of Service and a Data Protection Addendum (DPA) to this Privacy Statement, then that DPA governs in the event of any conflicts between this Privacy Statement and the DPA with respect to your activity in the Account.
+
+Please contact the Account owners for more information about how they might process your User Personal Information in their Organization and the ways for you to access, update, alter, or delete the User Personal Information stored in the Account.
+
+Additional services
+Third party applications
+
+You have the option of enabling or adding third-party applications, known as "Developer Products," to your Account. These Developer Products are not necessary for your use of GitHub. We will share your User Personal Information with third parties when you ask us to, such as by purchasing a Developer Product from the Marketplace; however, you are responsible for your use of the third-party Developer Product and for the amount of User Personal Information you choose to share with it. You can check our API documentation to see what information is provided when you authenticate into a Developer Product using your GitHub profile.
+
+GitHub Pages
+
+If you create a GitHub Pages website, it is your responsibility to post a privacy statement that accurately describes how you collect, use, and share personal information and other visitor information, and how you comply with applicable data privacy laws, rules, and regulations. Please note that GitHub may collect User Personal Information from visitors to your GitHub Pages website, including logs of visitor IP addresses, to comply with legal obligations, and to maintain the security and integrity of the Website and the Service.
+
+GitHub applications
+
+You can also add applications from GitHub, such as our Desktop app, our Atom application, or other application and account features, to your Account. These applications each have their own terms and may collect different kinds of User Personal Information; however, all GitHub applications are subject to this Privacy Statement, and we collect the amount of User Personal Information necessary, and use it only for the purpose for which you have given it to us.
+
+How you can access and control the information we collect
+
+If you're already a GitHub user, you may access, update, alter, or delete your basic user profile information by editing your user profile or contacting GitHub Support. You can control the information we collect about you by limiting what information is in your profile, by keeping your information current, or by contacting GitHub Support.
+
+If GitHub processes information about you, such as information GitHub receives from third parties, and you do not have an account, then you may, subject to applicable law, access, update, alter, delete, or object to the processing of your personal information by contacting GitHub Support.
+
+Data portability
+
+As a GitHub User, you can always take your data with you. You can clone your repositories to your desktop, for example, or you can use our Data Portability tools to download information we have about you.
+
+Data retention and deletion of data
+
+Generally, GitHub retains User Personal Information for as long as your account is active or as needed to provide you services.
+
+If you would like to cancel your account or delete your User Personal Information, you may do so in your user profile. We retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements, but barring legal requirements, we will delete your full profile (within reason) within 90 days of your request. You may contact GitHub Support to request the erasure of the data we process on the basis of consent within 30 days.
+
+After an account has been deleted, certain data, such as contributions to other Users' repositories and comments in others' issues, will remain. However, we will delete or de-identify your User Personal Information, including your username and email address, from the author field of issues, pull requests, and comments by associating them with a ghost user.
+
+That said, the email address you have supplied via your Git commit settings will always be associated with your commits in the Git system. If you choose to make your email address private, you should also update your Git commit settings. We are unable to change or delete data in the Git commit history — the Git software is designed to maintain a record — but we do enable you to control what information you put in that record.
+
+Our use of cookies and tracking
+Cookies
+
+GitHub only uses strictly necessary cookies. Cookies are small text files that websites often store on computer hard drives or mobile devices of visitors.
+
+We use cookies solely to provide, secure, and improve our service. For example, we use them to keep you logged in, remember your preferences, identify your device for security purposes, analyze your use of our service, compile statistical reports, and provide information for future development of GitHub. We use our own cookies for analytics purposes, but do not use any third-party analytics service providers.
+
+By using our service, you agree that we can place these types of cookies on your computer or device. If you disable your browser or device’s ability to accept these cookies, you will not be able to log in or use our service.
+
+We provide more information about cookies on GitHub on our GitHub Subprocessors and Cookies page that describes the cookies we set, the needs we have for those cookies, and the expiration of such cookies.
+
+DNT
+
+"Do Not Track" (DNT) is a privacy preference you can set in your browser if you do not want online services to collect and share certain kinds of information about your online activity from third party tracking services. GitHub responds to browser DNT signals and follows the W3C standard for responding to DNT signals. If you would like to set your browser to signal that you would not like to be tracked, please check your browser's documentation for how to enable that signal. There are also good applications that block online tracking, such as Privacy Badger.
+
+How GitHub secures your information
+
+GitHub takes all measures reasonably necessary to protect User Personal Information from unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of User Personal Information.
+
+GitHub enforces a written security information program. Our program:
+
+aligns with industry recognized frameworks;
+includes security safeguards reasonably designed to protect the confidentiality, integrity, availability, and resilience of our Users' data;
+is appropriate to the nature, size, and complexity of GitHub’s business operations;
+includes incident response and data breach notification processes; and
+complies with applicable information security-related laws and regulations in the geographic regions where GitHub does business.
+
+In the event of a data breach that affects your User Personal Information, we will act promptly to mitigate the impact of a breach and notify any affected Users without undue delay.
+
+Transmission of data on GitHub is encrypted using SSH, HTTPS (TLS), and git repository content is encrypted at rest. We manage our own cages and racks at top-tier data centers with high level of physical and network security, and when data is stored with a third-party storage provider, it is encrypted.
+
+No method of transmission, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security. For more information, see our security disclosures.
+
+GitHub's global privacy practices
+
+GitHub, Inc. and, for those in the European Economic Area, the United Kingdom, and Switzerland, GitHub B.V. are the controllers responsible for the processing of your personal information in connection with the Service, except (a) with respect to personal information that was added to a repository by its contributors, in which case the owner of that repository is the controller and GitHub is the processor (or, if the owner acts as a processor, GitHub will be the subprocessor); or (b) when you and GitHub have entered into a separate agreement that covers data privacy (such as a Data Processing Agreement).
+
+Our addresses are:
+
+GitHub, Inc., 88 Colin P. Kelly Jr. Street, San Francisco, CA 94107.
+GitHub B.V., Vijzelstraat 68-72, 1017 HL Amsterdam, The Netherlands.
+
+We store and process the information that we collect in the United States in accordance with this Privacy Statement, though our service providers may store and process data outside the United States. However, we understand that we have Users from different countries and regions with different privacy expectations, and we try to meet those needs even when the United States does not have the same privacy framework as other countries.
+
+We provide the same high standard of privacy protection—as described in this Privacy Statement—to all our users around the world, regardless of their country of origin or location, and we are proud of the levels of notice, choice, accountability, security, data integrity, access, and recourse we provide. We work hard to comply with the applicable data privacy laws wherever we do business, working with our Data Protection Officer as part of a cross-functional team that oversees our privacy compliance efforts. Additionally, if our vendors or affiliates have access to User Personal Information, they must sign agreements that require them to comply with our privacy policies and with applicable data privacy laws.
+
+In particular:
+
+GitHub provides clear methods of unambiguous, informed, specific, and freely given consent at the time of data collection, when we collect your User Personal Information using consent as a basis.
+We collect only the minimum amount of User Personal Information necessary for our purposes, unless you choose to provide more. We encourage you to only give us the amount of data you are comfortable sharing.
+We offer you simple methods of accessing, altering, or deleting the User Personal Information we have collected, where legally permitted.
+We provide our Users notice, choice, accountability, security, and access regarding their User Personal Information, and we limit the purpose for processing it. We also provide our Users a method of recourse and enforcement.
+Cross-border data transfers
+
+GitHub processes personal information both inside and outside of the United States and relies on Standard Contractual Clauses as the legally provided mechanism to lawfully transfer data from the European Economic Area, the United Kingdom, and Switzerland to the United States. In addition, GitHub is certified to the EU-US and Swiss-US Privacy Shield Frameworks. To learn more about our cross-border data transfers, see our Global Privacy Practices.
+
+How we communicate with you
+
+We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay. For example, if you contact our Support team with a request, we respond to you via email. You have a lot of control over how your email address is used and shared on and through GitHub. You may manage your communication preferences in your user profile.
+
+By design, the Git version control system associates many actions with a User's email address, such as commit messages. We are not able to change many aspects of the Git system. If you would like your email address to remain private, even when you’re commenting on public repositories, you can create a private email address in your user profile. You should also update your local Git configuration to use your private email address. This will not change how we contact you, but it will affect how others see you. We set current Users' email address private by default, but legacy GitHub Users may need to update their settings. Please see more about email addresses in commit messages here.
+
+Depending on your email settings, GitHub may occasionally send notification emails about changes in a repository you’re watching, new features, requests for feedback, important policy changes, or to offer customer support. We also send marketing emails, based on your choices and in accordance with applicable laws and regulations. There's an “unsubscribe” link located at the bottom of each of the marketing emails we send you. Please note that you cannot opt out of receiving important communications from us, such as emails from our Support team or system emails, but you can configure your notifications settings in your profile to opt out of other communications.
+
+Our emails may contain a pixel tag, which is a small, clear image that can tell us whether or not you have opened an email and what your IP address is. We use this pixel tag to make our email more effective for you and to make sure we’re not sending you unwanted email.
+
+Resolving complaints
+
+If you have concerns about the way GitHub is handling your User Personal Information, please let us know immediately. We want to help. You may contact us by filling out the Privacy contact form. You may also email us directly at privacy@github.com with the subject line "Privacy Concerns." We will respond promptly — within 45 days at the latest.
+
+You may also contact our Data Protection Officer directly.
+
+Our United States HQ   Our EU Office
+GitHub Data Protection Officer GitHub BV
+88 Colin P. Kelly Jr. St.  Vijzelstraat 68-72
+San Francisco, CA 94107    1017 HL Amsterdam
+United States  The Netherlands
+privacy@github.com privacy@github.com
+Dispute resolution process
+
+In the unlikely event that a dispute arises between you and GitHub regarding our handling of your User Personal Information, we will do our best to resolve it. Additionally, if you are a resident of an EU member state, you have the right to file a complaint with your local supervisory authority, and you might have more options.
+
+Changes to our Privacy Statement
+
+Although most changes are likely to be minor, GitHub may change our Privacy Statement from time to time. We will provide notification to Users of material changes to this Privacy Statement through our Website at least 30 days prior to the change taking effect by posting a notice on our home page or sending email to the primary email address specified in your GitHub account. We will also update our Site Policy repository, which tracks all changes to this policy. For other changes to this Privacy Statement, we encourage Users to watch or to check our Site Policy repository frequently.
+
+License
+
+This Privacy Statement is licensed under this Creative Commons Zero license. For details, see our site-policy repository.
+
+Contacting GitHub
+
+Questions regarding GitHub's Privacy Statement or information practices should be directed to our Privacy contact form.
+
+Translations
+
+Below are translations of this document into other languages. In the event of any conflict, uncertainty, or apparent inconsistency between any of those versions and the English version, this English version is the controlling version.
+
+French
+
+Cliquez ici pour obtenir la version française: Déclaration de confidentialité de GitHub
+
+Other translations
+
+For translations of this statement into other languages, please visit https://docs.github.com/ and select a language from the drop-down menu under “English.”
\ No newline at end of file
milonmaze commented 2 years ago

69ae35de79b514b90d5b8057cebf66b84a8d441b: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2022-05-29

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index af103931..1f4d3cf3 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -1,351 +1,3 @@
-Skip to main content
-GitHub Privacy Statement
-In this article
-The short version
-Summary
-GitHub Privacy Statement
-What information GitHub collects
-What information GitHub does not collect
-How GitHub uses your information
-How we share the information we collect
-Repository contents
-Other important information
-Additional services
-How you can access and control the information we collect
-Our use of cookies and tracking
-How GitHub secures your information
-GitHub's global privacy practices
-How we communicate with you
-Resolving complaints
-Changes to our Privacy Statement
-License
-Contacting GitHub
-Translations
+Ooops!

-Effective date: December 19, 2020
-
-Thanks for entrusting GitHub Inc. (“GitHub”, “we”) with your source code, your projects, and your personal information. Holding on to your private information is a serious responsibility, and we want you to know how we're handling it.
-
-All capitalized terms have their definition in GitHub’s Terms of Service, unless otherwise noted here.
-
-The short version
-
-We use your personal information as this Privacy Statement describes. No matter where you are, where you live, or what your citizenship is, we provide the same high standard of privacy protection to all our users around the world, regardless of their country of origin or location.
-
-Of course, the short version and the Summary below don't tell you everything, so please read on for more details.
-
-Summary
-Section    What can you find there?
-What information GitHub collects   GitHub collects information directly from you for your registration, payment, transactions, and user profile. We also automatically collect from you your usage information, cookies, and device information, subject, where necessary, to your consent. GitHub may also collect User Personal Information from third parties. We only collect the minimum amount of personal information necessary from you, unless you choose to provide more.
-What information GitHub does not collect   We don’t knowingly collect information from children under 13, and we don’t collect Sensitive Personal Information.
-How GitHub uses your information   In this section, we describe the ways in which we use your information, including to provide you the Service, to communicate with you, for security and compliance purposes, and to improve our Service. We also describe the legal basis upon which we process your information, where legally required.
-How we share the information we collect    We may share your information with third parties under one of the following circumstances: with your consent, with our service providers, for security purposes, to comply with our legal obligations, or when there is a change of control or sale of corporate entities or business units. We do not sell your personal information and we do not host advertising on GitHub. You can see a list of the service providers that access your information.
-Other important information    We provide additional information specific to repository contents, public information, and Organizations on GitHub.
-Additional services    We provide information about additional service offerings, including third-party applications, GitHub Pages, and GitHub applications.
-How you can access and control the information we collect  We provide ways for you to access, alter, or delete your personal information.
-Our use of cookies and tracking    We only use strictly necessary cookies to provide, secure and improve our service. We offer a page that makes this very transparent. Please see this section for more information.
-How GitHub secures your information    We take all measures reasonably necessary to protect the confidentiality, integrity, and availability of your personal information on GitHub and to protect the resilience of our servers.
-GitHub's global privacy practices  We provide the same high standard of privacy protection to all our users around the world.
-How we communicate with you    We communicate with you by email. You can control the way we contact you in your account settings, or by contacting us.
-Resolving complaints   In the unlikely event that we are unable to resolve a privacy concern quickly and thoroughly, we provide a path of dispute resolution.
-Changes to our Privacy Statement   We notify you of material changes to this Privacy Statement 30 days before any such changes become effective. You may also track changes in our Site Policy repository.
-License    This Privacy Statement is licensed under the Creative Commons Zero license.
-Contacting GitHub  Please feel free to contact us if you have questions about our Privacy Statement.
-Translations   We provide links to some translations of the Privacy Statement.
-GitHub Privacy Statement
-What information GitHub collects
-
-"User Personal Information" is any information about one of our Users which could, alone or together with other information, personally identify them or otherwise be reasonably linked or connected with them. Information such as a username and password, an email address, a real name, an Internet protocol (IP) address, and a photograph are examples of “User Personal Information.”
-
-User Personal Information does not include aggregated, non-personally identifying information that does not identify a User or cannot otherwise be reasonably linked or connected with them. We may use such aggregated, non-personally identifying information for research purposes and to operate, analyze, improve, and optimize our Website and Service.
-
-Information users provide directly to GitHub
-Registration information
-
-We require some basic information at the time of account creation. When you create your own username and password, we ask you for a valid email address.
-
-Payment information
-
-If you sign on to a paid Account with us, send funds through the GitHub Sponsors Program, or buy an application on GitHub Marketplace, we collect your full name, address, and credit card information or PayPal information. Please note, GitHub does not process or store your credit card information or PayPal information, but our third-party payment processor does.
-
-If you list and sell an application on GitHub Marketplace, we require your banking information. If you raise funds through the GitHub Sponsors Program, we require some additional information through the registration process for you to participate in and receive funds through those services and for compliance purposes.
-
-Profile information
-
-You may choose to give us more information for your Account profile, such as your full name, an avatar which may include a photograph, your biography, your location, your company, and a URL to a third-party website. This information may include User Personal Information. Please note that your profile information may be visible to other Users of our Service.
-
-Information GitHub automatically collects from your use of the Service
-Transactional information
-
-If you have a paid Account with us, sell an application listed on GitHub Marketplace, or raise funds through the GitHub Sponsors Program, we automatically collect certain information about your transactions on the Service, such as the date, time, and amount charged.
-
-Usage information
-
-If you're accessing our Service or Website, we automatically collect the same basic information that most services collect, subject, where necessary, to your consent. This includes information about how you use the Service, such as the pages you view, the referring site, your IP address and session information, and the date and time of each request. This is information we collect from every visitor to the Website, whether they have an Account or not. This information may include User Personal information.
-
-Cookies
-
-As further described below, we automatically collect information from cookies (such as cookie ID and settings) to keep you logged in, to remember your preferences, to identify you and your device and to analyze your use of our service.
-
-Device information
-
-We may collect certain information about your device, such as its IP address, browser or client application information, language preference, operating system and application version, device type and ID, and device model and manufacturer. This information may include User Personal information.
-
-Information we collect from third parties
-
-GitHub may collect User Personal Information from third parties. For example, this may happen if you sign up for training or to receive information about GitHub from one of our vendors, partners, or affiliates. GitHub does not purchase User Personal Information from third-party data brokers.
-
-What information GitHub does not collect
-
-We do not intentionally collect “Sensitive Personal Information”, such as personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. If you choose to store any Sensitive Personal Information on our servers, you are responsible for complying with any regulatory controls regarding that data.
-
-If you are a child under the age of 13, you may not have an Account on GitHub. GitHub does not knowingly collect information from or direct any of our content specifically to children under 13. If we learn or have reason to suspect that you are a User who is under the age of 13, we will have to close your Account. We don't want to discourage you from learning to code, but those are the rules. Please see our Terms of Service for information about Account termination. Different countries may have different minimum age limits, and if you are below the minimum age for providing consent for data collection in your country, you may not have an Account on GitHub.
-
-We do not intentionally collect User Personal Information that is stored in your repositories or other free-form content inputs. Any personal information within a user's repository is the responsibility of the repository owner.
-
-How GitHub uses your information
-
-We may use your information for the following purposes:
-
-We use your Registration Information to create your account, and to provide you the Service.
-We use your Payment Information to provide you with the Paid Account service, the Marketplace service, the Sponsors Program, or any other GitHub paid service you request.
-We use your User Personal Information, specifically your username, to identify you on GitHub.
-We use your Profile Information to fill out your Account profile and to share that profile with other users if you ask us to.
-We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay. Please see our section on email communication for more information.
-We use User Personal Information to respond to support requests.
-We use User Personal Information and other data to make recommendations for you, such as to suggest projects you may want to follow or contribute to. We learn from your public behavior on GitHub—such as the projects you star—to determine your coding interests, and we recommend similar projects. These recommendations are automated decisions, but they have no legal impact on your rights.
-We may use User Personal Information to invite you to take part in surveys, beta programs, or other research projects, subject, where necessary, to your consent .
-We use Usage Information and Device Information to better understand how our Users use GitHub and to improve our Website and Service.
-We may use your User Personal Information if it is necessary for security purposes or to investigate possible fraud or attempts to harm GitHub or our Users.
-We may use your User Personal Information to comply with our legal obligations, protect our intellectual property, and enforce our Terms of Service.
-We limit our use of your User Personal Information to the purposes listed in this Privacy Statement. If we need to use your User Personal Information for other purposes, we will ask your permission first. You can always see what information we have, how we're using it, and what permissions you have given us in your user profile.
-Our legal bases for processing information
-
-To the extent that our processing of your User Personal Information is subject to certain international laws (including, but not limited to, the European Union's General Data Protection Regulation (GDPR)), GitHub is required to notify you about the legal basis on which we process User Personal Information. GitHub processes User Personal Information on the following legal bases:
-
-Contract Performance:
-When you create a GitHub Account, you provide your Registration Information. We require this information for you to enter into the Terms of Service agreement with us, and we process that information on the basis of performing that contract. We also process your username and email address on other legal bases, as described below.
-If you have a paid Account with us, we collect and process additional Payment Information on the basis of performing that contract.
-When you buy or sell an application listed on our Marketplace or, when you send or receive funds through the GitHub Sponsors Program, we process Payment Information and additional elements in order to perform the contract that applies to those services.
-Consent:
-We rely on your consent to use your User Personal Information under the following circumstances: when you fill out the information in your user profile; when you decide to participate in a GitHub training, research project, beta program, or survey; and for marketing purposes, where applicable. All of this User Personal Information is entirely optional, and you have the ability to access, modify, and delete it at any time. While you are not able to delete your email address entirely, you can make it private. You may withdraw your consent at any time.
-Legitimate Interests:
-Generally, the remainder of the processing of User Personal Information we perform is necessary for the purposes of our legitimate interest, for example, for legal compliance purposes, security purposes, or to maintain ongoing confidentiality, integrity, availability, and resilience of GitHub’s systems, Website, and Service.
-If you would like to request deletion of data we process on the basis of consent or if you object to our processing of personal information, please use our Privacy contact form.
-How we share the information we collect
-
-We may share your User Personal Information with third parties under one of the following circumstances:
-
-With your consent
-
-We share your User Personal Information, if you consent, after letting you know what information will be shared, with whom, and why. For example, if you purchase an application listed on our Marketplace, we share your username to allow the application Developer to provide you with services. Additionally, you may direct us through your actions on GitHub to share your User Personal Information. For example, if you join an Organization, you indicate your willingness to provide the owner of the Organization with the ability to view your activity in the Organization’s access log.
-
-With service providers
-
-We share User Personal Information with a limited number of service providers who process it on our behalf to provide or improve our Service, and who have agreed to privacy restrictions similar to the ones in our Privacy Statement by signing data protection agreements or making similar commitments. Our service providers perform payment processing, customer support ticketing, network data transmission, security, and other similar services. While GitHub processes all User Personal Information in the United States, our service providers may process data outside of the United States or the European Union. If you would like to know who our service providers are, please see our page on Subprocessors.
-
-For security purposes
-
-If you are a member of an Organization, GitHub may share your username, Usage Information, and Device Information associated with that Organization with an owner and/or administrator of the Organization, to the extent that such information is provided only to investigate or respond to a security incident that affects or compromises the security of that particular Organization.
-
-For legal disclosure
-
-GitHub strives for transparency in complying with legal process and legal obligations. Unless prevented from doing so by law or court order, or in rare, exigent circumstances, we make a reasonable effort to notify users of any legally compelled or required disclosure of their information. GitHub may disclose User Personal Information or other information we collect about you to law enforcement if required in response to a valid subpoena, court order, search warrant, a similar government order, or when we believe in good faith that disclosure is necessary to comply with our legal obligations, to protect our property or rights, or those of third parties or the public at large.
-
-For more information about our disclosure in response to legal requests, see our Guidelines for Legal Requests of User Data.
-
-Change in control or sale
-
-We may share User Personal Information if we are involved in a merger, sale, or acquisition of corporate entities or business units. If any such change of ownership happens, we will ensure that it is under terms that preserve the confidentiality of User Personal Information, and we will notify you on our Website or by email before any transfer of your User Personal Information. The organization receiving any User Personal Information will have to honor any promises we made in our Privacy Statement or Terms of Service.
-
-Aggregate, non-personally identifying information
-
-We share certain aggregated, non-personally identifying information with others about how our users, collectively, use GitHub, or how our users respond to our other offerings, such as our conferences or events.
-
-We do not sell your User Personal Information for monetary or other consideration.
-
-Please note: The California Consumer Privacy Act of 2018 (“CCPA”) requires businesses to state in their privacy policy whether or not they disclose personal information in exchange for monetary or other valuable consideration. While CCPA only covers California residents, we voluntarily extend its core rights for people to control their data to all of our users, not just those who live in California. You can learn more about the CCPA and how we comply with it here.
-
-Repository contents
-Access to private repositories
-
-If your repository is private, you control the access to your Content. If you include User Personal Information or Sensitive Personal Information, that information may only be accessible to GitHub in accordance with this Privacy Statement. GitHub personnel do not access private repository content except for
-
-security purposes
-to assist the repository owner with a support matter
-to maintain the integrity of the Service
-to comply with our legal obligations
-if we have reason to believe the contents are in violation of the law, or
-with your consent.
-
-However, while we do not generally search for content in your repositories, we may scan our servers and content to detect certain tokens or security signatures, known active malware, known vulnerabilities in dependencies, or other content known to violate our Terms of Service, such as violent extremist or terrorist content or child exploitation imagery, based on algorithmic fingerprinting techniques (collectively, "automated scanning"). Our Terms of Service provides more details on private repositories.
-
-Please note, you may choose to disable certain access to your private repositories that is enabled by default as part of providing you with the Service (for example, automated scanning needed to enable Dependency Graph and Dependabot alerts).
-
-GitHub will provide notice regarding our access to private repository content, unless for legal disclosure, to comply with our legal obligations, or where otherwise bound by requirements under law, for automated scanning, or if in response to a security threat or other risk to security.
-
-Public repositories
-
-If your repository is public, anyone may view its contents. If you include User Personal Information, Sensitive Personal Information, or confidential information, such as email addresses or passwords, in your public repository, that information may be indexed by search engines or used by third parties.
-
-Please see more about User Personal Information in public repositories.
-
-Other important information
-Public information on GitHub
-
-Many of GitHub services and features are public-facing. If your content is public-facing, third parties may access and use it in compliance with our Terms of Service, such as by viewing your profile or repositories or pulling data via our API. We do not sell that content; it is yours. However, we do allow third parties, such as research organizations or archives, to compile public-facing GitHub information. Other third parties, such as data brokers, have been known to scrape GitHub and compile data as well.
-
-Your User Personal Information associated with your content could be gathered by third parties in these compilations of GitHub data. If you do not want your User Personal Information to appear in third parties’ compilations of GitHub data, please do not make your User Personal Information publicly available and be sure to configure your email address to be private in your user profile and in your git commit settings. We currently set Users' email address to private by default, but legacy GitHub Users may need to update their settings.
-
-If you would like to compile GitHub data, you must comply with our Terms of Service regarding information usage and privacy, and you may only use any public-facing User Personal Information you gather for the purpose for which our user authorized it. For example, where a GitHub user has made an email address public-facing for the purpose of identification and attribution, do not use that email address for the purposes of sending unsolicited emails to users or selling User Personal Information, such as to recruiters, headhunters, and job boards, or for commercial advertising. We expect you to reasonably secure any User Personal Information you have gathered from GitHub, and to respond promptly to complaints, removal requests, and "do not contact" requests from GitHub or GitHub users.
-
-Similarly, projects on GitHub may include publicly available User Personal Information collected as part of the collaborative process. If you have a complaint about any User Personal Information on GitHub, please see our section on resolving complaints.
-
-Organizations
-
-You may indicate, through your actions on GitHub, that you are willing to share your User Personal Information. If you collaborate on or become a member of an Organization, then its Account owners may receive your User Personal Information. When you accept an invitation to an Organization, you will be notified of the types of information owners may be able to see (for more information, see About Organization Membership). If you accept an invitation to an Organization with a verified domain, then the owners of that Organization will be able to see your full email address(es) within that Organization's verified domain(s).
-
-Please note, GitHub may share your username, Usage Information, and Device Information with the owner(s) of the Organization you are a member of, to the extent that your User Personal Information is provided only to investigate or respond to a security incident that affects or compromises the security of that particular Organization.
-
-If you collaborate on or become a member of an Account that has agreed to the Corporate Terms of Service and a Data Protection Addendum (DPA) to this Privacy Statement, then that DPA governs in the event of any conflicts between this Privacy Statement and the DPA with respect to your activity in the Account.
-
-Please contact the Account owners for more information about how they might process your User Personal Information in their Organization and the ways for you to access, update, alter, or delete the User Personal Information stored in the Account.
-
-Additional services
-Third party applications
-
-You have the option of enabling or adding third-party applications, known as "Developer Products," to your Account. These Developer Products are not necessary for your use of GitHub. We will share your User Personal Information with third parties when you ask us to, such as by purchasing a Developer Product from the Marketplace; however, you are responsible for your use of the third-party Developer Product and for the amount of User Personal Information you choose to share with it. You can check our API documentation to see what information is provided when you authenticate into a Developer Product using your GitHub profile.
-
-GitHub Pages
-
-If you create a GitHub Pages website, it is your responsibility to post a privacy statement that accurately describes how you collect, use, and share personal information and other visitor information, and how you comply with applicable data privacy laws, rules, and regulations. Please note that GitHub may collect User Personal Information from visitors to your GitHub Pages website, including logs of visitor IP addresses, to comply with legal obligations, and to maintain the security and integrity of the Website and the Service.
-
-GitHub applications
-
-You can also add applications from GitHub, such as our Desktop app, our Atom application, or other application and account features, to your Account. These applications each have their own terms and may collect different kinds of User Personal Information; however, all GitHub applications are subject to this Privacy Statement, and we collect the amount of User Personal Information necessary, and use it only for the purpose for which you have given it to us.
-
-How you can access and control the information we collect
-
-If you're already a GitHub user, you may access, update, alter, or delete your basic user profile information by editing your user profile or contacting GitHub Support. You can control the information we collect about you by limiting what information is in your profile, by keeping your information current, or by contacting GitHub Support.
-
-If GitHub processes information about you, such as information GitHub receives from third parties, and you do not have an account, then you may, subject to applicable law, access, update, alter, delete, or object to the processing of your personal information by contacting GitHub Support.
-
-Data portability
-
-As a GitHub User, you can always take your data with you. You can clone your repositories to your desktop, for example, or you can use our Data Portability tools to download information we have about you.
-
-Data retention and deletion of data
-
-Generally, GitHub retains User Personal Information for as long as your account is active or as needed to provide you services.
-
-If you would like to cancel your account or delete your User Personal Information, you may do so in your user profile. We retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements, but barring legal requirements, we will delete your full profile (within reason) within 90 days of your request. You may contact GitHub Support to request the erasure of the data we process on the basis of consent within 30 days.
-
-After an account has been deleted, certain data, such as contributions to other Users' repositories and comments in others' issues, will remain. However, we will delete or de-identify your User Personal Information, including your username and email address, from the author field of issues, pull requests, and comments by associating them with a ghost user.
-
-That said, the email address you have supplied via your Git commit settings will always be associated with your commits in the Git system. If you choose to make your email address private, you should also update your Git commit settings. We are unable to change or delete data in the Git commit history — the Git software is designed to maintain a record — but we do enable you to control what information you put in that record.
-
-Our use of cookies and tracking
-Cookies
-
-GitHub only uses strictly necessary cookies. Cookies are small text files that websites often store on computer hard drives or mobile devices of visitors.
-
-We use cookies solely to provide, secure, and improve our service. For example, we use them to keep you logged in, remember your preferences, identify your device for security purposes, analyze your use of our service, compile statistical reports, and provide information for future development of GitHub. We use our own cookies for analytics purposes, but do not use any third-party analytics service providers.
-
-By using our service, you agree that we can place these types of cookies on your computer or device. If you disable your browser or device’s ability to accept these cookies, you will not be able to log in or use our service.
-
-We provide more information about cookies on GitHub on our GitHub Subprocessors and Cookies page that describes the cookies we set, the needs we have for those cookies, and the expiration of such cookies.
-
-DNT
-
-"Do Not Track" (DNT) is a privacy preference you can set in your browser if you do not want online services to collect and share certain kinds of information about your online activity from third party tracking services. GitHub responds to browser DNT signals and follows the W3C standard for responding to DNT signals. If you would like to set your browser to signal that you would not like to be tracked, please check your browser's documentation for how to enable that signal. There are also good applications that block online tracking, such as Privacy Badger.
-
-How GitHub secures your information
-
-GitHub takes all measures reasonably necessary to protect User Personal Information from unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of User Personal Information.
-
-GitHub enforces a written security information program. Our program:
-
-aligns with industry recognized frameworks;
-includes security safeguards reasonably designed to protect the confidentiality, integrity, availability, and resilience of our Users' data;
-is appropriate to the nature, size, and complexity of GitHub’s business operations;
-includes incident response and data breach notification processes; and
-complies with applicable information security-related laws and regulations in the geographic regions where GitHub does business.
-
-In the event of a data breach that affects your User Personal Information, we will act promptly to mitigate the impact of a breach and notify any affected Users without undue delay.
-
-Transmission of data on GitHub is encrypted using SSH, HTTPS (TLS), and git repository content is encrypted at rest. We manage our own cages and racks at top-tier data centers with high level of physical and network security, and when data is stored with a third-party storage provider, it is encrypted.
-
-No method of transmission, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security. For more information, see our security disclosures.
-
-GitHub's global privacy practices
-
-GitHub, Inc. and, for those in the European Economic Area, the United Kingdom, and Switzerland, GitHub B.V. are the controllers responsible for the processing of your personal information in connection with the Service, except (a) with respect to personal information that was added to a repository by its contributors, in which case the owner of that repository is the controller and GitHub is the processor (or, if the owner acts as a processor, GitHub will be the subprocessor); or (b) when you and GitHub have entered into a separate agreement that covers data privacy (such as a Data Processing Agreement).
-
-Our addresses are:
-
-GitHub, Inc., 88 Colin P. Kelly Jr. Street, San Francisco, CA 94107.
-GitHub B.V., Vijzelstraat 68-72, 1017 HL Amsterdam, The Netherlands.
-
-We store and process the information that we collect in the United States in accordance with this Privacy Statement, though our service providers may store and process data outside the United States. However, we understand that we have Users from different countries and regions with different privacy expectations, and we try to meet those needs even when the United States does not have the same privacy framework as other countries.
-
-We provide the same high standard of privacy protection—as described in this Privacy Statement—to all our users around the world, regardless of their country of origin or location, and we are proud of the levels of notice, choice, accountability, security, data integrity, access, and recourse we provide. We work hard to comply with the applicable data privacy laws wherever we do business, working with our Data Protection Officer as part of a cross-functional team that oversees our privacy compliance efforts. Additionally, if our vendors or affiliates have access to User Personal Information, they must sign agreements that require them to comply with our privacy policies and with applicable data privacy laws.
-
-In particular:
-
-GitHub provides clear methods of unambiguous, informed, specific, and freely given consent at the time of data collection, when we collect your User Personal Information using consent as a basis.
-We collect only the minimum amount of User Personal Information necessary for our purposes, unless you choose to provide more. We encourage you to only give us the amount of data you are comfortable sharing.
-We offer you simple methods of accessing, altering, or deleting the User Personal Information we have collected, where legally permitted.
-We provide our Users notice, choice, accountability, security, and access regarding their User Personal Information, and we limit the purpose for processing it. We also provide our Users a method of recourse and enforcement.
-Cross-border data transfers
-
-GitHub processes personal information both inside and outside of the United States and relies on Standard Contractual Clauses as the legally provided mechanism to lawfully transfer data from the European Economic Area, the United Kingdom, and Switzerland to the United States. In addition, GitHub is certified to the EU-US and Swiss-US Privacy Shield Frameworks. To learn more about our cross-border data transfers, see our Global Privacy Practices.
-
-How we communicate with you
-
-We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay. For example, if you contact our Support team with a request, we respond to you via email. You have a lot of control over how your email address is used and shared on and through GitHub. You may manage your communication preferences in your user profile.
-
-By design, the Git version control system associates many actions with a User's email address, such as commit messages. We are not able to change many aspects of the Git system. If you would like your email address to remain private, even when you’re commenting on public repositories, you can create a private email address in your user profile. You should also update your local Git configuration to use your private email address. This will not change how we contact you, but it will affect how others see you. We set current Users' email address private by default, but legacy GitHub Users may need to update their settings. Please see more about email addresses in commit messages here.
-
-Depending on your email settings, GitHub may occasionally send notification emails about changes in a repository you’re watching, new features, requests for feedback, important policy changes, or to offer customer support. We also send marketing emails, based on your choices and in accordance with applicable laws and regulations. There's an “unsubscribe” link located at the bottom of each of the marketing emails we send you. Please note that you cannot opt out of receiving important communications from us, such as emails from our Support team or system emails, but you can configure your notifications settings in your profile to opt out of other communications.
-
-Our emails may contain a pixel tag, which is a small, clear image that can tell us whether or not you have opened an email and what your IP address is. We use this pixel tag to make our email more effective for you and to make sure we’re not sending you unwanted email.
-
-Resolving complaints
-
-If you have concerns about the way GitHub is handling your User Personal Information, please let us know immediately. We want to help. You may contact us by filling out the Privacy contact form. You may also email us directly at privacy@github.com with the subject line "Privacy Concerns." We will respond promptly — within 45 days at the latest.
-
-You may also contact our Data Protection Officer directly.
-
-Our United States HQ   Our EU Office
-GitHub Data Protection Officer GitHub BV
-88 Colin P. Kelly Jr. St.  Vijzelstraat 68-72
-San Francisco, CA 94107    1017 HL Amsterdam
-United States  The Netherlands
-privacy@github.com privacy@github.com
-Dispute resolution process
-
-In the unlikely event that a dispute arises between you and GitHub regarding our handling of your User Personal Information, we will do our best to resolve it. Additionally, if you are a resident of an EU member state, you have the right to file a complaint with your local supervisory authority, and you might have more options.
-
-Changes to our Privacy Statement
-
-Although most changes are likely to be minor, GitHub may change our Privacy Statement from time to time. We will provide notification to Users of material changes to this Privacy Statement through our Website at least 30 days prior to the change taking effect by posting a notice on our home page or sending email to the primary email address specified in your GitHub account. We will also update our Site Policy repository, which tracks all changes to this policy. For other changes to this Privacy Statement, we encourage Users to watch or to check our Site Policy repository frequently.
-
-License
-
-This Privacy Statement is licensed under this Creative Commons Zero license. For details, see our site-policy repository.
-
-Contacting GitHub
-
-Questions regarding GitHub's Privacy Statement or information practices should be directed to our Privacy contact form.
-
-Translations
-
-Below are translations of this document into other languages. In the event of any conflict, uncertainty, or apparent inconsistency between any of those versions and the English version, this English version is the controlling version.
-
-French
-
-Cliquez ici pour obtenir la version française: Déclaration de confidentialité de GitHub
-
-Other translations
-
-For translations of this statement into other languages, please visit https://docs.github.com/ and select a language from the drop-down menu under “English.”
\ No newline at end of file
+GitHub Docs isn't available right now. Our team is on the case.
\ No newline at end of file
milonmaze commented 2 years ago

3b7335e77cabae96aa078077f6ec16e61a495882: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2022-05-30

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 1f4d3cf3..af103931 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -1,3 +1,351 @@
-Ooops!
+Skip to main content
+GitHub Privacy Statement
+In this article
+The short version
+Summary
+GitHub Privacy Statement
+What information GitHub collects
+What information GitHub does not collect
+How GitHub uses your information
+How we share the information we collect
+Repository contents
+Other important information
+Additional services
+How you can access and control the information we collect
+Our use of cookies and tracking
+How GitHub secures your information
+GitHub's global privacy practices
+How we communicate with you
+Resolving complaints
+Changes to our Privacy Statement
+License
+Contacting GitHub
+Translations

-GitHub Docs isn't available right now. Our team is on the case.
\ No newline at end of file
+Effective date: December 19, 2020
+
+Thanks for entrusting GitHub Inc. (“GitHub”, “we”) with your source code, your projects, and your personal information. Holding on to your private information is a serious responsibility, and we want you to know how we're handling it.
+
+All capitalized terms have their definition in GitHub’s Terms of Service, unless otherwise noted here.
+
+The short version
+
+We use your personal information as this Privacy Statement describes. No matter where you are, where you live, or what your citizenship is, we provide the same high standard of privacy protection to all our users around the world, regardless of their country of origin or location.
+
+Of course, the short version and the Summary below don't tell you everything, so please read on for more details.
+
+Summary
+Section    What can you find there?
+What information GitHub collects   GitHub collects information directly from you for your registration, payment, transactions, and user profile. We also automatically collect from you your usage information, cookies, and device information, subject, where necessary, to your consent. GitHub may also collect User Personal Information from third parties. We only collect the minimum amount of personal information necessary from you, unless you choose to provide more.
+What information GitHub does not collect   We don’t knowingly collect information from children under 13, and we don’t collect Sensitive Personal Information.
+How GitHub uses your information   In this section, we describe the ways in which we use your information, including to provide you the Service, to communicate with you, for security and compliance purposes, and to improve our Service. We also describe the legal basis upon which we process your information, where legally required.
+How we share the information we collect    We may share your information with third parties under one of the following circumstances: with your consent, with our service providers, for security purposes, to comply with our legal obligations, or when there is a change of control or sale of corporate entities or business units. We do not sell your personal information and we do not host advertising on GitHub. You can see a list of the service providers that access your information.
+Other important information    We provide additional information specific to repository contents, public information, and Organizations on GitHub.
+Additional services    We provide information about additional service offerings, including third-party applications, GitHub Pages, and GitHub applications.
+How you can access and control the information we collect  We provide ways for you to access, alter, or delete your personal information.
+Our use of cookies and tracking    We only use strictly necessary cookies to provide, secure and improve our service. We offer a page that makes this very transparent. Please see this section for more information.
+How GitHub secures your information    We take all measures reasonably necessary to protect the confidentiality, integrity, and availability of your personal information on GitHub and to protect the resilience of our servers.
+GitHub's global privacy practices  We provide the same high standard of privacy protection to all our users around the world.
+How we communicate with you    We communicate with you by email. You can control the way we contact you in your account settings, or by contacting us.
+Resolving complaints   In the unlikely event that we are unable to resolve a privacy concern quickly and thoroughly, we provide a path of dispute resolution.
+Changes to our Privacy Statement   We notify you of material changes to this Privacy Statement 30 days before any such changes become effective. You may also track changes in our Site Policy repository.
+License    This Privacy Statement is licensed under the Creative Commons Zero license.
+Contacting GitHub  Please feel free to contact us if you have questions about our Privacy Statement.
+Translations   We provide links to some translations of the Privacy Statement.
+GitHub Privacy Statement
+What information GitHub collects
+
+"User Personal Information" is any information about one of our Users which could, alone or together with other information, personally identify them or otherwise be reasonably linked or connected with them. Information such as a username and password, an email address, a real name, an Internet protocol (IP) address, and a photograph are examples of “User Personal Information.”
+
+User Personal Information does not include aggregated, non-personally identifying information that does not identify a User or cannot otherwise be reasonably linked or connected with them. We may use such aggregated, non-personally identifying information for research purposes and to operate, analyze, improve, and optimize our Website and Service.
+
+Information users provide directly to GitHub
+Registration information
+
+We require some basic information at the time of account creation. When you create your own username and password, we ask you for a valid email address.
+
+Payment information
+
+If you sign on to a paid Account with us, send funds through the GitHub Sponsors Program, or buy an application on GitHub Marketplace, we collect your full name, address, and credit card information or PayPal information. Please note, GitHub does not process or store your credit card information or PayPal information, but our third-party payment processor does.
+
+If you list and sell an application on GitHub Marketplace, we require your banking information. If you raise funds through the GitHub Sponsors Program, we require some additional information through the registration process for you to participate in and receive funds through those services and for compliance purposes.
+
+Profile information
+
+You may choose to give us more information for your Account profile, such as your full name, an avatar which may include a photograph, your biography, your location, your company, and a URL to a third-party website. This information may include User Personal Information. Please note that your profile information may be visible to other Users of our Service.
+
+Information GitHub automatically collects from your use of the Service
+Transactional information
+
+If you have a paid Account with us, sell an application listed on GitHub Marketplace, or raise funds through the GitHub Sponsors Program, we automatically collect certain information about your transactions on the Service, such as the date, time, and amount charged.
+
+Usage information
+
+If you're accessing our Service or Website, we automatically collect the same basic information that most services collect, subject, where necessary, to your consent. This includes information about how you use the Service, such as the pages you view, the referring site, your IP address and session information, and the date and time of each request. This is information we collect from every visitor to the Website, whether they have an Account or not. This information may include User Personal information.
+
+Cookies
+
+As further described below, we automatically collect information from cookies (such as cookie ID and settings) to keep you logged in, to remember your preferences, to identify you and your device and to analyze your use of our service.
+
+Device information
+
+We may collect certain information about your device, such as its IP address, browser or client application information, language preference, operating system and application version, device type and ID, and device model and manufacturer. This information may include User Personal information.
+
+Information we collect from third parties
+
+GitHub may collect User Personal Information from third parties. For example, this may happen if you sign up for training or to receive information about GitHub from one of our vendors, partners, or affiliates. GitHub does not purchase User Personal Information from third-party data brokers.
+
+What information GitHub does not collect
+
+We do not intentionally collect “Sensitive Personal Information”, such as personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. If you choose to store any Sensitive Personal Information on our servers, you are responsible for complying with any regulatory controls regarding that data.
+
+If you are a child under the age of 13, you may not have an Account on GitHub. GitHub does not knowingly collect information from or direct any of our content specifically to children under 13. If we learn or have reason to suspect that you are a User who is under the age of 13, we will have to close your Account. We don't want to discourage you from learning to code, but those are the rules. Please see our Terms of Service for information about Account termination. Different countries may have different minimum age limits, and if you are below the minimum age for providing consent for data collection in your country, you may not have an Account on GitHub.
+
+We do not intentionally collect User Personal Information that is stored in your repositories or other free-form content inputs. Any personal information within a user's repository is the responsibility of the repository owner.
+
+How GitHub uses your information
+
+We may use your information for the following purposes:
+
+We use your Registration Information to create your account, and to provide you the Service.
+We use your Payment Information to provide you with the Paid Account service, the Marketplace service, the Sponsors Program, or any other GitHub paid service you request.
+We use your User Personal Information, specifically your username, to identify you on GitHub.
+We use your Profile Information to fill out your Account profile and to share that profile with other users if you ask us to.
+We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay. Please see our section on email communication for more information.
+We use User Personal Information to respond to support requests.
+We use User Personal Information and other data to make recommendations for you, such as to suggest projects you may want to follow or contribute to. We learn from your public behavior on GitHub—such as the projects you star—to determine your coding interests, and we recommend similar projects. These recommendations are automated decisions, but they have no legal impact on your rights.
+We may use User Personal Information to invite you to take part in surveys, beta programs, or other research projects, subject, where necessary, to your consent .
+We use Usage Information and Device Information to better understand how our Users use GitHub and to improve our Website and Service.
+We may use your User Personal Information if it is necessary for security purposes or to investigate possible fraud or attempts to harm GitHub or our Users.
+We may use your User Personal Information to comply with our legal obligations, protect our intellectual property, and enforce our Terms of Service.
+We limit our use of your User Personal Information to the purposes listed in this Privacy Statement. If we need to use your User Personal Information for other purposes, we will ask your permission first. You can always see what information we have, how we're using it, and what permissions you have given us in your user profile.
+Our legal bases for processing information
+
+To the extent that our processing of your User Personal Information is subject to certain international laws (including, but not limited to, the European Union's General Data Protection Regulation (GDPR)), GitHub is required to notify you about the legal basis on which we process User Personal Information. GitHub processes User Personal Information on the following legal bases:
+
+Contract Performance:
+When you create a GitHub Account, you provide your Registration Information. We require this information for you to enter into the Terms of Service agreement with us, and we process that information on the basis of performing that contract. We also process your username and email address on other legal bases, as described below.
+If you have a paid Account with us, we collect and process additional Payment Information on the basis of performing that contract.
+When you buy or sell an application listed on our Marketplace or, when you send or receive funds through the GitHub Sponsors Program, we process Payment Information and additional elements in order to perform the contract that applies to those services.
+Consent:
+We rely on your consent to use your User Personal Information under the following circumstances: when you fill out the information in your user profile; when you decide to participate in a GitHub training, research project, beta program, or survey; and for marketing purposes, where applicable. All of this User Personal Information is entirely optional, and you have the ability to access, modify, and delete it at any time. While you are not able to delete your email address entirely, you can make it private. You may withdraw your consent at any time.
+Legitimate Interests:
+Generally, the remainder of the processing of User Personal Information we perform is necessary for the purposes of our legitimate interest, for example, for legal compliance purposes, security purposes, or to maintain ongoing confidentiality, integrity, availability, and resilience of GitHub’s systems, Website, and Service.
+If you would like to request deletion of data we process on the basis of consent or if you object to our processing of personal information, please use our Privacy contact form.
+How we share the information we collect
+
+We may share your User Personal Information with third parties under one of the following circumstances:
+
+With your consent
+
+We share your User Personal Information, if you consent, after letting you know what information will be shared, with whom, and why. For example, if you purchase an application listed on our Marketplace, we share your username to allow the application Developer to provide you with services. Additionally, you may direct us through your actions on GitHub to share your User Personal Information. For example, if you join an Organization, you indicate your willingness to provide the owner of the Organization with the ability to view your activity in the Organization’s access log.
+
+With service providers
+
+We share User Personal Information with a limited number of service providers who process it on our behalf to provide or improve our Service, and who have agreed to privacy restrictions similar to the ones in our Privacy Statement by signing data protection agreements or making similar commitments. Our service providers perform payment processing, customer support ticketing, network data transmission, security, and other similar services. While GitHub processes all User Personal Information in the United States, our service providers may process data outside of the United States or the European Union. If you would like to know who our service providers are, please see our page on Subprocessors.
+
+For security purposes
+
+If you are a member of an Organization, GitHub may share your username, Usage Information, and Device Information associated with that Organization with an owner and/or administrator of the Organization, to the extent that such information is provided only to investigate or respond to a security incident that affects or compromises the security of that particular Organization.
+
+For legal disclosure
+
+GitHub strives for transparency in complying with legal process and legal obligations. Unless prevented from doing so by law or court order, or in rare, exigent circumstances, we make a reasonable effort to notify users of any legally compelled or required disclosure of their information. GitHub may disclose User Personal Information or other information we collect about you to law enforcement if required in response to a valid subpoena, court order, search warrant, a similar government order, or when we believe in good faith that disclosure is necessary to comply with our legal obligations, to protect our property or rights, or those of third parties or the public at large.
+
+For more information about our disclosure in response to legal requests, see our Guidelines for Legal Requests of User Data.
+
+Change in control or sale
+
+We may share User Personal Information if we are involved in a merger, sale, or acquisition of corporate entities or business units. If any such change of ownership happens, we will ensure that it is under terms that preserve the confidentiality of User Personal Information, and we will notify you on our Website or by email before any transfer of your User Personal Information. The organization receiving any User Personal Information will have to honor any promises we made in our Privacy Statement or Terms of Service.
+
+Aggregate, non-personally identifying information
+
+We share certain aggregated, non-personally identifying information with others about how our users, collectively, use GitHub, or how our users respond to our other offerings, such as our conferences or events.
+
+We do not sell your User Personal Information for monetary or other consideration.
+
+Please note: The California Consumer Privacy Act of 2018 (“CCPA”) requires businesses to state in their privacy policy whether or not they disclose personal information in exchange for monetary or other valuable consideration. While CCPA only covers California residents, we voluntarily extend its core rights for people to control their data to all of our users, not just those who live in California. You can learn more about the CCPA and how we comply with it here.
+
+Repository contents
+Access to private repositories
+
+If your repository is private, you control the access to your Content. If you include User Personal Information or Sensitive Personal Information, that information may only be accessible to GitHub in accordance with this Privacy Statement. GitHub personnel do not access private repository content except for
+
+security purposes
+to assist the repository owner with a support matter
+to maintain the integrity of the Service
+to comply with our legal obligations
+if we have reason to believe the contents are in violation of the law, or
+with your consent.
+
+However, while we do not generally search for content in your repositories, we may scan our servers and content to detect certain tokens or security signatures, known active malware, known vulnerabilities in dependencies, or other content known to violate our Terms of Service, such as violent extremist or terrorist content or child exploitation imagery, based on algorithmic fingerprinting techniques (collectively, "automated scanning"). Our Terms of Service provides more details on private repositories.
+
+Please note, you may choose to disable certain access to your private repositories that is enabled by default as part of providing you with the Service (for example, automated scanning needed to enable Dependency Graph and Dependabot alerts).
+
+GitHub will provide notice regarding our access to private repository content, unless for legal disclosure, to comply with our legal obligations, or where otherwise bound by requirements under law, for automated scanning, or if in response to a security threat or other risk to security.
+
+Public repositories
+
+If your repository is public, anyone may view its contents. If you include User Personal Information, Sensitive Personal Information, or confidential information, such as email addresses or passwords, in your public repository, that information may be indexed by search engines or used by third parties.
+
+Please see more about User Personal Information in public repositories.
+
+Other important information
+Public information on GitHub
+
+Many of GitHub services and features are public-facing. If your content is public-facing, third parties may access and use it in compliance with our Terms of Service, such as by viewing your profile or repositories or pulling data via our API. We do not sell that content; it is yours. However, we do allow third parties, such as research organizations or archives, to compile public-facing GitHub information. Other third parties, such as data brokers, have been known to scrape GitHub and compile data as well.
+
+Your User Personal Information associated with your content could be gathered by third parties in these compilations of GitHub data. If you do not want your User Personal Information to appear in third parties’ compilations of GitHub data, please do not make your User Personal Information publicly available and be sure to configure your email address to be private in your user profile and in your git commit settings. We currently set Users' email address to private by default, but legacy GitHub Users may need to update their settings.
+
+If you would like to compile GitHub data, you must comply with our Terms of Service regarding information usage and privacy, and you may only use any public-facing User Personal Information you gather for the purpose for which our user authorized it. For example, where a GitHub user has made an email address public-facing for the purpose of identification and attribution, do not use that email address for the purposes of sending unsolicited emails to users or selling User Personal Information, such as to recruiters, headhunters, and job boards, or for commercial advertising. We expect you to reasonably secure any User Personal Information you have gathered from GitHub, and to respond promptly to complaints, removal requests, and "do not contact" requests from GitHub or GitHub users.
+
+Similarly, projects on GitHub may include publicly available User Personal Information collected as part of the collaborative process. If you have a complaint about any User Personal Information on GitHub, please see our section on resolving complaints.
+
+Organizations
+
+You may indicate, through your actions on GitHub, that you are willing to share your User Personal Information. If you collaborate on or become a member of an Organization, then its Account owners may receive your User Personal Information. When you accept an invitation to an Organization, you will be notified of the types of information owners may be able to see (for more information, see About Organization Membership). If you accept an invitation to an Organization with a verified domain, then the owners of that Organization will be able to see your full email address(es) within that Organization's verified domain(s).
+
+Please note, GitHub may share your username, Usage Information, and Device Information with the owner(s) of the Organization you are a member of, to the extent that your User Personal Information is provided only to investigate or respond to a security incident that affects or compromises the security of that particular Organization.
+
+If you collaborate on or become a member of an Account that has agreed to the Corporate Terms of Service and a Data Protection Addendum (DPA) to this Privacy Statement, then that DPA governs in the event of any conflicts between this Privacy Statement and the DPA with respect to your activity in the Account.
+
+Please contact the Account owners for more information about how they might process your User Personal Information in their Organization and the ways for you to access, update, alter, or delete the User Personal Information stored in the Account.
+
+Additional services
+Third party applications
+
+You have the option of enabling or adding third-party applications, known as "Developer Products," to your Account. These Developer Products are not necessary for your use of GitHub. We will share your User Personal Information with third parties when you ask us to, such as by purchasing a Developer Product from the Marketplace; however, you are responsible for your use of the third-party Developer Product and for the amount of User Personal Information you choose to share with it. You can check our API documentation to see what information is provided when you authenticate into a Developer Product using your GitHub profile.
+
+GitHub Pages
+
+If you create a GitHub Pages website, it is your responsibility to post a privacy statement that accurately describes how you collect, use, and share personal information and other visitor information, and how you comply with applicable data privacy laws, rules, and regulations. Please note that GitHub may collect User Personal Information from visitors to your GitHub Pages website, including logs of visitor IP addresses, to comply with legal obligations, and to maintain the security and integrity of the Website and the Service.
+
+GitHub applications
+
+You can also add applications from GitHub, such as our Desktop app, our Atom application, or other application and account features, to your Account. These applications each have their own terms and may collect different kinds of User Personal Information; however, all GitHub applications are subject to this Privacy Statement, and we collect the amount of User Personal Information necessary, and use it only for the purpose for which you have given it to us.
+
+How you can access and control the information we collect
+
+If you're already a GitHub user, you may access, update, alter, or delete your basic user profile information by editing your user profile or contacting GitHub Support. You can control the information we collect about you by limiting what information is in your profile, by keeping your information current, or by contacting GitHub Support.
+
+If GitHub processes information about you, such as information GitHub receives from third parties, and you do not have an account, then you may, subject to applicable law, access, update, alter, delete, or object to the processing of your personal information by contacting GitHub Support.
+
+Data portability
+
+As a GitHub User, you can always take your data with you. You can clone your repositories to your desktop, for example, or you can use our Data Portability tools to download information we have about you.
+
+Data retention and deletion of data
+
+Generally, GitHub retains User Personal Information for as long as your account is active or as needed to provide you services.
+
+If you would like to cancel your account or delete your User Personal Information, you may do so in your user profile. We retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements, but barring legal requirements, we will delete your full profile (within reason) within 90 days of your request. You may contact GitHub Support to request the erasure of the data we process on the basis of consent within 30 days.
+
+After an account has been deleted, certain data, such as contributions to other Users' repositories and comments in others' issues, will remain. However, we will delete or de-identify your User Personal Information, including your username and email address, from the author field of issues, pull requests, and comments by associating them with a ghost user.
+
+That said, the email address you have supplied via your Git commit settings will always be associated with your commits in the Git system. If you choose to make your email address private, you should also update your Git commit settings. We are unable to change or delete data in the Git commit history — the Git software is designed to maintain a record — but we do enable you to control what information you put in that record.
+
+Our use of cookies and tracking
+Cookies
+
+GitHub only uses strictly necessary cookies. Cookies are small text files that websites often store on computer hard drives or mobile devices of visitors.
+
+We use cookies solely to provide, secure, and improve our service. For example, we use them to keep you logged in, remember your preferences, identify your device for security purposes, analyze your use of our service, compile statistical reports, and provide information for future development of GitHub. We use our own cookies for analytics purposes, but do not use any third-party analytics service providers.
+
+By using our service, you agree that we can place these types of cookies on your computer or device. If you disable your browser or device’s ability to accept these cookies, you will not be able to log in or use our service.
+
+We provide more information about cookies on GitHub on our GitHub Subprocessors and Cookies page that describes the cookies we set, the needs we have for those cookies, and the expiration of such cookies.
+
+DNT
+
+"Do Not Track" (DNT) is a privacy preference you can set in your browser if you do not want online services to collect and share certain kinds of information about your online activity from third party tracking services. GitHub responds to browser DNT signals and follows the W3C standard for responding to DNT signals. If you would like to set your browser to signal that you would not like to be tracked, please check your browser's documentation for how to enable that signal. There are also good applications that block online tracking, such as Privacy Badger.
+
+How GitHub secures your information
+
+GitHub takes all measures reasonably necessary to protect User Personal Information from unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of User Personal Information.
+
+GitHub enforces a written security information program. Our program:
+
+aligns with industry recognized frameworks;
+includes security safeguards reasonably designed to protect the confidentiality, integrity, availability, and resilience of our Users' data;
+is appropriate to the nature, size, and complexity of GitHub’s business operations;
+includes incident response and data breach notification processes; and
+complies with applicable information security-related laws and regulations in the geographic regions where GitHub does business.
+
+In the event of a data breach that affects your User Personal Information, we will act promptly to mitigate the impact of a breach and notify any affected Users without undue delay.
+
+Transmission of data on GitHub is encrypted using SSH, HTTPS (TLS), and git repository content is encrypted at rest. We manage our own cages and racks at top-tier data centers with high level of physical and network security, and when data is stored with a third-party storage provider, it is encrypted.
+
+No method of transmission, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security. For more information, see our security disclosures.
+
+GitHub's global privacy practices
+
+GitHub, Inc. and, for those in the European Economic Area, the United Kingdom, and Switzerland, GitHub B.V. are the controllers responsible for the processing of your personal information in connection with the Service, except (a) with respect to personal information that was added to a repository by its contributors, in which case the owner of that repository is the controller and GitHub is the processor (or, if the owner acts as a processor, GitHub will be the subprocessor); or (b) when you and GitHub have entered into a separate agreement that covers data privacy (such as a Data Processing Agreement).
+
+Our addresses are:
+
+GitHub, Inc., 88 Colin P. Kelly Jr. Street, San Francisco, CA 94107.
+GitHub B.V., Vijzelstraat 68-72, 1017 HL Amsterdam, The Netherlands.
+
+We store and process the information that we collect in the United States in accordance with this Privacy Statement, though our service providers may store and process data outside the United States. However, we understand that we have Users from different countries and regions with different privacy expectations, and we try to meet those needs even when the United States does not have the same privacy framework as other countries.
+
+We provide the same high standard of privacy protection—as described in this Privacy Statement—to all our users around the world, regardless of their country of origin or location, and we are proud of the levels of notice, choice, accountability, security, data integrity, access, and recourse we provide. We work hard to comply with the applicable data privacy laws wherever we do business, working with our Data Protection Officer as part of a cross-functional team that oversees our privacy compliance efforts. Additionally, if our vendors or affiliates have access to User Personal Information, they must sign agreements that require them to comply with our privacy policies and with applicable data privacy laws.
+
+In particular:
+
+GitHub provides clear methods of unambiguous, informed, specific, and freely given consent at the time of data collection, when we collect your User Personal Information using consent as a basis.
+We collect only the minimum amount of User Personal Information necessary for our purposes, unless you choose to provide more. We encourage you to only give us the amount of data you are comfortable sharing.
+We offer you simple methods of accessing, altering, or deleting the User Personal Information we have collected, where legally permitted.
+We provide our Users notice, choice, accountability, security, and access regarding their User Personal Information, and we limit the purpose for processing it. We also provide our Users a method of recourse and enforcement.
+Cross-border data transfers
+
+GitHub processes personal information both inside and outside of the United States and relies on Standard Contractual Clauses as the legally provided mechanism to lawfully transfer data from the European Economic Area, the United Kingdom, and Switzerland to the United States. In addition, GitHub is certified to the EU-US and Swiss-US Privacy Shield Frameworks. To learn more about our cross-border data transfers, see our Global Privacy Practices.
+
+How we communicate with you
+
+We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay. For example, if you contact our Support team with a request, we respond to you via email. You have a lot of control over how your email address is used and shared on and through GitHub. You may manage your communication preferences in your user profile.
+
+By design, the Git version control system associates many actions with a User's email address, such as commit messages. We are not able to change many aspects of the Git system. If you would like your email address to remain private, even when you’re commenting on public repositories, you can create a private email address in your user profile. You should also update your local Git configuration to use your private email address. This will not change how we contact you, but it will affect how others see you. We set current Users' email address private by default, but legacy GitHub Users may need to update their settings. Please see more about email addresses in commit messages here.
+
+Depending on your email settings, GitHub may occasionally send notification emails about changes in a repository you’re watching, new features, requests for feedback, important policy changes, or to offer customer support. We also send marketing emails, based on your choices and in accordance with applicable laws and regulations. There's an “unsubscribe” link located at the bottom of each of the marketing emails we send you. Please note that you cannot opt out of receiving important communications from us, such as emails from our Support team or system emails, but you can configure your notifications settings in your profile to opt out of other communications.
+
+Our emails may contain a pixel tag, which is a small, clear image that can tell us whether or not you have opened an email and what your IP address is. We use this pixel tag to make our email more effective for you and to make sure we’re not sending you unwanted email.
+
+Resolving complaints
+
+If you have concerns about the way GitHub is handling your User Personal Information, please let us know immediately. We want to help. You may contact us by filling out the Privacy contact form. You may also email us directly at privacy@github.com with the subject line "Privacy Concerns." We will respond promptly — within 45 days at the latest.
+
+You may also contact our Data Protection Officer directly.
+
+Our United States HQ   Our EU Office
+GitHub Data Protection Officer GitHub BV
+88 Colin P. Kelly Jr. St.  Vijzelstraat 68-72
+San Francisco, CA 94107    1017 HL Amsterdam
+United States  The Netherlands
+privacy@github.com privacy@github.com
+Dispute resolution process
+
+In the unlikely event that a dispute arises between you and GitHub regarding our handling of your User Personal Information, we will do our best to resolve it. Additionally, if you are a resident of an EU member state, you have the right to file a complaint with your local supervisory authority, and you might have more options.
+
+Changes to our Privacy Statement
+
+Although most changes are likely to be minor, GitHub may change our Privacy Statement from time to time. We will provide notification to Users of material changes to this Privacy Statement through our Website at least 30 days prior to the change taking effect by posting a notice on our home page or sending email to the primary email address specified in your GitHub account. We will also update our Site Policy repository, which tracks all changes to this policy. For other changes to this Privacy Statement, we encourage Users to watch or to check our Site Policy repository frequently.
+
+License
+
+This Privacy Statement is licensed under this Creative Commons Zero license. For details, see our site-policy repository.
+
+Contacting GitHub
+
+Questions regarding GitHub's Privacy Statement or information practices should be directed to our Privacy contact form.
+
+Translations
+
+Below are translations of this document into other languages. In the event of any conflict, uncertainty, or apparent inconsistency between any of those versions and the English version, this English version is the controlling version.
+
+French
+
+Cliquez ici pour obtenir la version française: Déclaration de confidentialité de GitHub
+
+Other translations
+
+For translations of this statement into other languages, please visit https://docs.github.com/ and select a language from the drop-down menu under “English.”
\ No newline at end of file
milonmaze commented 2 years ago

9810b00cf41cda8fbe607855a7273f11c5656604: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2022-06-01

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index af103931..eb95b04b 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -4,27 +4,24 @@ In this article
 The short version
 Summary
 GitHub Privacy Statement
+Who is responsible for the processing of your information?
+GitHub acting on your behalf
 What information GitHub collects
-What information GitHub does not collect
 How GitHub uses your information
 How we share the information we collect
-Repository contents
-Other important information
-Additional services
-How you can access and control the information we collect
-Our use of cookies and tracking
+Your choices regarding our processing of your personal data
+Our use of cookies and tracking technologies
+Retention of Personal Data
 How GitHub secures your information
-GitHub's global privacy practices
-How we communicate with you
-Resolving complaints
 Changes to our Privacy Statement
 License
 Contacting GitHub
 Translations
+GitHub's notice to California residents

-Effective date: December 19, 2020
+Effective date: May 31, 2022

-Thanks for entrusting GitHub Inc. (“GitHub”, “we”) with your source code, your projects, and your personal information. Holding on to your private information is a serious responsibility, and we want you to know how we're handling it.
+Thanks for entrusting GitHub Inc. or GitHub B.V. (“GitHub”, “we”, "us" or "our") with your source code, your projects, and your personal data. This Privacy Statement explains our practices regarding the collection, use, and disclosure of your data, including any personal data we collect and process in connection with our website and any applications, software, products, and services provided by GitHub, including any Beta Previews (collectively “Service”).

 All capitalized terms have their definition in GitHub’s Terms of Service, unless otherwise noted here.

@@ -32,287 +29,240 @@ The short version

 We use your personal information as this Privacy Statement describes. No matter where you are, where you live, or what your citizenship is, we provide the same high standard of privacy protection to all our users around the world, regardless of their country of origin or location.

-Of course, the short version and the Summary below don't tell you everything, so please read on for more details.
+To see our Privacy Notice to residents of California, please go to GitHub's Notice about the California Consumer Privacy Act or scroll down.

 Summary
 Section    What can you find there?
-What information GitHub collects   GitHub collects information directly from you for your registration, payment, transactions, and user profile. We also automatically collect from you your usage information, cookies, and device information, subject, where necessary, to your consent. GitHub may also collect User Personal Information from third parties. We only collect the minimum amount of personal information necessary from you, unless you choose to provide more.
-What information GitHub does not collect   We don’t knowingly collect information from children under 13, and we don’t collect Sensitive Personal Information.
-How GitHub uses your information   In this section, we describe the ways in which we use your information, including to provide you the Service, to communicate with you, for security and compliance purposes, and to improve our Service. We also describe the legal basis upon which we process your information, where legally required.
-How we share the information we collect    We may share your information with third parties under one of the following circumstances: with your consent, with our service providers, for security purposes, to comply with our legal obligations, or when there is a change of control or sale of corporate entities or business units. We do not sell your personal information and we do not host advertising on GitHub. You can see a list of the service providers that access your information.
-Other important information    We provide additional information specific to repository contents, public information, and Organizations on GitHub.
-Additional services    We provide information about additional service offerings, including third-party applications, GitHub Pages, and GitHub applications.
-How you can access and control the information we collect  We provide ways for you to access, alter, or delete your personal information.
-Our use of cookies and tracking    We only use strictly necessary cookies to provide, secure and improve our service. We offer a page that makes this very transparent. Please see this section for more information.
-How GitHub secures your information    We take all measures reasonably necessary to protect the confidentiality, integrity, and availability of your personal information on GitHub and to protect the resilience of our servers.
-GitHub's global privacy practices  We provide the same high standard of privacy protection to all our users around the world.
-How we communicate with you    We communicate with you by email. You can control the way we contact you in your account settings, or by contacting us.
+Who is responsible for the processing of your information  Subject to limited exceptions, GitHub is the controller and entity responsible for the processing of your Personal Data in connection with the Website or Service.
+What information GitHub collects   GitHub collects information directly from you for your registration, payment, transactions, and user profile. We also automatically collect from you your usage information, cookies, and device information, subject, where necessary, to your consent. GitHub may also collect Personal Data from third parties. We only collect the minimum amount of Personal Data necessary from you, unless you choose to provide more.
+How GitHub uses your information   In this section, we describe the ways in which we use your information, including to provide you the Service, to communicate with you, for security and compliance purposes, and to improve our Website or Service or develop new features and functionality of our Website or Service. We also describe the legal basis upon which we process your information, where legally required.
+How we share the information we collect    We may share your information with third parties under one of the following circumstances: with your consent, with our service providers, for security purposes, to comply with our legal obligations, or when there is a change of control or sale of corporate entities or business units. We do not sell your personal information and we do not host advertising on GitHub.
+Your choices regarding our processing of your personal data    We provide ways for you to access, alter, or delete your personal information.
+Cookies    We only use strictly necessary cookies to provide, secure, and improve our Website or Service or develop new features and functionality of our Website or Service. We offer a page that makes this very transparent. We do not send any information to third-party analytics services.
+How GitHub secures your information    We take all measures reasonably necessary to protect the confidentiality, integrity, and availability of your Personal Data on GitHub and to protect the resilience of our servers.
+Communication preferences  We communicate with you by email. You can control the way we contact you in your account settings, or by contacting us.
 Resolving complaints   In the unlikely event that we are unable to resolve a privacy concern quickly and thoroughly, we provide a path of dispute resolution.
 Changes to our Privacy Statement   We notify you of material changes to this Privacy Statement 30 days before any such changes become effective. You may also track changes in our Site Policy repository.
 License    This Privacy Statement is licensed under the Creative Commons Zero license.
 Contacting GitHub  Please feel free to contact us if you have questions about our Privacy Statement.
 Translations   We provide links to some translations of the Privacy Statement.
 GitHub Privacy Statement
-What information GitHub collects
+Who is responsible for the processing of your information?

-"User Personal Information" is any information about one of our Users which could, alone or together with other information, personally identify them or otherwise be reasonably linked or connected with them. Information such as a username and password, an email address, a real name, an Internet protocol (IP) address, and a photograph are examples of “User Personal Information.”
+The data controller of your personal data is GitHub, Inc. For individuals outside North America, the data controller is GitHub B.V.

-User Personal Information does not include aggregated, non-personally identifying information that does not identify a User or cannot otherwise be reasonably linked or connected with them. We may use such aggregated, non-personally identifying information for research purposes and to operate, analyze, improve, and optimize our Website and Service.
+This privacy statement does not apply to personal data we process as a service provider or data processor on behalf of our enterprise customers. Our data processing activities as service processor or data processor is governed by our Data Protection Agreement. If you are a consumer end-user of one of those organizations, you should read that organization’s privacy statement and direct any privacy inquiries to that organization.

-Information users provide directly to GitHub
-Registration information
+GitHub acting on your behalf

-We require some basic information at the time of account creation. When you create your own username and password, we ask you for a valid email address.
+In some cases, GitHub is acting only on your behalf for the personal data we collect and process in connection with our Service (for example, for the Personal Data added to a repository by the contributors to such repository). In such cases, GitHub will only process the data in order to provide the Service requested by you. Please note that subject to our Private Information Removal Policy contributors’ requests to remove Personal Data generally require notice to and action from the repository owner.

-Payment information
+What information GitHub collects

-If you sign on to a paid Account with us, send funds through the GitHub Sponsors Program, or buy an application on GitHub Marketplace, we collect your full name, address, and credit card information or PayPal information. Please note, GitHub does not process or store your credit card information or PayPal information, but our third-party payment processor does.
+The personal data we collect depends on how you interact with us, the services you use, and the choices you make. We collect information about you from different sources and in various ways when you use our Service, including information you provide directly, information collected automatically, third-party data sources, and data we infer or generate from other data.

-If you list and sell an application on GitHub Marketplace, we require your banking information. If you raise funds through the GitHub Sponsors Program, we require some additional information through the registration process for you to participate in and receive funds through those services and for compliance purposes.
+Information users provide directly to GitHub

-Profile information
+We collect personal data you provide to us. For example:

-You may choose to give us more information for your Account profile, such as your full name, an avatar which may include a photograph, your biography, your location, your company, and a URL to a third-party website. This information may include User Personal Information. Please note that your profile information may be visible to other Users of our Service.
+Registration information

-Information GitHub automatically collects from your use of the Service
-Transactional information
+We collect information such as your username, email address, and password during account creation.

-If you have a paid Account with us, sell an application listed on GitHub Marketplace, or raise funds through the GitHub Sponsors Program, we automatically collect certain information about your transactions on the Service, such as the date, time, and amount charged.
+Demographic information

-Usage information
+In some cases, we request that you provide age, gender, and similar demographic details.

-If you're accessing our Service or Website, we automatically collect the same basic information that most services collect, subject, where necessary, to your consent. This includes information about how you use the Service, such as the pages you view, the referring site, your IP address and session information, and the date and time of each request. This is information we collect from every visitor to the Website, whether they have an Account or not. This information may include User Personal information.
+Payment and billing information

-Cookies
+If you make a purchase or other financial transaction, we collect credit card numbers, financial account information, and other payment details.

-As further described below, we automatically collect information from cookies (such as cookie ID and settings) to keep you logged in, to remember your preferences, to identify you and your device and to analyze your use of our service.
+Content and files

-Device information
-
-We may collect certain information about your device, such as its IP address, browser or client application information, language preference, operating system and application version, device type and ID, and device model and manufacturer. This information may include User Personal information.
+We collect any photographs, documents, or other files you upload to our Service; and if you send us email messages or other communications, we collect and retain those communications. For example, you may choose to give us more information for your Account profile, such as your full name, an avatar which may include a photograph, your biography, your location, your company, and a URL to a third-party website. Please note that your profile information may be visible to other Users of our Service.

-Information we collect from third parties
+Information GitHub automatically collects.

-GitHub may collect User Personal Information from third parties. For example, this may happen if you sign up for training or to receive information about GitHub from one of our vendors, partners, or affiliates. GitHub does not purchase User Personal Information from third-party data brokers.
+When you visit or use our Service, we collect some information automatically. For example:

-What information GitHub does not collect
+Transaction information

-We do not intentionally collect “Sensitive Personal Information”, such as personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. If you choose to store any Sensitive Personal Information on our servers, you are responsible for complying with any regulatory controls regarding that data.
+If you have a paid Account with us, or make a purchase or sale using our Service, we automatically collect certain information about your transactions on the Service, such as your full name, address, region, state, country, zip code, the date, time, and amount charged.

-If you are a child under the age of 13, you may not have an Account on GitHub. GitHub does not knowingly collect information from or direct any of our content specifically to children under 13. If we learn or have reason to suspect that you are a User who is under the age of 13, we will have to close your Account. We don't want to discourage you from learning to code, but those are the rules. Please see our Terms of Service for information about Account termination. Different countries may have different minimum age limits, and if you are below the minimum age for providing consent for data collection in your country, you may not have an Account on GitHub.
+Usage information

-We do not intentionally collect User Personal Information that is stored in your repositories or other free-form content inputs. Any personal information within a user's repository is the responsibility of the repository owner.
+If you're accessing or using our Service, we may automatically collect information about how you use the Service, such as the pages you view, the referring site, your IP address and information about your device, session information, the date and time of each request, information contained in or relating to your contributions to individual repositories, and telemetry data (i.e., information about how a specific feature or service is performing) regarding your use of other features and functionality of the Service.

-How GitHub uses your information
+Cookies

-We may use your information for the following purposes:
-
-We use your Registration Information to create your account, and to provide you the Service.
-We use your Payment Information to provide you with the Paid Account service, the Marketplace service, the Sponsors Program, or any other GitHub paid service you request.
-We use your User Personal Information, specifically your username, to identify you on GitHub.
-We use your Profile Information to fill out your Account profile and to share that profile with other users if you ask us to.
-We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay. Please see our section on email communication for more information.
-We use User Personal Information to respond to support requests.
-We use User Personal Information and other data to make recommendations for you, such as to suggest projects you may want to follow or contribute to. We learn from your public behavior on GitHub—such as the projects you star—to determine your coding interests, and we recommend similar projects. These recommendations are automated decisions, but they have no legal impact on your rights.
-We may use User Personal Information to invite you to take part in surveys, beta programs, or other research projects, subject, where necessary, to your consent .
-We use Usage Information and Device Information to better understand how our Users use GitHub and to improve our Website and Service.
-We may use your User Personal Information if it is necessary for security purposes or to investigate possible fraud or attempts to harm GitHub or our Users.
-We may use your User Personal Information to comply with our legal obligations, protect our intellectual property, and enforce our Terms of Service.
-We limit our use of your User Personal Information to the purposes listed in this Privacy Statement. If we need to use your User Personal Information for other purposes, we will ask your permission first. You can always see what information we have, how we're using it, and what permissions you have given us in your user profile.
-Our legal bases for processing information
-
-To the extent that our processing of your User Personal Information is subject to certain international laws (including, but not limited to, the European Union's General Data Protection Regulation (GDPR)), GitHub is required to notify you about the legal basis on which we process User Personal Information. GitHub processes User Personal Information on the following legal bases:
-
-Contract Performance:
-When you create a GitHub Account, you provide your Registration Information. We require this information for you to enter into the Terms of Service agreement with us, and we process that information on the basis of performing that contract. We also process your username and email address on other legal bases, as described below.
-If you have a paid Account with us, we collect and process additional Payment Information on the basis of performing that contract.
-When you buy or sell an application listed on our Marketplace or, when you send or receive funds through the GitHub Sponsors Program, we process Payment Information and additional elements in order to perform the contract that applies to those services.
-Consent:
-We rely on your consent to use your User Personal Information under the following circumstances: when you fill out the information in your user profile; when you decide to participate in a GitHub training, research project, beta program, or survey; and for marketing purposes, where applicable. All of this User Personal Information is entirely optional, and you have the ability to access, modify, and delete it at any time. While you are not able to delete your email address entirely, you can make it private. You may withdraw your consent at any time.
-Legitimate Interests:
-Generally, the remainder of the processing of User Personal Information we perform is necessary for the purposes of our legitimate interest, for example, for legal compliance purposes, security purposes, or to maintain ongoing confidentiality, integrity, availability, and resilience of GitHub’s systems, Website, and Service.
-If you would like to request deletion of data we process on the basis of consent or if you object to our processing of personal information, please use our Privacy contact form.
-How we share the information we collect
+As further described below, we automatically collect information from cookies (such as cookie ID and settings) in connection with our Service.

-We may share your User Personal Information with third parties under one of the following circumstances:
+Device information

-With your consent
+We may collect information about your device, such as its IP address, browser or client application information, language preference, operating system and application version, device type and ID, and device model and manufacturer.

-We share your User Personal Information, if you consent, after letting you know what information will be shared, with whom, and why. For example, if you purchase an application listed on our Marketplace, we share your username to allow the application Developer to provide you with services. Additionally, you may direct us through your actions on GitHub to share your User Personal Information. For example, if you join an Organization, you indicate your willingness to provide the owner of the Organization with the ability to view your activity in the Organization’s access log.
+Geolocation information

-With service providers
+In connection with certain features and depending on the functionality of the Service, we collect geolocation information such as through IP addresses or the location information you choose to provide in your Account profile.

-We share User Personal Information with a limited number of service providers who process it on our behalf to provide or improve our Service, and who have agreed to privacy restrictions similar to the ones in our Privacy Statement by signing data protection agreements or making similar commitments. Our service providers perform payment processing, customer support ticketing, network data transmission, security, and other similar services. While GitHub processes all User Personal Information in the United States, our service providers may process data outside of the United States or the European Union. If you would like to know who our service providers are, please see our page on Subprocessors.
+Information we create or generate

-For security purposes
+We infer new information from other data we collect, including using automated means to generate information about your likely preferences or other characteristics (“inferences”). For example, we infer your general geographic location (such as city, state, and country) based on your IP address.

-If you are a member of an Organization, GitHub may share your username, Usage Information, and Device Information associated with that Organization with an owner and/or administrator of the Organization, to the extent that such information is provided only to investigate or respond to a security incident that affects or compromises the security of that particular Organization.
+Information we collect from third parties

-For legal disclosure
+Other companies with whom you choose to engage. GitHub may collect Personal Data about you from third parties. For example, this may happen if you sign up for training or to receive information about GitHub from one of our vendors, partners, or affiliates. GitHub does not purchase Personal Data from third-party data brokers.

-GitHub strives for transparency in complying with legal process and legal obligations. Unless prevented from doing so by law or court order, or in rare, exigent circumstances, we make a reasonable effort to notify users of any legally compelled or required disclosure of their information. GitHub may disclose User Personal Information or other information we collect about you to law enforcement if required in response to a valid subpoena, court order, search warrant, a similar government order, or when we believe in good faith that disclosure is necessary to comply with our legal obligations, to protect our property or rights, or those of third parties or the public at large.
+Service Providers. We may also receive information from processors or service providers who process the data on our behalf, such as our payment processor who process payment and billing information in connection with our Service.

-For more information about our disclosure in response to legal requests, see our Guidelines for Legal Requests of User Data.
+Content you post on our Service. Information you store in, or contribute to, a public repository, provide for use in connection with a Community Feature or make otherwise publicly available through the Service will be collected by GitHub as described in this Privacy Statement. Such information may also be available to the GitHub user community as well as the general public. For more information, please review details regarding public repositories and community features here.

-Change in control or sale
+Co-branding/marketing partners. We may receive information from partners with which we offer co-branded services or engage in joint marketing activities.

-We may share User Personal Information if we are involved in a merger, sale, or acquisition of corporate entities or business units. If any such change of ownership happens, we will ensure that it is under terms that preserve the confidentiality of User Personal Information, and we will notify you on our Website or by email before any transfer of your User Personal Information. The organization receiving any User Personal Information will have to honor any promises we made in our Privacy Statement or Terms of Service.
+Publicly available sources. We may also obtain information from publicly available sources as GitHub repositories.

-Aggregate, non-personally identifying information
+When you are asked to provide Personal Data, you may decline. And you may use web browser or operating system controls to prevent certain types of automatic data collection. But if you choose not to provide or allow information that is necessary for certain services or features, those services or features may not be available or fully functional.

-We share certain aggregated, non-personally identifying information with others about how our users, collectively, use GitHub, or how our users respond to our other offerings, such as our conferences or events.
+How GitHub uses your information

-We do not sell your User Personal Information for monetary or other consideration.
+We may use your information to provide, administer, analyze, manage, and operate our Service. For example, we use your information for the following purposes:

-Please note: The California Consumer Privacy Act of 2018 (“CCPA”) requires businesses to state in their privacy policy whether or not they disclose personal information in exchange for monetary or other valuable consideration. While CCPA only covers California residents, we voluntarily extend its core rights for people to control their data to all of our users, not just those who live in California. You can learn more about the CCPA and how we comply with it here.
+Provide our products and deliver our services including troubleshooting, improving, and personalizing the features on the Service.
+Business operations such as billing, accounting, improving our internal operations, securing our systems, detecting fraudulent or illegal activity, and meeting our legal obligations.
+Improve and develop our products and services including to develop new services or features, and conduct research.
+Personalization of our Service by understanding you and your preferences to enhance your experience and enjoyment using our Service.
+Provide customer support and respond to your questions.
+Deliver promotional communications with you about new services, features, offers, promotions, and other information about our Service.
+Send you information, including confirmations, invoices, technical notices, updates, security alerts, support and administrative messages.

-Repository contents
-Access to private repositories
+We combine data we collect from different sources for these purposes and to give you a more seamless, consistent, and personalized experience.

-If your repository is private, you control the access to your Content. If you include User Personal Information or Sensitive Personal Information, that information may only be accessible to GitHub in accordance with this Privacy Statement. GitHub personnel do not access private repository content except for
+How we share the information we collect

-security purposes
-to assist the repository owner with a support matter
-to maintain the integrity of the Service
-to comply with our legal obligations
-if we have reason to believe the contents are in violation of the law, or
-with your consent.
+We share Personal Data with your consent or as necessary to complete your transactions or provide the services you have requested or authorized. In addition, we may share each of the categories of your Personal Data described above with the types of third parties described below for the following business purposes:

-However, while we do not generally search for content in your repositories, we may scan our servers and content to detect certain tokens or security signatures, known active malware, known vulnerabilities in dependencies, or other content known to violate our Terms of Service, such as violent extremist or terrorist content or child exploitation imagery, based on algorithmic fingerprinting techniques (collectively, "automated scanning"). Our Terms of Service provides more details on private repositories.
+Public information

-Please note, you may choose to disable certain access to your private repositories that is enabled by default as part of providing you with the Service (for example, automated scanning needed to enable Dependency Graph and Dependabot alerts).
+You may select options available through our Service to publicly display and share your name and/or username and certain other information, such as your profile, demographic data, content and files, or geolocation data. For example, if you would like your email address to remain private, even when you’re commenting on public repositories, you can adjust your setting for your email address to be private in your user profile. You can also update your local Git configuration to use your private email address. Please see more about email addresses in commit messages here.

-GitHub will provide notice regarding our access to private repository content, unless for legal disclosure, to comply with our legal obligations, or where otherwise bound by requirements under law, for automated scanning, or if in response to a security threat or other risk to security.
+Please note that if you would like to compile GitHub data, you must comply with our Terms of Service regarding information usage and privacy, and you may only use any public-facing information you gather for the purpose for which our user authorized it. For example, where a GitHub user has made an email address public-facing for the purpose of identification and attribution, do not use that email address for the purposes of sending unsolicited emails to users or selling personal information, such as to recruiters, headhunters, and job boards, or for commercial advertising. We expect you to reasonably secure information you have gathered from GitHub, and to respond promptly to complaints, removal requests, and "do not contact" requests from GitHub or GitHub users.

-Public repositories
+Third-party applications

-If your repository is public, anyone may view its contents. If you include User Personal Information, Sensitive Personal Information, or confidential information, such as email addresses or passwords, in your public repository, that information may be indexed by search engines or used by third parties.
+We share your Personal Data with third parties when you tell us to do so. For example, if you purchase an application listed on our Marketplace, we share your username to allow the application developer to provide you with services. Additionally, you may direct us through your actions on GitHub to share your Personal Data. For example, if you join an Organization, you indicate your willingness to provide the owner of the Organization with the ability to view your activity in the Organization’s access log.

-Please see more about User Personal Information in public repositories.
+You can enable or add third-party applications, known as "Developer Products" to your Account. These Developer Products are not necessary for your use of GitHub. We will share your Personal Data with such third-party applications when you ask us to; however, you are responsible for your use of the third-party Developer Product and for the amount of Personal Data you choose to share with it. You can check our API documentation to see what information is provided when you authenticate into a Developer Product using your GitHub profile.

-Other important information
-Public information on GitHub
+Organizations with which you engage

-Many of GitHub services and features are public-facing. If your content is public-facing, third parties may access and use it in compliance with our Terms of Service, such as by viewing your profile or repositories or pulling data via our API. We do not sell that content; it is yours. However, we do allow third parties, such as research organizations or archives, to compile public-facing GitHub information. Other third parties, such as data brokers, have been known to scrape GitHub and compile data as well.
+You may indicate, through your actions on GitHub, that you are willing to share your Personal Data. If you collaborate on or become a member of an organization, then its Account owners may receive your Personal Data. When you accept an invitation to an organization, you will be notified of the types of information owners may be able to see (for more information, see About Organization Membership). Please contact the Account owners for more information about how they might process your Personal Data in their Organization and the ways for you to access, update, alter, or delete your Personal Data stored in the Account.

-Your User Personal Information associated with your content could be gathered by third parties in these compilations of GitHub data. If you do not want your User Personal Information to appear in third parties’ compilations of GitHub data, please do not make your User Personal Information publicly available and be sure to configure your email address to be private in your user profile and in your git commit settings. We currently set Users' email address to private by default, but legacy GitHub Users may need to update their settings.
+Service providers

-If you would like to compile GitHub data, you must comply with our Terms of Service regarding information usage and privacy, and you may only use any public-facing User Personal Information you gather for the purpose for which our user authorized it. For example, where a GitHub user has made an email address public-facing for the purpose of identification and attribution, do not use that email address for the purposes of sending unsolicited emails to users or selling User Personal Information, such as to recruiters, headhunters, and job boards, or for commercial advertising. We expect you to reasonably secure any User Personal Information you have gathered from GitHub, and to respond promptly to complaints, removal requests, and "do not contact" requests from GitHub or GitHub users.
+We share your Personal Data with service providers who process the information on our behalf to provide or improve our Service. For example, our service providers may perform payment processing, customer support ticketing, network data transmission, security, and other similar services. While GitHub processes all Personal Data in the United States, our service providers may process data outside of the United States or the European Union. Such processing by service providers will be in compliance with applicable law including any relevant transfer mechanism.

-Similarly, projects on GitHub may include publicly available User Personal Information collected as part of the collaborative process. If you have a complaint about any User Personal Information on GitHub, please see our section on resolving complaints.
+Affiliates

-Organizations
+We enable access to Personal Data across our subsidiaries, affiliates, and related companies, for example, where we share common data systems or where access is needed to operate and provide the Service.

-You may indicate, through your actions on GitHub, that you are willing to share your User Personal Information. If you collaborate on or become a member of an Organization, then its Account owners may receive your User Personal Information. When you accept an invitation to an Organization, you will be notified of the types of information owners may be able to see (for more information, see About Organization Membership). If you accept an invitation to an Organization with a verified domain, then the owners of that Organization will be able to see your full email address(es) within that Organization's verified domain(s).
+For security purposes

-Please note, GitHub may share your username, Usage Information, and Device Information with the owner(s) of the Organization you are a member of, to the extent that your User Personal Information is provided only to investigate or respond to a security incident that affects or compromises the security of that particular Organization.
+We will disclose Personal Data if we believe it is necessary to:

-If you collaborate on or become a member of an Account that has agreed to the Corporate Terms of Service and a Data Protection Addendum (DPA) to this Privacy Statement, then that DPA governs in the event of any conflicts between this Privacy Statement and the DPA with respect to your activity in the Account.
+protect our customers and others, for example to prevent spam or attempts to commit fraud, or to help prevent the loss of life or serious injury of anyone;
+operate and maintain the security of the Service, including to prevent or stop an attack on our systems or networks; or
+protect the rights or property or ourselves or others, including enforcing our agreements, terms, and policies.
+For legal disclosure

-Please contact the Account owners for more information about how they might process your User Personal Information in their Organization and the ways for you to access, update, alter, or delete the User Personal Information stored in the Account.
+GitHub may disclose Personal Data or other information we collect about you to law enforcement or other governmental agencies if required in response to a valid legal process. For more information about our disclosure in response to legal requests, see our Guidelines for Legal Requests of User Data.

-Additional services
-Third party applications
+Change in control or sale

-You have the option of enabling or adding third-party applications, known as "Developer Products," to your Account. These Developer Products are not necessary for your use of GitHub. We will share your User Personal Information with third parties when you ask us to, such as by purchasing a Developer Product from the Marketplace; however, you are responsible for your use of the third-party Developer Product and for the amount of User Personal Information you choose to share with it. You can check our API documentation to see what information is provided when you authenticate into a Developer Product using your GitHub profile.
+We may share your Personal Data if we are involved in a merger, sale, or acquisition of corporate entities or business units as described in this Privacy Statement.

-GitHub Pages
+Please note that some of the features on our Service include integrations, references, or links to services provided by third parties whose privacy practices differ from ours. If you provide Personal Data to any of those third parties, or allow us to share Personal Data with them, that data is governed by their privacy statements.

-If you create a GitHub Pages website, it is your responsibility to post a privacy statement that accurately describes how you collect, use, and share personal information and other visitor information, and how you comply with applicable data privacy laws, rules, and regulations. Please note that GitHub may collect User Personal Information from visitors to your GitHub Pages website, including logs of visitor IP addresses, to comply with legal obligations, and to maintain the security and integrity of the Website and the Service.
+Finally, we may share de-identified information in accordance with applicable law.

-GitHub applications
+No Selling of Personal Data

-You can also add applications from GitHub, such as our Desktop app, our Atom application, or other application and account features, to your Account. These applications each have their own terms and may collect different kinds of User Personal Information; however, all GitHub applications are subject to this Privacy Statement, and we collect the amount of User Personal Information necessary, and use it only for the purpose for which you have given it to us.
+We do not sell your Personal Data for monetary or other consideration as defined under California and Nevada state laws. You can learn more about the CCPA and how we comply with it here.

-How you can access and control the information we collect
+Your choices regarding our processing of your personal data

-If you're already a GitHub user, you may access, update, alter, or delete your basic user profile information by editing your user profile or contacting GitHub Support. You can control the information we collect about you by limiting what information is in your profile, by keeping your information current, or by contacting GitHub Support.
+We provide choices about the Personal Data we collect about you. The choices you make will not apply to any Personal Data associated with an Organization under your Account.

-If GitHub processes information about you, such as information GitHub receives from third parties, and you do not have an account, then you may, subject to applicable law, access, update, alter, delete, or object to the processing of your personal information by contacting GitHub Support.
+Access, correction, and deletion. If you're a GitHub user, you may access, update, alter, or delete your basic user profile information by editing your user profile or contacting GitHub Support or GitHub Premium Support. You can control the information we collect about you by limiting what information is in your profile, by keeping your information current, or by contacting GitHub Support or GitHub Premium Support.

-Data portability
+We retain and use your information as described in this Privacy Statement, but barring legal requirements, we will delete your full profile within 90 days of your request. After an account has been deleted, certain data, such as contributions to other Users' repositories and comments in others' issues, will remain. However, we will delete or de-identify your Personal Data, including your username and email address, from the author field of issues, pull requests, and comments by associating them with a ghost user. That said, the email address you have provided via your Git commit settings will always be associated with your commits in the Git system. If you choose to make your email address private, you should also update your Git commit settings. We are unable to change or delete data in the Git commit history — the Git software is designed to maintain a record — but we do enable you to control what information you put in that record.

-As a GitHub User, you can always take your data with you. You can clone your repositories to your desktop, for example, or you can use our Data Portability tools to download information we have about you.
+If GitHub processes Personal Data other than your profile information, such as information about you GitHub receives from third parties, then you may, subject to applicable law, access, update, alter, delete, object to or restrict the processing of your Personal Data by contacting GitHub Support or GitHub Premium Support.

-Data retention and deletion of data
+You can adjust the settings on your Account regarding the display of your Personal Data in private or public repositories or Personal Data processed in connection with Community Features (such as the GitHub Feed, the GitHub Globe, GitHub Explore, the GitHub Discussion Leaderboard) through profile settings.

-Generally, GitHub retains User Personal Information for as long as your account is active or as needed to provide you services.
+Additionally, if you are unable to access certain Personal Data we have via the means described above, you can request access by contacting us as described at the bottom of this privacy statement.

-If you would like to cancel your account or delete your User Personal Information, you may do so in your user profile. We retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements, but barring legal requirements, we will delete your full profile (within reason) within 90 days of your request. You may contact GitHub Support to request the erasure of the data we process on the basis of consent within 30 days.
+Data portability

-After an account has been deleted, certain data, such as contributions to other Users' repositories and comments in others' issues, will remain. However, we will delete or de-identify your User Personal Information, including your username and email address, from the author field of issues, pull requests, and comments by associating them with a ghost user.
+As a GitHub User, you can always take your data with you. You can clone your repositories to your desktop, for example, or you can use our Data Portability tools to download information we have about you.

-That said, the email address you have supplied via your Git commit settings will always be associated with your commits in the Git system. If you choose to make your email address private, you should also update your Git commit settings. We are unable to change or delete data in the Git commit history — the Git software is designed to maintain a record — but we do enable you to control what information you put in that record.
+Communication preferences

-Our use of cookies and tracking
-Cookies
+We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay. For example, if you contact our Support team with a request, we respond to you via email. You have control over how your email address is used and shared on and through our Service. You may manage your communication preferences in your profile.

-GitHub only uses strictly necessary cookies. Cookies are small text files that websites often store on computer hard drives or mobile devices of visitors.
+By design, the Git version control system associates many actions with a user's email address, such as commit messages. See more details regarding setting your commit email address.

-We use cookies solely to provide, secure, and improve our service. For example, we use them to keep you logged in, remember your preferences, identify your device for security purposes, analyze your use of our service, compile statistical reports, and provide information for future development of GitHub. We use our own cookies for analytics purposes, but do not use any third-party analytics service providers.
+Depending on your email settings, GitHub may occasionally send notification emails, for example, about changes in a repository you’re watching, new features, requests for feedback, important policy changes, or to offer customer support. We may also send marketing emails, based on your choices and in accordance with applicable laws and regulations. There's an “unsubscribe” link located at the bottom of each of the marketing emails we send you.

-By using our service, you agree that we can place these types of cookies on your computer or device. If you disable your browser or device’s ability to accept these cookies, you will not be able to log in or use our service.
+Please note that you cannot opt out of receiving important communications from us, such as emails from our Support team or system emails, but you can configure your notifications settings in your profile to opt out of other communications.

-We provide more information about cookies on GitHub on our GitHub Subprocessors and Cookies page that describes the cookies we set, the needs we have for those cookies, and the expiration of such cookies.
+European Data Protection Rights

-DNT
+If the processing of Personal Data about you is subject to European Union data protection law, you have certain rights with respect to that data:

-"Do Not Track" (DNT) is a privacy preference you can set in your browser if you do not want online services to collect and share certain kinds of information about your online activity from third party tracking services. GitHub responds to browser DNT signals and follows the W3C standard for responding to DNT signals. If you would like to set your browser to signal that you would not like to be tracked, please check your browser's documentation for how to enable that signal. There are also good applications that block online tracking, such as Privacy Badger.
+You can request access to, and rectification or erasure of, Personal Data; If any automated processing of Personal Data is based on your consent or a contract with you, you have a right to transfer or receive a copy of the Personal Data in a usable and portable format; If the processing of Personal Data is based on your consent, you can withdraw consent at any time for future processing; You can to object to, or obtain a restriction of, the processing of Personal Data under certain circumstances; and For residents of France, you can send us specific instructions regarding the use of your data after your death.

-How GitHub secures your information
+To make such requests, please use the contact information at the bottom of this statement. When we are processing data on behalf of another party (i.e., where GitHub is acting as a data processor) you should direct your request to that party. You also have the right to lodge a complaint with a supervisory authority, but we encourage you to first contact us with any questions or concerns.

-GitHub takes all measures reasonably necessary to protect User Personal Information from unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of User Personal Information.
+We rely on different lawful bases for collecting and processing Personal Data about you, for example, with your consent and/or as necessary to provide the services you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfill other legitimate interests.

-GitHub enforces a written security information program. Our program:
+Our use of cookies and tracking technologies
+Cookies and tracking technologies

-aligns with industry recognized frameworks;
-includes security safeguards reasonably designed to protect the confidentiality, integrity, availability, and resilience of our Users' data;
-is appropriate to the nature, size, and complexity of GitHub’s business operations;
-includes incident response and data breach notification processes; and
-complies with applicable information security-related laws and regulations in the geographic regions where GitHub does business.
+GitHub uses cookies to provide, secure and improve our Service or to develop new features and functionality of our Service. For example, we use them to keep you logged in, remember your preferences, identify your device for security purposes, compile statistical reports, and provide information for future development of GitHub. We use our own cookies and do not use any third-party service providers in this context. If you disable your browser or device’s ability to accept these cookies, you will not be able to log in or use our Service. We provide more information about cookies on GitHub on our GitHub Subprocessors and Cookies page that describes the cookies we set, the needs we have for those cookies, and the expiration of such cookies.

-In the event of a data breach that affects your User Personal Information, we will act promptly to mitigate the impact of a breach and notify any affected Users without undue delay.
+Our emails to users may contain a pixel tag, which is a small, clear image that can tell us whether or not you have opened an email and what your IP address is. We use this pixel tag to make our email communications more effective and to make sure we are not sending you unwanted email.

-Transmission of data on GitHub is encrypted using SSH, HTTPS (TLS), and git repository content is encrypted at rest. We manage our own cages and racks at top-tier data centers with high level of physical and network security, and when data is stored with a third-party storage provider, it is encrypted.
+DNT

-No method of transmission, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security. For more information, see our security disclosures.
+"Do Not Track" (DNT) is a privacy preference you can set in your browser if you do not want online services to collect and share certain kinds of information about your online activity from third party tracking services. GitHub responds to browser DNT signals and follows the W3C standard for responding to DNT signals. If you would like to set your browser to signal that you would not like to be tracked, please check your browser's documentation for how to enable that signal. There are also good applications that block online tracking, such as Privacy Badger.

-GitHub's global privacy practices
+Retention of Personal Data

-GitHub, Inc. and, for those in the European Economic Area, the United Kingdom, and Switzerland, GitHub B.V. are the controllers responsible for the processing of your personal information in connection with the Service, except (a) with respect to personal information that was added to a repository by its contributors, in which case the owner of that repository is the controller and GitHub is the processor (or, if the owner acts as a processor, GitHub will be the subprocessor); or (b) when you and GitHub have entered into a separate agreement that covers data privacy (such as a Data Processing Agreement).
+We retain Personal Data for as long as necessary to provide the services and fulfill the transactions you have requested, comply with our legal obligations, resolve disputes, enforce our agreements, and other legitimate and lawful business purposes. Because these needs can vary for different data types in the context of different services, actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the data, the availability of automated controls that enable users to delete data, and our legal or contractual obligations. For example, we may retain your Personal Data for longer periods, where necessary, subject to applicable law, for security purposes.

-Our addresses are:
+How GitHub secures your information

-GitHub, Inc., 88 Colin P. Kelly Jr. Street, San Francisco, CA 94107.
-GitHub B.V., Vijzelstraat 68-72, 1017 HL Amsterdam, The Netherlands.
+GitHub takes reasonable measures necessary to protect your Personal Data from unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of your Personal Data. To help us protect personal data, we request that you use a strong password and never share your password with anyone or use the same password with other sites or accounts.

-We store and process the information that we collect in the United States in accordance with this Privacy Statement, though our service providers may store and process data outside the United States. However, we understand that we have Users from different countries and regions with different privacy expectations, and we try to meet those needs even when the United States does not have the same privacy framework as other countries.
+In addition, if your account has private repositories, you control the access to that Content. GitHub personnel does not access private repository content except for

-We provide the same high standard of privacy protection—as described in this Privacy Statement—to all our users around the world, regardless of their country of origin or location, and we are proud of the levels of notice, choice, accountability, security, data integrity, access, and recourse we provide. We work hard to comply with the applicable data privacy laws wherever we do business, working with our Data Protection Officer as part of a cross-functional team that oversees our privacy compliance efforts. Additionally, if our vendors or affiliates have access to User Personal Information, they must sign agreements that require them to comply with our privacy policies and with applicable data privacy laws.
+security purposes,
+automated scanning for known vulnerabilities, active malware, or other content known to violate our Terms of Service
+to assist the repository owner with a support matter
+to maintain the integrity of the Service
+to comply with our legal obligations if we have reason to believe the contents are in violation of the law,
+or with your consent.

-In particular:
+Github will provide notice regarding private repository access where not prohibited by law or if in response to a security threat or other risk to security.

-GitHub provides clear methods of unambiguous, informed, specific, and freely given consent at the time of data collection, when we collect your User Personal Information using consent as a basis.
-We collect only the minimum amount of User Personal Information necessary for our purposes, unless you choose to provide more. We encourage you to only give us the amount of data you are comfortable sharing.
-We offer you simple methods of accessing, altering, or deleting the User Personal Information we have collected, where legally permitted.
-We provide our Users notice, choice, accountability, security, and access regarding their User Personal Information, and we limit the purpose for processing it. We also provide our Users a method of recourse and enforcement.
 Cross-border data transfers

-GitHub processes personal information both inside and outside of the United States and relies on Standard Contractual Clauses as the legally provided mechanism to lawfully transfer data from the European Economic Area, the United Kingdom, and Switzerland to the United States. In addition, GitHub is certified to the EU-US and Swiss-US Privacy Shield Frameworks. To learn more about our cross-border data transfers, see our Global Privacy Practices.
-
-How we communicate with you
-
-We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay. For example, if you contact our Support team with a request, we respond to you via email. You have a lot of control over how your email address is used and shared on and through GitHub. You may manage your communication preferences in your user profile.
-
-By design, the Git version control system associates many actions with a User's email address, such as commit messages. We are not able to change many aspects of the Git system. If you would like your email address to remain private, even when you’re commenting on public repositories, you can create a private email address in your user profile. You should also update your local Git configuration to use your private email address. This will not change how we contact you, but it will affect how others see you. We set current Users' email address private by default, but legacy GitHub Users may need to update their settings. Please see more about email addresses in commit messages here.
-
-Depending on your email settings, GitHub may occasionally send notification emails about changes in a repository you’re watching, new features, requests for feedback, important policy changes, or to offer customer support. We also send marketing emails, based on your choices and in accordance with applicable laws and regulations. There's an “unsubscribe” link located at the bottom of each of the marketing emails we send you. Please note that you cannot opt out of receiving important communications from us, such as emails from our Support team or system emails, but you can configure your notifications settings in your profile to opt out of other communications.
-
-Our emails may contain a pixel tag, which is a small, clear image that can tell us whether or not you have opened an email and what your IP address is. We use this pixel tag to make our email more effective for you and to make sure we’re not sending you unwanted email.
+GitHub processes Personal Data both inside and outside of the United States and relies on legal mechanisms such as Standard Contractual Clauses to lawfully transfer data from the European Economic Area, the United Kingdom, and Switzerland to the United States. You may request a copy of the Standard Contractual Clauses using the contact details provided in the section entitled “Contacting GitHub” below.

 Resolving complaints

-If you have concerns about the way GitHub is handling your User Personal Information, please let us know immediately. We want to help. You may contact us by filling out the Privacy contact form. You may also email us directly at privacy@github.com with the subject line "Privacy Concerns." We will respond promptly — within 45 days at the latest.
+If you have concerns about the way GitHub is handling your Personal Data, please let us know immediately. We want to help. You may contact us by filling out the Privacy contact form. You may also email us directly at (privacy [at] github [dot] com) with the subject line "Privacy Concerns." We will respond promptly — within 45 days at the latest.

 You may also contact our Data Protection Officer directly.

@@ -321,7 +271,7 @@ GitHub Data Protection Officer  GitHub BV
 88 Colin P. Kelly Jr. St.  Vijzelstraat 68-72
 San Francisco, CA 94107    1017 HL Amsterdam
 United States  The Netherlands
-privacy@github.com privacy@github.com
+privacy [at] github [dot] com  privacy [at] github [dot] com
 Dispute resolution process

 In the unlikely event that a dispute arises between you and GitHub regarding our handling of your User Personal Information, we will do our best to resolve it. Additionally, if you are a resident of an EU member state, you have the right to file a complaint with your local supervisory authority, and you might have more options.
@@ -348,4 +298,57 @@ Cliquez ici pour obtenir la version française: Déclaration de confidentialité

 Other translations

-For translations of this statement into other languages, please visit https://docs.github.com/ and select a language from the drop-down menu under “English.”
\ No newline at end of file
+For translations of this statement into other languages, please visit https://docs.github.com/ and select a language from the drop-down menu under “English.”
+
+GitHub's notice to California residents
+
+The California Consumer Privacy Act of 2018, (Cal. Civ. Code §1798.100 et seq., as amended, “CCPA”) gives California residents rights and control over their personal information. GitHub, Inc. ("GitHub", "we") provides this statement to those residents ("you") in accordance with requirements under the CCPA to make certain disclosures about the collection and processing of their personal information. This is GitHub’s California-specific description of consumers’ privacy rights under the CCPA. For information about how we’ve extended the CCPA core rights to control personal information to all of our users in the United States, please see our Privacy Statement.
+
+Our handling of personal information
+
+While the table below contains information about the categories of personal information we collect, process, and share, please see the GitHub Privacy Statement for full details.
+
+Category of personal information collected in last 12 months   Category of sources from which the personal information has been collected
+Identifiers (such as real name, alias, postal address, unique personal identifier, online identifier Internet Protocol address, email address, account name, or other similar identifiers) Information consumer provides directly or automatically through their interaction with our Service and/or Website or GitHub’s vendors, partners, or affiliates
+Personal information described in Cal. Civ. Code §1798.80 (e) such as name, address, credit card or debit card number) Information consumer may choose to provide directly, through service providers
+Characteristics of protected classifications under California or federal law (such as gender)  Information consumer may choose to provide directly
+Commercial information (such as about products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies)   Information consumer provides directly or automatically through their interaction with our Services
+Geolocation data (such as any information collected after giving users the opportunity to opt-in to location-based services, which rely upon a device’s precise location services. )   Information consumer provides automatically through their interaction with our Services
+Audio, electronic, visual, or similar information such as content and files uploaded to the Service.   Information consumer may choose to provide directly
+Professional or employment information Information consumer may choose to provide directly
+Inferences drawn from any of the information identified in this table to create a profile about a consumer reflecting the consumer’s preferences   Information consumer provides directly or automatically through their interaction with our Services
+
+We use the categories of personal information described above for the purposes listed in the “How GitHub uses your information” section of our Privacy Statement. We also disclose the categories of personal information listed above for business purposes. Please see the “How we share the information we collect” section of our Privacy Statement for additional details.
+
+We do not sell your personal information
+
+Under the CCPA, a business that sells California residents' personal information to others: 1) must give notice to California residents before selling their personal information to others; and 2) must provide the right to opt out of the sale of their personal information. GitHub does not sell personal information, including personal information of anyone under 16 years old.
+
+Your rights under the CCPA
+
+The CCPA provides California residents with certain rights related to their personal information. To submit a request based on these rights, please contact us via our contact form.
+
+When receiving a request, we will verify that the individual making the request is the resident to whom the personal information subject to the request pertains. California residents may exercise their rights themselves or may use an authorized agent, designated in writing or through a power of attorney, to make requests on their behalf. If you use an authorized agent to submit a request, we may require that you provide us additional information demonstrating that the agent is acting on your behalf, and we may need you to verify your identity directly with us. With respect to your personal information, California residents may exercise the rights described below.
+
+Right to Know.
+
+You have a right to request that we disclose to you the personal information we have collected about you. You also have a right to request additional information about our collection, use, disclosure, or sale of such personal information. Note that we have provided much of this information in this privacy statement. You can use GitHub’s User Migration API to access and download your data. Learn more here. You may also make such a “request to know” by contacting us here.
+
+Right to Request Deletion.
+
+You also have a right to request that we delete personal information under certain circumstances, subject to a number of exceptions. To make a request to delete, You can use GitHub’s User Migration API to access and download your data. Learn more here. You may also make such a “request to delete” by contacting us here.
+
+Right to Opt-Out.
+
+You have a right to opt-out from future “sales” of personal information. Note that we do not “sell” personal information as defined by the CCPA and have not done so in the past 12 months.
+
+Right to Non-Discrimination.
+
+You have a right to not be discriminated against for exercising your CCPA rights. We will not discriminate against you for exercising your CCPA rights.
+
+You may designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights under the CCPA. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf, and we may need you to verify your identity directly with us. Further, to provide or delete specific pieces of personal information we will need to verify your identity to the degree of certainty required by law. We will verify your request by asking you to submit the request from the email address associated with your account or requiring you to provide information necessary to verify your account. Please note that you may use two-factor authentication with your GitHub account.
+Finally, you have a right to receive notice of our practices at or before collection of personal information.
+
+Additionally, under California Civil Code section 1798.83, also known as the “Shine the Light” law, California residents who have provided personal information to a business with which the individual has established a business relationship for personal, family, or household purposes (“California Customers”) may request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes. Please be aware that we do not disclose personal information to any third parties for their direct marketing purposes as defined by this law. California Customers may request further information about our compliance with this law by emailing (privacy [at] github [dot] com). Please note that businesses are required to respond to one request per California Customer each year and may not be required to respond to requests made by means other than through the designated email address.
+
+California residents under the age of 18 who are registered users of online sites, services, or applications have a right under California Business and Professions Code Section 22581 to remove, or request and obtain removal of, content or information they have publicly posted. To remove content or information you have publicly posted, please submit a Private Information Removal request. Alternatively, to request that we remove such content or information, please send a detailed description of the specific content or information you wish to have removed to GitHub support. Please be aware that your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances. If you have any questions about our privacy practices with respect to California residents, please contact us via our contact form.
\ No newline at end of file
milonmaze commented 2 years ago

808385a3be6fc115f3ed2649a021345494688cba: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2022-06-13

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index eb95b04..49ce2f3 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -198,7 +198,7 @@ We retain and use your information as described in this Privacy Statement, but b

 If GitHub processes Personal Data other than your profile information, such as information about you GitHub receives from third parties, then you may, subject to applicable law, access, update, alter, delete, object to or restrict the processing of your Personal Data by contacting GitHub Support or GitHub Premium Support.

-You can adjust the settings on your Account regarding the display of your Personal Data in private or public repositories or Personal Data processed in connection with Community Features (such as the GitHub Feed, the GitHub Globe, GitHub Explore, the GitHub Discussion Leaderboard) through profile settings.
+You can adjust the settings on your Account regarding the display of your Personal Data in private or public repositories or Personal Data processed in connection with Community Features (such as GitHub Feed, GitHub Sponsors, and GitHub Explore) through profile settings.

 Additionally, if you are unable to access certain Personal Data we have via the means described above, you can request access by contacting us as described at the bottom of this privacy statement.
milonmaze commented 2 years ago

4a4b27c44cdd32ca0891be80a3bf2fb23d9032e6: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2022-07-17

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 49ce2f3..ffd4be9 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -11,7 +11,7 @@ How GitHub uses your information
 How we share the information we collect
 Your choices regarding our processing of your personal data
 Our use of cookies and tracking technologies
-Retention of Personal Data
+Retention of personal data
 How GitHub secures your information
 Changes to our Privacy Statement
 License
@@ -33,13 +33,13 @@ To see our Privacy Notice to residents of California, please go to GitHub's Noti

 Summary
 Section    What can you find there?
-Who is responsible for the processing of your information  Subject to limited exceptions, GitHub is the controller and entity responsible for the processing of your Personal Data in connection with the Website or Service.
-What information GitHub collects   GitHub collects information directly from you for your registration, payment, transactions, and user profile. We also automatically collect from you your usage information, cookies, and device information, subject, where necessary, to your consent. GitHub may also collect Personal Data from third parties. We only collect the minimum amount of Personal Data necessary from you, unless you choose to provide more.
+Who is responsible for the processing of your information  Subject to limited exceptions, GitHub is the controller and entity responsible for the processing of your personal data in connection with the Website or Service.
+What information GitHub collects   GitHub collects information directly from you for your registration, payment, transactions, and user profile. We also automatically collect from you your usage information, cookies, and device information, subject, where necessary, to your consent. GitHub may also collect personal data from third parties. We only collect the minimum amount of personal data necessary from you, unless you choose to provide more.
 How GitHub uses your information   In this section, we describe the ways in which we use your information, including to provide you the Service, to communicate with you, for security and compliance purposes, and to improve our Website or Service or develop new features and functionality of our Website or Service. We also describe the legal basis upon which we process your information, where legally required.
 How we share the information we collect    We may share your information with third parties under one of the following circumstances: with your consent, with our service providers, for security purposes, to comply with our legal obligations, or when there is a change of control or sale of corporate entities or business units. We do not sell your personal information and we do not host advertising on GitHub.
 Your choices regarding our processing of your personal data    We provide ways for you to access, alter, or delete your personal information.
 Cookies    We only use strictly necessary cookies to provide, secure, and improve our Website or Service or develop new features and functionality of our Website or Service. We offer a page that makes this very transparent. We do not send any information to third-party analytics services.
-How GitHub secures your information    We take all measures reasonably necessary to protect the confidentiality, integrity, and availability of your Personal Data on GitHub and to protect the resilience of our servers.
+How GitHub secures your information    We take all measures reasonably necessary to protect the confidentiality, integrity, and availability of your personal data on GitHub and to protect the resilience of our servers.
 Communication preferences  We communicate with you by email. You can control the way we contact you in your account settings, or by contacting us.
 Resolving complaints   In the unlikely event that we are unable to resolve a privacy concern quickly and thoroughly, we provide a path of dispute resolution.
 Changes to our Privacy Statement   We notify you of material changes to this Privacy Statement 30 days before any such changes become effective. You may also track changes in our Site Policy repository.
@@ -55,7 +55,7 @@ This privacy statement does not apply to personal data we process as a service p

 GitHub acting on your behalf

-In some cases, GitHub is acting only on your behalf for the personal data we collect and process in connection with our Service (for example, for the Personal Data added to a repository by the contributors to such repository). In such cases, GitHub will only process the data in order to provide the Service requested by you. Please note that subject to our Private Information Removal Policy contributors’ requests to remove Personal Data generally require notice to and action from the repository owner.
+In some cases, GitHub is acting only on your behalf for the personal data we collect and process in connection with our Service (for example, for the personal data added to a repository by the contributors to such repository). In such cases, GitHub will only process the data in order to provide the Service requested by you. Please note that subject to our Private Information Removal Policy contributors’ requests to remove personal data generally require notice to and action from the repository owner.

 What information GitHub collects

@@ -111,7 +111,7 @@ We infer new information from other data we collect, including using automated m

 Information we collect from third parties

-Other companies with whom you choose to engage. GitHub may collect Personal Data about you from third parties. For example, this may happen if you sign up for training or to receive information about GitHub from one of our vendors, partners, or affiliates. GitHub does not purchase Personal Data from third-party data brokers.
+Other companies with whom you choose to engage. GitHub may collect personal data about you from third parties. For example, this may happen if you sign up for training or to receive information about GitHub from one of our vendors, partners, or affiliates. GitHub does not purchase personal data from third-party data brokers.

 Service Providers. We may also receive information from processors or service providers who process the data on our behalf, such as our payment processor who process payment and billing information in connection with our Service.

@@ -121,7 +121,7 @@ Co-branding/marketing partners. We may receive information from partners with wh

 Publicly available sources. We may also obtain information from publicly available sources as GitHub repositories.

-When you are asked to provide Personal Data, you may decline. And you may use web browser or operating system controls to prevent certain types of automatic data collection. But if you choose not to provide or allow information that is necessary for certain services or features, those services or features may not be available or fully functional.
+When you are asked to provide personal data, you may decline. And you may use web browser or operating system controls to prevent certain types of automatic data collection. But if you choose not to provide or allow information that is necessary for certain services or features, those services or features may not be available or fully functional.

 How GitHub uses your information

@@ -139,7 +139,7 @@ We combine data we collect from different sources for these purposes and to give

 How we share the information we collect

-We share Personal Data with your consent or as necessary to complete your transactions or provide the services you have requested or authorized. In addition, we may share each of the categories of your Personal Data described above with the types of third parties described below for the following business purposes:
+We share personal data with your consent or as necessary to complete your transactions or provide the services you have requested or authorized. In addition, we may share each of the categories of your personal data described above with the types of third parties described below for the following business purposes:

 Public information

@@ -149,58 +149,58 @@ Please note that if you would like to compile GitHub data, you must comply with

 Third-party applications

-We share your Personal Data with third parties when you tell us to do so. For example, if you purchase an application listed on our Marketplace, we share your username to allow the application developer to provide you with services. Additionally, you may direct us through your actions on GitHub to share your Personal Data. For example, if you join an Organization, you indicate your willingness to provide the owner of the Organization with the ability to view your activity in the Organization’s access log.
+We share your personal data with third parties when you tell us to do so. For example, if you purchase an application listed on our Marketplace, we share your username to allow the application developer to provide you with services. Additionally, you may direct us through your actions on GitHub to share your personal data. For example, if you join an Organization, you indicate your willingness to provide the owner of the Organization with the ability to view your activity in the Organization’s access log.

-You can enable or add third-party applications, known as "Developer Products" to your Account. These Developer Products are not necessary for your use of GitHub. We will share your Personal Data with such third-party applications when you ask us to; however, you are responsible for your use of the third-party Developer Product and for the amount of Personal Data you choose to share with it. You can check our API documentation to see what information is provided when you authenticate into a Developer Product using your GitHub profile.
+You can enable or add third-party applications, known as "Developer Products" to your Account. These Developer Products are not necessary for your use of GitHub. We will share your personal data with such third-party applications when you ask us to; however, you are responsible for your use of the third-party Developer Product and for the amount of personal data you choose to share with it. You can check our API documentation to see what information is provided when you authenticate into a Developer Product using your GitHub profile.

 Organizations with which you engage

-You may indicate, through your actions on GitHub, that you are willing to share your Personal Data. If you collaborate on or become a member of an organization, then its Account owners may receive your Personal Data. When you accept an invitation to an organization, you will be notified of the types of information owners may be able to see (for more information, see About Organization Membership). Please contact the Account owners for more information about how they might process your Personal Data in their Organization and the ways for you to access, update, alter, or delete your Personal Data stored in the Account.
+You may indicate, through your actions on GitHub, that you are willing to share your personal data. If you collaborate on or become a member of an organization, then its Account owners may receive your personal data. When you accept an invitation to an organization, you will be notified of the types of information owners may be able to see (for more information, see About Organization Membership). Please contact the Account owners for more information about how they might process your personal data in their Organization and the ways for you to access, update, alter, or delete your personal data stored in the Account.

 Service providers

-We share your Personal Data with service providers who process the information on our behalf to provide or improve our Service. For example, our service providers may perform payment processing, customer support ticketing, network data transmission, security, and other similar services. While GitHub processes all Personal Data in the United States, our service providers may process data outside of the United States or the European Union. Such processing by service providers will be in compliance with applicable law including any relevant transfer mechanism.
+We share your personal data with service providers who process the information on our behalf to provide or improve our Service. For example, our service providers may perform payment processing, customer support ticketing, network data transmission, security, and other similar services. While GitHub processes all personal data in the United States, our service providers may process data outside of the United States or the European Union. Such processing by service providers will be in compliance with applicable law including any relevant transfer mechanism.

 Affiliates

-We enable access to Personal Data across our subsidiaries, affiliates, and related companies, for example, where we share common data systems or where access is needed to operate and provide the Service.
+We enable access to personal data across our subsidiaries, affiliates, and related companies, for example, where we share common data systems or where access is needed to operate and provide the Service.

 For security purposes

-We will disclose Personal Data if we believe it is necessary to:
+We will disclose personal data if we believe it is necessary to:

 protect our customers and others, for example to prevent spam or attempts to commit fraud, or to help prevent the loss of life or serious injury of anyone;
 operate and maintain the security of the Service, including to prevent or stop an attack on our systems or networks; or
 protect the rights or property or ourselves or others, including enforcing our agreements, terms, and policies.
 For legal disclosure

-GitHub may disclose Personal Data or other information we collect about you to law enforcement or other governmental agencies if required in response to a valid legal process. For more information about our disclosure in response to legal requests, see our Guidelines for Legal Requests of User Data.
+GitHub may disclose personal data or other information we collect about you to law enforcement or other governmental agencies if required in response to a valid legal process. For more information about our disclosure in response to legal requests, see our Guidelines for Legal Requests of User Data.

 Change in control or sale

-We may share your Personal Data if we are involved in a merger, sale, or acquisition of corporate entities or business units as described in this Privacy Statement.
+We may share your personal data if we are involved in a merger, sale, or acquisition of corporate entities or business units as described in this Privacy Statement.

-Please note that some of the features on our Service include integrations, references, or links to services provided by third parties whose privacy practices differ from ours. If you provide Personal Data to any of those third parties, or allow us to share Personal Data with them, that data is governed by their privacy statements.
+Please note that some of the features on our Service include integrations, references, or links to services provided by third parties whose privacy practices differ from ours. If you provide personal data to any of those third parties, or allow us to share personal data with them, that data is governed by their privacy statements.

 Finally, we may share de-identified information in accordance with applicable law.

-No Selling of Personal Data
+No selling of personal data

-We do not sell your Personal Data for monetary or other consideration as defined under California and Nevada state laws. You can learn more about the CCPA and how we comply with it here.
+We do not sell your personal data for monetary or other consideration as defined under California and Nevada state laws. You can learn more about the CCPA and how we comply with it here.

 Your choices regarding our processing of your personal data

-We provide choices about the Personal Data we collect about you. The choices you make will not apply to any Personal Data associated with an Organization under your Account.
+We provide choices about the personal data we collect about you. The choices you make will not apply to any personal data associated with an Organization under your Account.

 Access, correction, and deletion. If you're a GitHub user, you may access, update, alter, or delete your basic user profile information by editing your user profile or contacting GitHub Support or GitHub Premium Support. You can control the information we collect about you by limiting what information is in your profile, by keeping your information current, or by contacting GitHub Support or GitHub Premium Support.

-We retain and use your information as described in this Privacy Statement, but barring legal requirements, we will delete your full profile within 90 days of your request. After an account has been deleted, certain data, such as contributions to other Users' repositories and comments in others' issues, will remain. However, we will delete or de-identify your Personal Data, including your username and email address, from the author field of issues, pull requests, and comments by associating them with a ghost user. That said, the email address you have provided via your Git commit settings will always be associated with your commits in the Git system. If you choose to make your email address private, you should also update your Git commit settings. We are unable to change or delete data in the Git commit history — the Git software is designed to maintain a record — but we do enable you to control what information you put in that record.
+We retain and use your information as described in this Privacy Statement, but barring legal requirements, we will delete your full profile within 90 days of your request. After an account has been deleted, certain data, such as contributions to other Users' repositories and comments in others' issues, will remain. However, we will delete or de-identify your personal data, including your username and email address, from the author field of issues, pull requests, and comments by associating them with a ghost user. That said, the email address you have provided via your Git commit settings will always be associated with your commits in the Git system. If you choose to make your email address private, you should also update your Git commit settings. We are unable to change or delete data in the Git commit history — the Git software is designed to maintain a record — but we do enable you to control what information you put in that record.

-If GitHub processes Personal Data other than your profile information, such as information about you GitHub receives from third parties, then you may, subject to applicable law, access, update, alter, delete, object to or restrict the processing of your Personal Data by contacting GitHub Support or GitHub Premium Support.
+If GitHub processes personal data other than your profile information, such as information about you GitHub receives from third parties, then you may, subject to applicable law, access, update, alter, delete, object to or restrict the processing of your personal data by contacting GitHub Support or GitHub Premium Support.

-You can adjust the settings on your Account regarding the display of your Personal Data in private or public repositories or Personal Data processed in connection with Community Features (such as GitHub Feed, GitHub Sponsors, and GitHub Explore) through profile settings.
+You can adjust the settings on your Account regarding the display of your personal data in private or public repositories or personal data processed in connection with Community Features (such as GitHub Feed, GitHub Sponsors, and GitHub Explore) through profile settings.

-Additionally, if you are unable to access certain Personal Data we have via the means described above, you can request access by contacting us as described at the bottom of this privacy statement.
+Additionally, if you are unable to access certain personal data we have via the means described above, you can request access by contacting us as described at the bottom of this privacy statement.

 Data portability

@@ -218,13 +218,13 @@ Please note that you cannot opt out of receiving important communications from u

 European Data Protection Rights

-If the processing of Personal Data about you is subject to European Union data protection law, you have certain rights with respect to that data:
+If the processing of personal data about you is subject to European Union data protection law, you have certain rights with respect to that data:

-You can request access to, and rectification or erasure of, Personal Data; If any automated processing of Personal Data is based on your consent or a contract with you, you have a right to transfer or receive a copy of the Personal Data in a usable and portable format; If the processing of Personal Data is based on your consent, you can withdraw consent at any time for future processing; You can to object to, or obtain a restriction of, the processing of Personal Data under certain circumstances; and For residents of France, you can send us specific instructions regarding the use of your data after your death.
+You can request access to, and rectification or erasure of, personal data; If any automated processing of personal data is based on your consent or a contract with you, you have a right to transfer or receive a copy of the personal data in a usable and portable format; If the processing of personal data is based on your consent, you can withdraw consent at any time for future processing; You can to object to, or obtain a restriction of, the processing of personal data under certain circumstances; and For residents of France, you can send us specific instructions regarding the use of your data after your death.

 To make such requests, please use the contact information at the bottom of this statement. When we are processing data on behalf of another party (i.e., where GitHub is acting as a data processor) you should direct your request to that party. You also have the right to lodge a complaint with a supervisory authority, but we encourage you to first contact us with any questions or concerns.

-We rely on different lawful bases for collecting and processing Personal Data about you, for example, with your consent and/or as necessary to provide the services you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfill other legitimate interests.
+We rely on different lawful bases for collecting and processing personal data about you, for example, with your consent and/or as necessary to provide the services you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfill other legitimate interests.

 Our use of cookies and tracking technologies
 Cookies and tracking technologies
@@ -237,13 +237,13 @@ DNT

 "Do Not Track" (DNT) is a privacy preference you can set in your browser if you do not want online services to collect and share certain kinds of information about your online activity from third party tracking services. GitHub responds to browser DNT signals and follows the W3C standard for responding to DNT signals. If you would like to set your browser to signal that you would not like to be tracked, please check your browser's documentation for how to enable that signal. There are also good applications that block online tracking, such as Privacy Badger.

-Retention of Personal Data
+Retention of personal data

-We retain Personal Data for as long as necessary to provide the services and fulfill the transactions you have requested, comply with our legal obligations, resolve disputes, enforce our agreements, and other legitimate and lawful business purposes. Because these needs can vary for different data types in the context of different services, actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the data, the availability of automated controls that enable users to delete data, and our legal or contractual obligations. For example, we may retain your Personal Data for longer periods, where necessary, subject to applicable law, for security purposes.
+We retain personal data for as long as necessary to provide the services and fulfill the transactions you have requested, comply with our legal obligations, resolve disputes, enforce our agreements, and other legitimate and lawful business purposes. Because these needs can vary for different data types in the context of different services, actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the data, the availability of automated controls that enable users to delete data, and our legal or contractual obligations. For example, we may retain your personal data for longer periods, where necessary, subject to applicable law, for security purposes.

 How GitHub secures your information

-GitHub takes reasonable measures necessary to protect your Personal Data from unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of your Personal Data. To help us protect personal data, we request that you use a strong password and never share your password with anyone or use the same password with other sites or accounts.
+GitHub takes reasonable measures necessary to protect your personal data from unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of your personal data. To help us protect personal data, we request that you use a strong password and never share your password with anyone or use the same password with other sites or accounts.

 In addition, if your account has private repositories, you control the access to that Content. GitHub personnel does not access private repository content except for

@@ -258,11 +258,11 @@ Github will provide notice regarding private repository access where not prohibi

 Cross-border data transfers

-GitHub processes Personal Data both inside and outside of the United States and relies on legal mechanisms such as Standard Contractual Clauses to lawfully transfer data from the European Economic Area, the United Kingdom, and Switzerland to the United States. You may request a copy of the Standard Contractual Clauses using the contact details provided in the section entitled “Contacting GitHub” below.
+GitHub processes personal data both inside and outside of the United States and relies on legal mechanisms such as Standard Contractual Clauses to lawfully transfer data from the European Economic Area, the United Kingdom, and Switzerland to the United States. You may request a copy of the Standard Contractual Clauses using the contact details provided in the section entitled “Contacting GitHub” below.

 Resolving complaints

-If you have concerns about the way GitHub is handling your Personal Data, please let us know immediately. We want to help. You may contact us by filling out the Privacy contact form. You may also email us directly at (privacy [at] github [dot] com) with the subject line "Privacy Concerns." We will respond promptly — within 45 days at the latest.
+If you have concerns about the way GitHub is handling your personal data, please let us know immediately. We want to help. You may contact us by filling out the Privacy contact form. You may also email us directly at (privacy [at] github [dot] com) with the subject line "Privacy Concerns." We will respond promptly — within 45 days at the latest.

 You may also contact our Data Protection Officer directly.
milonmaze commented 2 years ago

60f5f25be02c6a3f1c139889c9f37eb2fdb6823e: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2022-08-12

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index ffd4be9..2c023d7 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -1,23 +1,6 @@
 Skip to main content
 GitHub Privacy Statement
 In this article
-The short version
-Summary
-GitHub Privacy Statement
-Who is responsible for the processing of your information?
-GitHub acting on your behalf
-What information GitHub collects
-How GitHub uses your information
-How we share the information we collect
-Your choices regarding our processing of your personal data
-Our use of cookies and tracking technologies
-Retention of personal data
-How GitHub secures your information
-Changes to our Privacy Statement
-License
-Contacting GitHub
-Translations
-GitHub's notice to California residents

 Effective date: May 31, 2022
milonmaze commented 2 years ago

5756e7508965641b6b6bdab46656a10c06f667ec: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2022-08-19

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 2c023d7..ffd4be9 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -1,6 +1,23 @@
 Skip to main content
 GitHub Privacy Statement
 In this article
+The short version
+Summary
+GitHub Privacy Statement
+Who is responsible for the processing of your information?
+GitHub acting on your behalf
+What information GitHub collects
+How GitHub uses your information
+How we share the information we collect
+Your choices regarding our processing of your personal data
+Our use of cookies and tracking technologies
+Retention of personal data
+How GitHub secures your information
+Changes to our Privacy Statement
+License
+Contacting GitHub
+Translations
+GitHub's notice to California residents

 Effective date: May 31, 2022
milonmaze commented 2 years ago

5f3593145b66ecc74c694d4c40a4afcbdc76c311: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2022-08-26

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index ffd4be9..2c023d7 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -1,23 +1,6 @@
 Skip to main content
 GitHub Privacy Statement
 In this article
-The short version
-Summary
-GitHub Privacy Statement
-Who is responsible for the processing of your information?
-GitHub acting on your behalf
-What information GitHub collects
-How GitHub uses your information
-How we share the information we collect
-Your choices regarding our processing of your personal data
-Our use of cookies and tracking technologies
-Retention of personal data
-How GitHub secures your information
-Changes to our Privacy Statement
-License
-Contacting GitHub
-Translations
-GitHub's notice to California residents

 Effective date: May 31, 2022
milonmaze commented 2 years ago

2a01b0de97ee98e08d7e31e5772e224b3d4ba3b8: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2022-09-02

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 2c023d7..803a2f2 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -2,7 +2,7 @@ Skip to main content
 GitHub Privacy Statement
 In this article

-Effective date: May 31, 2022
+Effective date: September 1, 2022

 Thanks for entrusting GitHub Inc. or GitHub B.V. (“GitHub”, “we”, "us" or "our") with your source code, your projects, and your personal data. This Privacy Statement explains our practices regarding the collection, use, and disclosure of your data, including any personal data we collect and process in connection with our website and any applications, software, products, and services provided by GitHub, including any Beta Previews (collectively “Service”).

@@ -10,18 +10,22 @@ All capitalized terms have their definition in GitHub’s Terms of Service, unle

 The short version

-We use your personal information as this Privacy Statement describes. No matter where you are, where you live, or what your citizenship is, we provide the same high standard of privacy protection to all our users around the world, regardless of their country of origin or location.
+We use your personal information as this Privacy Statement describes. No matter where you are, where you live, or what your citizenship is, you have the same high standard of privacy protection when using GitHub's products as all our users around the world, regardless of their country of origin or location.

 To see our Privacy Notice to residents of California, please go to GitHub's Notice about the California Consumer Privacy Act or scroll down.

 Summary
 Section    What can you find there?
-Who is responsible for the processing of your information  Subject to limited exceptions, GitHub is the controller and entity responsible for the processing of your personal data in connection with the Website or Service.
+Who is responsible for the processing of your information  Subject to limited exceptions, GitHub is the controller and entity responsible for the processing of your personal data in connection with the Website or Service if you are in North America. For individuals outside North America the data controller is GitHub B.V.
 What information GitHub collects   GitHub collects information directly from you for your registration, payment, transactions, and user profile. We also automatically collect from you your usage information, cookies, and device information, subject, where necessary, to your consent. GitHub may also collect personal data from third parties. We only collect the minimum amount of personal data necessary from you, unless you choose to provide more.
 How GitHub uses your information   In this section, we describe the ways in which we use your information, including to provide you the Service, to communicate with you, for security and compliance purposes, and to improve our Website or Service or develop new features and functionality of our Website or Service. We also describe the legal basis upon which we process your information, where legally required.
 How we share the information we collect    We may share your information with third parties under one of the following circumstances: with your consent, with our service providers, for security purposes, to comply with our legal obligations, or when there is a change of control or sale of corporate entities or business units. We do not sell your personal information and we do not host advertising on GitHub.
 Your choices regarding our processing of your personal data    We provide ways for you to access, alter, or delete your personal information.
-Cookies    We only use strictly necessary cookies to provide, secure, and improve our Website or Service or develop new features and functionality of our Website or Service. We offer a page that makes this very transparent. We do not send any information to third-party analytics services.
+Cookies    Except for cookies used on our Enterprise Marketing Pages, we only use strictly necessary cookies to provide, secure, and improve our Website or Service or develop new features and functionality of our Website or Service.
+
+As described below, we may use non-essential cookies on certain pages of our website to support our enterprise marketing efforts and market our products and services to enterprise customers, for example on resources.github.com (collectively “Enterprise Marketing Pages”).
+
+We offer a page that makes all uses of cookies very transparent.
 How GitHub secures your information    We take all measures reasonably necessary to protect the confidentiality, integrity, and availability of your personal data on GitHub and to protect the resilience of our servers.
 Communication preferences  We communicate with you by email. You can control the way we contact you in your account settings, or by contacting us.
 Resolving complaints   In the unlikely event that we are unable to resolve a privacy concern quickly and thoroughly, we provide a path of dispute resolution.
@@ -116,13 +120,14 @@ Improve and develop our products and services including to develop new services
 Personalization of our Service by understanding you and your preferences to enhance your experience and enjoyment using our Service.
 Provide customer support and respond to your questions.
 Deliver promotional communications with you about new services, features, offers, promotions, and other information about our Service.
+Personalize and measure the effectiveness of enterprise business ads, promotional communications or marketing you receive related to the Enterprise Marketing Pages.
 Send you information, including confirmations, invoices, technical notices, updates, security alerts, support and administrative messages.

 We combine data we collect from different sources for these purposes and to give you a more seamless, consistent, and personalized experience.

 How we share the information we collect

-We share personal data with your consent or as necessary to complete your transactions or provide the services you have requested or authorized. In addition, we may share each of the categories of your personal data described above with the types of third parties described below for the following business purposes:
+We share personal data as described below, including with your consent or as necessary to complete your transactions or provide the services you have requested or authorized. In addition, we may share each of the categories of your personal data described above with the types of third parties described below for the following business purposes:

 Public information

@@ -142,11 +147,11 @@ You may indicate, through your actions on GitHub, that you are willing to share

 Service providers

-We share your personal data with service providers who process the information on our behalf to provide or improve our Service. For example, our service providers may perform payment processing, customer support ticketing, network data transmission, security, and other similar services. While GitHub processes all personal data in the United States, our service providers may process data outside of the United States or the European Union. Such processing by service providers will be in compliance with applicable law including any relevant transfer mechanism.
+We share your personal data with service providers who process the information on our behalf to provide or improve our Service. For example, our service providers may perform payment processing, customer support ticketing, network data transmission, web analytics, marketing operations, security, and other similar services. While GitHub processes all personal data in the United States, our service providers may process data outside of the United States or the European Union. Such processing by service providers will be in compliance with applicable law including any relevant transfer mechanism.

 Affiliates

-We enable access to personal data across our subsidiaries, affiliates, and related companies, for example, where we share common data systems or where access is needed to operate and provide the Service.
+We enable access to personal data across our subsidiaries, affiliates, and related companies, for example, where we share common data systems, when affiliates provide services on our behalf, or where access is needed to operate and provide the Service.

 For security purposes

@@ -175,7 +180,7 @@ Your choices regarding our processing of your personal data

 We provide choices about the personal data we collect about you. The choices you make will not apply to any personal data associated with an Organization under your Account.

-Access, correction, and deletion. If you're a GitHub user, you may access, update, alter, or delete your basic user profile information by editing your user profile or contacting GitHub Support or GitHub Premium Support. You can control the information we collect about you by limiting what information is in your profile, by keeping your information current, or by contacting GitHub Support or GitHub Premium Support.
+Access, correction, and deletion. If you're a GitHub user, you may access, update, alter, or delete your basic user profile information by editing your user profile or contacting GitHub Support or GitHub Premium Support. You can control the information we collect about you by limiting what information is in your profile, by keeping your information current, by changing your cookie preferences, or by contacting GitHub Support or GitHub Premium Support.

 We retain and use your information as described in this Privacy Statement, but barring legal requirements, we will delete your full profile within 90 days of your request. After an account has been deleted, certain data, such as contributions to other Users' repositories and comments in others' issues, will remain. However, we will delete or de-identify your personal data, including your username and email address, from the author field of issues, pull requests, and comments by associating them with a ghost user. That said, the email address you have provided via your Git commit settings will always be associated with your commits in the Git system. If you choose to make your email address private, you should also update your Git commit settings. We are unable to change or delete data in the Git commit history — the Git software is designed to maintain a record — but we do enable you to control what information you put in that record.

@@ -212,13 +217,63 @@ We rely on different lawful bases for collecting and processing personal data ab
 Our use of cookies and tracking technologies
 Cookies and tracking technologies

-GitHub uses cookies to provide, secure and improve our Service or to develop new features and functionality of our Service. For example, we use them to keep you logged in, remember your preferences, identify your device for security purposes, compile statistical reports, and provide information for future development of GitHub. We use our own cookies and do not use any third-party service providers in this context. If you disable your browser or device’s ability to accept these cookies, you will not be able to log in or use our Service. We provide more information about cookies on GitHub on our GitHub Subprocessors and Cookies page that describes the cookies we set, the needs we have for those cookies, and the expiration of such cookies.
+GitHub uses cookies to provide, secure and improve our Service or to develop new features and functionality of our Service. For example, we use them to (i) keep you logged in, (ii) remember your preferences, (iii) identify your device for security and fraud purposes, including as needed to maintain the integrity of our Service, (iv) compile statistical reports, and (v) provide information and insight for future development of GitHub. We provide more information about cookies on GitHub that describes the cookies we set, the needs we have for those cookies, and the expiration of such cookies.
+
+For Enterprise Marketing Pages, we may also use non-essential cookies to (i) gather information about enterprise users’ interests and online activities to personalize their experiences, including by making the ads, content, recommendations, and marketing seen or received more relevant and (ii) serve and measure the effectiveness of targeted advertising and other marketing efforts. If you disable the non-essential cookies on the Enterprise Marketing Pages, the ads, content, and marketing you see may be less relevant.

 Our emails to users may contain a pixel tag, which is a small, clear image that can tell us whether or not you have opened an email and what your IP address is. We use this pixel tag to make our email communications more effective and to make sure we are not sending you unwanted email.

-DNT
+The length of time a cookie will stay on your browser or device depends on whether it is a “persistent” or “session” cookie. Session cookies will only stay on your device until you stop browsing. Persistent cookies stay until they expire or are deleted. The expiration time or retention period applicable to persistent cookies depends on the purpose of the cookie collection and tool used. You may be able to delete cookie data as described here.
+
+What are cookies and similar technologies?
+
+We use cookies and similar technologies, such as web beacons, local storage, and mobile analytics, to operate and provide our Services. When visiting Enterprise Marketing Pages, like resources.github.com, these and additional cookies, like advertising IDs, may be used for sales and marketing purposes.
+
+Cookies are small text files stored by your browser on your device. A cookie can later be read when your browser connects to a web server in the same domain that placed the cookie. The text in a cookie contains a string of numbers and letters that may uniquely identify your device and can contain other information as well. This allows the web server to recognize your browser over time, each time it connects to that web server.
+
+Web beacons are electronic images (also called “single-pixel” or “clear GIFs”) that are contained within a website or email. When your browser opens a webpage or email that contains a web beacon, it automatically connects to the web server that hosts the image (typically operated by a third party). This allows that web server to log information about your device and to set and read its own cookies. In the same way, third-party content on our websites (such as embedded videos, plug-ins, or ads) results in your browser connecting to the third-party web server that hosts that content.
+
+Mobile identifiers for analytics can be accessed and used by apps on mobile devices in much the same way that websites access and use cookies. When visiting Enterprise Marketing pages, like resources.github.com, on a mobile device these may allow us and our third-party analytics and advertising partners to collect data for sales and marketing purposes.
+
+We may also use so-called “flash cookies” (also known as “Local Shared Objects” or “LSOs”) to collect and store information about your use of our Services. Flash cookies are commonly used for advertisements and videos.
+
+How do we and our partners use cookies and similar technologies?
+
+The GitHub Services use cookies and similar technologies for a variety of purposes, including to store your preferences and settings, enable you to sign-in, analyze how our Services perform, track your interaction with the Services, develop inferences, combat fraud, and fulfill other legitimate purposes. Some of these cookies and technologies may be provided by third parties, including service providers and advertising partners. For example, our analytics and advertising partners may use these technologies in our Services to collect personal information (such as the pages you visit, the links you click on, and similar usage information, identifiers, and device information) related to your online activities over time and across Services for various purposes, including targeted advertising. GitHub will place non-essential cookies on pages where we market products and services to enterprise customers, for example, on resources.github.com.
+
+We and/or our partners also share the information we collect or infer with third parties for these purposes.

-"Do Not Track" (DNT) is a privacy preference you can set in your browser if you do not want online services to collect and share certain kinds of information about your online activity from third party tracking services. GitHub responds to browser DNT signals and follows the W3C standard for responding to DNT signals. If you would like to set your browser to signal that you would not like to be tracked, please check your browser's documentation for how to enable that signal. There are also good applications that block online tracking, such as Privacy Badger.
+The table below provides additional information about how we use different types of cookies:
+
+Purpose    Description
+Required Cookies   GitHub uses required cookies to perform essential website functions and to provide the services. For example, cookies are used to log you in, save your language preferences, provide a shopping cart experience, improve performance, route traffic between web servers, detect the size of your screen, determine page load times, improve user experience, and for audience measurement. These cookies are necessary for our websites to work.
+Analytics  We allow third parties to use analytics cookies to understand how you use our websites so we can make them better. For example, cookies are used to gather information about the pages you visit and how many clicks you need to accomplish a task. We also use some analytics cookies to provide personalized advertising.
+Social Media   GitHub and third parties use social media cookies to show you ads and content based on your social media profiles and activity on GitHub’s websites. This ensures that the ads and content you see on our websites and on social media will better reflect your interests. This also enables third parties to develop and improve their products, which they may use on websites that are not owned or operated by GitHub.
+Advertising    In addition, GitHub and third parties use advertising cookies to show you new ads based on ads you've already seen. Cookies also track which ads you click or purchases you make after clicking an ad. This is done both for payment purposes and to show you ads that are more relevant to you. For example, cookies are used to detect when you click an ad and to show you ads based on your social media interests and website browsing history.
+What are your cookie choices and controls?
+
+You have several options to disable non-essential cookies:
+
+Specifically on GitHub Enterprise Marketing Pages
+
+Any GitHub page that serves non-essential cookies will have a link in the page’s footer to cookie settings. You can express your preferences at any time by clicking on that linking and updating your settings.
+
+Some users will also be able to manage non-essential cookies via a cookie consent banner, including the options to accept, manage, and reject all non-essential cookies.
+
+Generally for all websites
+
+You can control the cookies you encounter on the web using a variety of widely-available tools. For example:
+
+If your browser sends a Do Not Track (DNT) signal, GitHub will not set non-essential cookies and will not load third party resources which set non-essential cookies.
+Many browsers provide cookie controls which may limit the types of cookies you encounter online. Check out the documentation for your browser to learn more.
+If you enable a browser extension designed to block tracking, such as Privacy Badger, non-essential cookies set by a website or third parties may be disabled.
+If you enable a browser extension designed to block unwanted content, such as uBlock Origin, non-essential cookies will be disabled to the extent that content that sets non-essential cookies will be blocked.
+Advertising controls. Our advertising partners may participate in associations that provide simple ways to opt out of ad targeting, which you can access at:
+United States: NAI and DAA
+Canada: Digital Advertising Alliance of Canada
+Europe: European Digital Advertising Alliance
+
+These choices are specific to the browser you are using. If you access our Services from other devices or browsers, take these actions from those systems to ensure your choices apply to the data collected when you use those systems.

 Retention of personal data

@@ -247,14 +302,24 @@ Resolving complaints

 If you have concerns about the way GitHub is handling your personal data, please let us know immediately. We want to help. You may contact us by filling out the Privacy contact form. You may also email us directly at (privacy [at] github [dot] com) with the subject line "Privacy Concerns." We will respond promptly — within 45 days at the latest.

-You may also contact our Data Protection Officer directly.
+You may also contact our Data Protection Officer directly at at github [at]dp-officer [dot] com
+
+If you are in North America:
+GitHub Data Protection Officer
+88 Colin P. Kelly Jr. St.
+San Francisco, CA 94107
+United States
+privacy [at] github [dot] com
+
+
+If you are outside of North America:
+Github Data Protection Officer
+c/o DP Dock DPO Services GmbH,
+Attn: GitHub BV, Gut Projensdorf,
+24161 Altenholz, Germany
+github@dp-officer.com cc: privacy [at] github [dot] com
+CC: GitHub BV, Vijzelstraat 68-72, 1017 HL Amsterdam, The Netherlands

-Our United States HQ   Our EU Office
-GitHub Data Protection Officer GitHub BV
-88 Colin P. Kelly Jr. St.  Vijzelstraat 68-72
-San Francisco, CA 94107    1017 HL Amsterdam
-United States  The Netherlands
-privacy [at] github [dot] com  privacy [at] github [dot] com
 Dispute resolution process

 In the unlikely event that a dispute arises between you and GitHub regarding our handling of your User Personal Information, we will do our best to resolve it. Additionally, if you are a resident of an EU member state, you have the right to file a complaint with your local supervisory authority, and you might have more options.
milonmaze commented 2 years ago

0d648ca83bfd3eeb2929f7d8fd0af95eae99c1b6: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2022-10-05

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 803a2f2e..86afc729 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -380,11 +380,11 @@ When receiving a request, we will verify that the individual making the request

 Right to Know.

-You have a right to request that we disclose to you the personal information we have collected about you. You also have a right to request additional information about our collection, use, disclosure, or sale of such personal information. Note that we have provided much of this information in this privacy statement. You can use GitHub’s User Migration API to access and download your data. Learn more here. You may also make such a “request to know” by contacting us here.
+You have a right to request that we disclose to you the personal information we have collected about you. You also have a right to request additional information about our collection, use, disclosure, or sale of such personal information. Note that we have provided much of this information in this privacy statement. You can use GitHub’s User Migration tool to access and download your data. Learn more here. You may also make such a “request to know” by contacting us here.

 Right to Request Deletion.

-You also have a right to request that we delete personal information under certain circumstances, subject to a number of exceptions. To make a request to delete, You can use GitHub’s User Migration API to access and download your data. Learn more here. You may also make such a “request to delete” by contacting us here.
+You also have a right to request that we delete personal information under certain circumstances, subject to a number of exceptions. To make a request to delete, you can contact us here or use the account settings here.

 Right to Opt-Out.
milonmaze commented 2 years ago

fc638fa2f2aff52c5cd2f8f5607ab06bec86b238: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2022-10-26

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 86afc72..87bcc01 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -292,7 +292,7 @@ to maintain the integrity of the Service
 to comply with our legal obligations if we have reason to believe the contents are in violation of the law,
 or with your consent.

-Github will provide notice regarding private repository access where not prohibited by law or if in response to a security threat or other risk to security.
+GitHub will provide notice regarding private repository access where not prohibited by law or if in response to a security threat or other risk to security.

 Cross-border data transfers

@@ -313,7 +313,7 @@ privacy [at] github [dot] com

 If you are outside of North America:
-Github Data Protection Officer
+GitHub Data Protection Officer
 c/o DP Dock DPO Services GmbH,
 Attn: GitHub BV, Gut Projensdorf,
 24161 Altenholz, Germany
milonmaze commented 1 year ago

35fa98bc155ac6abb0e3a78cace11f14ef308071: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2022-11-27

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 87bcc01..e9416f0 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -296,7 +296,7 @@ GitHub will provide notice regarding private repository access where not prohibi

 Cross-border data transfers

-GitHub processes personal data both inside and outside of the United States and relies on legal mechanisms such as Standard Contractual Clauses to lawfully transfer data from the European Economic Area, the United Kingdom, and Switzerland to the United States. You may request a copy of the Standard Contractual Clauses using the contact details provided in the section entitled “Contacting GitHub” below.
+GitHub processes personal data both inside and outside of the United States. To lawfully transfer data from the European Economic Area, the United Kingdom, and Switzerland to the United States, it relies on adequate protection as decided by the European Commission in accordance with Art. 45 GDPR or appropriate safeguards in accordance with Art. 46 GDPR, such as Standard Contractual Clauses as well as supplementary measures such as encryption at rest and in transit.

 Resolving complaints
milonmaze commented 1 year ago

d3b60382f4e5daea9442d7a4fd7dc5e856e6b41c: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2022-12-16

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index e9416f09..bc09251b 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -2,9 +2,9 @@ Skip to main content
 GitHub Privacy Statement
 In this article

-Effective date: September 1, 2022
+Effective date: December 15, 2022

-Thanks for entrusting GitHub Inc. or GitHub B.V. (“GitHub”, “we”, "us" or "our") with your source code, your projects, and your personal data. This Privacy Statement explains our practices regarding the collection, use, and disclosure of your data, including any personal data we collect and process in connection with our website and any applications, software, products, and services provided by GitHub, including any Beta Previews (collectively “Service”).
+Thanks for entrusting GitHub, Inc. or GitHub B.V. (“GitHub”, “we”, "us" or "our") with your source code, your projects, and your personal data. This Privacy Statement explains our practices regarding the collection, use, and disclosure of your data, including any personal data we collect and process in connection with our website and any applications, software, products, and services provided by GitHub, including any Beta Previews (collectively, the “Service(s)”).

 All capitalized terms have their definition in GitHub’s Terms of Service, unless otherwise noted here.

@@ -12,16 +12,16 @@ The short version

 We use your personal information as this Privacy Statement describes. No matter where you are, where you live, or what your citizenship is, you have the same high standard of privacy protection when using GitHub's products as all our users around the world, regardless of their country of origin or location.

-To see our Privacy Notice to residents of California, please go to GitHub's Notice about the California Consumer Privacy Act or scroll down.
+To see our Privacy Notice for U.S. Residents, please go to GitHub's Notice about U.S. State Data Privacy or scroll down.

 Summary
 Section    What can you find there?
 Who is responsible for the processing of your information  Subject to limited exceptions, GitHub is the controller and entity responsible for the processing of your personal data in connection with the Website or Service if you are in North America. For individuals outside North America the data controller is GitHub B.V.
-What information GitHub collects   GitHub collects information directly from you for your registration, payment, transactions, and user profile. We also automatically collect from you your usage information, cookies, and device information, subject, where necessary, to your consent. GitHub may also collect personal data from third parties. We only collect the minimum amount of personal data necessary from you, unless you choose to provide more.
+What information GitHub collects   GitHub collects information directly from you for your registration, payment, transactions, and user profile. We also automatically collect from you your usage information, cookies, and device information, subject, where necessary, to your consent. GitHub may also collect personal data from third parties. We only collect the minimum amount of personal data necessary to provide innovative services and personalized experiences, unless you choose to provide more.
 How GitHub uses your information   In this section, we describe the ways in which we use your information, including to provide you the Service, to communicate with you, for security and compliance purposes, and to improve our Website or Service or develop new features and functionality of our Website or Service. We also describe the legal basis upon which we process your information, where legally required.
-How we share the information we collect    We may share your information with third parties under one of the following circumstances: with your consent, with our service providers, for security purposes, to comply with our legal obligations, or when there is a change of control or sale of corporate entities or business units. We do not sell your personal information and we do not host advertising on GitHub.
+How we share the information we collect    We may share your information with third parties under one of the following circumstances: with your consent, with our service providers, for security purposes, to comply with our legal obligations, or when there is a change of control or sale of corporate entities or business units. We do not sell your personal information and we do not display advertising on GitHub.
 Your choices regarding our processing of your personal data    We provide ways for you to access, alter, or delete your personal information.
-Cookies    Except for cookies used on our Enterprise Marketing Pages, we only use strictly necessary cookies to provide, secure, and improve our Website or Service or develop new features and functionality of our Website or Service.
+Cookies and tracking technologies  Except for some of the cookies used on our Enterprise Marketing Pages, we only use strictly necessary cookies to provide, secure, and improve our Website or Service or develop new features and functionality of our Website or Service.

 As described below, we may use non-essential cookies on certain pages of our website to support our enterprise marketing efforts and market our products and services to enterprise customers, for example on resources.github.com (collectively “Enterprise Marketing Pages”).

@@ -38,11 +38,11 @@ Who is responsible for the processing of your information?

 The data controller of your personal data is GitHub, Inc. For individuals outside North America, the data controller is GitHub B.V.

-This privacy statement does not apply to personal data we process as a service provider or data processor on behalf of our enterprise customers. Our data processing activities as service processor or data processor is governed by our Data Protection Agreement. If you are a consumer end-user of one of those organizations, you should read that organization’s privacy statement and direct any privacy inquiries to that organization.
+This privacy statement does not apply to personal data we process as a service provider or data processor on behalf of our enterprise customers. Our data processing activities as service provider or data processor is governed by our Data Protection Agreement. If you are an end-user of one of those organizations, such as an employee or student, you should read that organization’s privacy statement and direct any privacy inquiries to that organization.

 GitHub acting on your behalf

-In some cases, GitHub is acting only on your behalf for the personal data we collect and process in connection with our Service (for example, for the personal data added to a repository by the contributors to such repository). In such cases, GitHub will only process the data in order to provide the Service requested by you. Please note that subject to our Private Information Removal Policy contributors’ requests to remove personal data generally require notice to and action from the repository owner.
+In some cases, GitHub is acting only on your behalf for the personal data we collect and process in connection with our Service (for example, for the personal data added to a repository by the contributors to such repository). In such cases, GitHub will only process the data in order to provide, protect, and improve Service. Please note that subject to our Private Information Removal Policy contributors’ requests to remove personal data generally require notice to and action from the repository owner.

 What information GitHub collects

@@ -54,7 +54,7 @@ We collect personal data you provide to us. For example:

 Registration information

-We collect information such as your username, email address, and password during account creation.
+We collect information such as your name and contact data, including username and email address, and credentials such as your password, during account creation.

 Demographic information

@@ -66,27 +66,23 @@ If you make a purchase or other financial transaction, we collect credit card nu

 Content and files

-We collect any photographs, documents, or other files you upload to our Service; and if you send us email messages or other communications, we collect and retain those communications. For example, you may choose to give us more information for your Account profile, such as your full name, an avatar which may include a photograph, your biography, your location, your company, and a URL to a third-party website. Please note that your profile information may be visible to other Users of our Service.
+We collect any code, text, photographs, documents, or other files, including videos or recordings, you upload to our Service; and if you send us email messages or other communications, we collect and retain those communications. For example, you may choose to give us more information for your Account profile, such as your full name, an avatar which may include a photograph, your biography, your location, your company, and a URL to a third-party website. Please note that your profile information may be visible to other Users of our Service.

-Information GitHub automatically collects.
+Feedback and ratings

-When you visit or use our Service, we collect some information automatically. For example:
-
-Transaction information
-
-If you have a paid Account with us, or make a purchase or sale using our Service, we automatically collect certain information about your transactions on the Service, such as your full name, address, region, state, country, zip code, the date, time, and amount charged.
+We collect any feedback or ratings you provide, including through written communications and via surveys.

-Usage information
+Information GitHub automatically collects

-If you're accessing or using our Service, we may automatically collect information about how you use the Service, such as the pages you view, the referring site, your IP address and information about your device, session information, the date and time of each request, information contained in or relating to your contributions to individual repositories, and telemetry data (i.e., information about how a specific feature or service is performing) regarding your use of other features and functionality of the Service.
+When you visit or use our Service, we collect some information automatically. For example:

-Cookies
+Transaction information, Subscription and licensing data

-As further described below, we automatically collect information from cookies (such as cookie ID and settings) in connection with our Service.
+If you have a paid Account or subscription with us, or make a purchase or sale using our Service, we automatically collect certain information about your transactions on the Service, such as your full name, address, region, state, country, zip code, the date, time, and amount charged.

-Device information
+Usage information and Interactions

-We may collect information about your device, such as its IP address, browser or client application information, language preference, operating system and application version, device type and ID, and device model and manufacturer.
+If you're accessing or using our Service, we may automatically collect information about how you use and how your device interacts with the Service, such as the pages you view, the referring site, your IP address and information about your device, session information, the date and time of each request, device type and ID, operation system and application version, information contained in or relating to your contributions to individual repositories, and telemetry data (i.e., information about how a specific feature or service is performing) regarding your use of other features and functionality of the Service. As further described below, we automatically collect usage information and interaction data using cookies (which may use a cookie ID), depending on your settings or preferences, in connection with our Service.

 Geolocation information

@@ -120,7 +116,7 @@ Improve and develop our products and services including to develop new services
 Personalization of our Service by understanding you and your preferences to enhance your experience and enjoyment using our Service.
 Provide customer support and respond to your questions.
 Deliver promotional communications with you about new services, features, offers, promotions, and other information about our Service.
-Personalize and measure the effectiveness of enterprise business ads, promotional communications or marketing you receive related to the Enterprise Marketing Pages.
+Personalize and measure the effectiveness of enterprise business ads, including those you see off of the Services, promotional communications or marketing you receive related to the Enterprise Marketing Pages.
 Send you information, including confirmations, invoices, technical notices, updates, security alerts, support and administrative messages.

 We combine data we collect from different sources for these purposes and to give you a more seamless, consistent, and personalized experience.
@@ -137,17 +133,19 @@ Please note that if you would like to compile GitHub data, you must comply with

 Third-party applications

-We share your personal data with third parties when you tell us to do so. For example, if you purchase an application listed on our Marketplace, we share your username to allow the application developer to provide you with services. Additionally, you may direct us through your actions on GitHub to share your personal data. For example, if you join an Organization, you indicate your willingness to provide the owner of the Organization with the ability to view your activity in the Organization’s access log.
-
-You can enable or add third-party applications, known as "Developer Products" to your Account. These Developer Products are not necessary for your use of GitHub. We will share your personal data with such third-party applications when you ask us to; however, you are responsible for your use of the third-party Developer Product and for the amount of personal data you choose to share with it. You can check our API documentation to see what information is provided when you authenticate into a Developer Product using your GitHub profile.
+We share your personal data with third party applications when you tell us to do so. For example, if you purchase an application listed on our Marketplace, we share your username to allow the application developer to provide you with services. You can enable or add third-party applications, known as "Developer Products," to your Account. These Developer Products are not necessary for your use of GitHub. We will share your personal data with such third-party applications when you ask us to; however, you are responsible for your use of the third-party Developer Products and for the amount of personal data you choose to share with it. You can check our API documentation to see what information is provided when you authenticate into a Developer Product using your GitHub profile.

 Organizations with which you engage

-You may indicate, through your actions on GitHub, that you are willing to share your personal data. If you collaborate on or become a member of an organization, then its Account owners may receive your personal data. When you accept an invitation to an organization, you will be notified of the types of information owners may be able to see (for more information, see About Organization Membership). Please contact the Account owners for more information about how they might process your personal data in their Organization and the ways for you to access, update, alter, or delete your personal data stored in the Account.
+You may indicate, through your actions on GitHub, that you are willing to share your personal data with Organizations, as defined in GitHub’s Terms of Service, who also use the Services. If you collaborate on or become a member of an Organization, then its Account owners may receive your personal data, for example by having the ability to view your activity in the Organization’s access log.
+
+When you accept an invitation to an Organization, you will be notified of the types of information owners may be able to see (for more information, see About Organization Membership). Please contact the Account owners for more information about how they might process your personal data in their Organization and the ways for you to access, update, alter, or delete your personal data stored in the Account.

 Service providers

-We share your personal data with service providers who process the information on our behalf to provide or improve our Service. For example, our service providers may perform payment processing, customer support ticketing, network data transmission, web analytics, marketing operations, security, and other similar services. While GitHub processes all personal data in the United States, our service providers may process data outside of the United States or the European Union. Such processing by service providers will be in compliance with applicable law including any relevant transfer mechanism.
+We share your personal data with service providers who process the information on our behalf to provide or improve our Service. For example, our service providers may perform payment processing, customer support ticketing, network data transmission, web analytics, marketing operations, security, online advertising, and other similar services. Our service providers may process data in your region, in the United States, or in any other country where they operate facilities.
+
+Such processing by service providers and any related cross border data transfers will be in compliance with applicable law.

 Affiliates

@@ -172,10 +170,6 @@ Please note that some of the features on our Service include integrations, refer

 Finally, we may share de-identified information in accordance with applicable law.

-No selling of personal data
-
-We do not sell your personal data for monetary or other consideration as defined under California and Nevada state laws. You can learn more about the CCPA and how we comply with it here.
-
 Your choices regarding our processing of your personal data

 We provide choices about the personal data we collect about you. The choices you make will not apply to any personal data associated with an Organization under your Account.
@@ -196,7 +190,7 @@ As a GitHub User, you can always take your data with you. You can clone your rep

 Communication preferences

-We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay. For example, if you contact our Support team with a request, we respond to you via email. You have control over how your email address is used and shared on and through our Service. You may manage your communication preferences in your profile.
+We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay. For example, if you contact our Support team with a request, we respond to you via email. You have control over how your email address is used and shared with other Users on and through our Service. You may manage your communication preferences in your profile.

 By design, the Git version control system associates many actions with a user's email address, such as commit messages. See more details regarding setting your commit email address.

@@ -204,16 +198,6 @@ Depending on your email settings, GitHub may occasionally send notification emai

 Please note that you cannot opt out of receiving important communications from us, such as emails from our Support team or system emails, but you can configure your notifications settings in your profile to opt out of other communications.

-European Data Protection Rights
-
-If the processing of personal data about you is subject to European Union data protection law, you have certain rights with respect to that data:
-
-You can request access to, and rectification or erasure of, personal data; If any automated processing of personal data is based on your consent or a contract with you, you have a right to transfer or receive a copy of the personal data in a usable and portable format; If the processing of personal data is based on your consent, you can withdraw consent at any time for future processing; You can to object to, or obtain a restriction of, the processing of personal data under certain circumstances; and For residents of France, you can send us specific instructions regarding the use of your data after your death.
-
-To make such requests, please use the contact information at the bottom of this statement. When we are processing data on behalf of another party (i.e., where GitHub is acting as a data processor) you should direct your request to that party. You also have the right to lodge a complaint with a supervisory authority, but we encourage you to first contact us with any questions or concerns.
-
-We rely on different lawful bases for collecting and processing personal data about you, for example, with your consent and/or as necessary to provide the services you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfill other legitimate interests.
-
 Our use of cookies and tracking technologies
 Cookies and tracking technologies

@@ -260,14 +244,13 @@ Any GitHub page that serves non-essential cookies will have a link in the page

 Some users will also be able to manage non-essential cookies via a cookie consent banner, including the options to accept, manage, and reject all non-essential cookies.

-Generally for all websites
-
-You can control the cookies you encounter on the web using a variety of widely-available tools. For example:
+Generally for all websites You can control the cookies you encounter on the web using a variety of widely-available tools. For example:

 If your browser sends a Do Not Track (DNT) signal, GitHub will not set non-essential cookies and will not load third party resources which set non-essential cookies.
 Many browsers provide cookie controls which may limit the types of cookies you encounter online. Check out the documentation for your browser to learn more.
 If you enable a browser extension designed to block tracking, such as Privacy Badger, non-essential cookies set by a website or third parties may be disabled.
 If you enable a browser extension designed to block unwanted content, such as uBlock Origin, non-essential cookies will be disabled to the extent that content that sets non-essential cookies will be blocked.
+You may use the Global Privacy Control (GPC) to communicate your privacy preferences. If GitHub detects the GPC signal from your device, GitHub will not share your data (we do not sell your data). To learn more, visit Global Privacy Control — Take Control Of Your Privacy
 Advertising controls. Our advertising partners may participate in associations that provide simple ways to opt out of ad targeting, which you can access at:
 United States: NAI and DAA
 Canada: Digital Advertising Alliance of Canada
@@ -296,37 +279,42 @@ GitHub will provide notice regarding private repository access where not prohibi

 Cross-border data transfers

-GitHub processes personal data both inside and outside of the United States. To lawfully transfer data from the European Economic Area, the United Kingdom, and Switzerland to the United States, it relies on adequate protection as decided by the European Commission in accordance with Art. 45 GDPR or appropriate safeguards in accordance with Art. 46 GDPR, such as Standard Contractual Clauses as well as supplementary measures such as encryption at rest and in transit.
+GitHub may store and process your personal data in your region, in the United States, and in any other country where GitHub or its affiliates, subsidiaries, or service providers operate facilities.
+
+We transfer personal data from the European Union, the United Kingdom, and Switzerland to other countries, some of which have not yet been determined by the European Commission to have an adequate level of data protection. For example, their laws may not guarantee you the same rights, or there may not be a privacy supervisory authority there that is capable of addressing your complaints. When we engage in such transfers, we use a variety of legal mechanisms, including contracts, such as the standard contractual clauses published by the European Commission under Commission Implementing Decision 2021/914, to help protect your rights and enable these protections to travel with your data. To learn more about the European Commission’s decisions on the adequacy of the protection of personal data in the countries where Microsoft processes personal data, see this article on the European Commission website. You may request a copy of the Standard Contractual Clauses using the contact details provided in the section entitled “Contacting GitHub” below.

-Resolving complaints
+How to Contact Us

-If you have concerns about the way GitHub is handling your personal data, please let us know immediately. We want to help. You may contact us by filling out the Privacy contact form. You may also email us directly at (privacy [at] github [dot] com) with the subject line "Privacy Concerns." We will respond promptly — within 45 days at the latest.
+If you have a privacy inquiry or concerns about the way GitHub is handling your personal data, please let us know immediately. We want to help. You may contact us by filling out the Privacy contact form. We will respond promptly.

-You may also contact our Data Protection Officer directly at at github [at]dp-officer [dot] com
+Our addresses are:

-If you are in North America:
-GitHub Data Protection Officer
+GitHub Privacy Team
+
+GitHub, Inc.
 88 Colin P. Kelly Jr. St.
 San Francisco, CA 94107
 United States
-privacy [at] github [dot] com

+Privacy contact form
+
+Github Data Protection Officer

-If you are outside of North America:
-GitHub Data Protection Officer
 c/o DP Dock DPO Services GmbH,
 Attn: GitHub BV, Gut Projensdorf,
 24161 Altenholz, Germany
-github@dp-officer.com cc: privacy [at] github [dot] com
+
 CC: GitHub BV, Vijzelstraat 68-72, 1017 HL Amsterdam, The Netherlands

+Privacy contact form
+
 Dispute resolution process

-In the unlikely event that a dispute arises between you and GitHub regarding our handling of your User Personal Information, we will do our best to resolve it. Additionally, if you are a resident of an EU member state, you have the right to file a complaint with your local supervisory authority, and you might have more options.
+In the unlikely event that a dispute arises between you and GitHub regarding our handling of your personal data, please email us directly at (privacy [at] github [dot] com) with the subject line "Privacy Concerns". We will respond promptly and do our best to resolve the dispute. Additionally, you may have the right to file a complaint with your local data protection or privacy agency or supervisory authority.

 Changes to our Privacy Statement

-Although most changes are likely to be minor, GitHub may change our Privacy Statement from time to time. We will provide notification to Users of material changes to this Privacy Statement through our Website at least 30 days prior to the change taking effect by posting a notice on our home page or sending email to the primary email address specified in your GitHub account. We will also update our Site Policy repository, which tracks all changes to this policy. For other changes to this Privacy Statement, we encourage Users to watch or to check our Site Policy repository frequently.
+GitHub may change this Privacy Statement from time to time for a variety of reasons, including to comply with new laws and regulations, to cover new features and functionality, and to increase transparency. We will provide notice of material changes to this Privacy Statement through our Website at least 30 days prior to the change taking effect by posting a notice on our home page or sending email to the primary email address specified in your GitHub account. We will also update our Site Policy repository, which tracks all changes to this policy. For other changes to this Privacy Statement, we encourage Users to watch or to check our Site Policy repository frequently.

 License

@@ -348,55 +336,78 @@ Other translations

 For translations of this statement into other languages, please visit https://docs.github.com/ and select a language from the drop-down menu under “English.”

-GitHub's notice to California residents
+European Data Protection Rights Notice

-The California Consumer Privacy Act of 2018, (Cal. Civ. Code §1798.100 et seq., as amended, “CCPA”) gives California residents rights and control over their personal information. GitHub, Inc. ("GitHub", "we") provides this statement to those residents ("you") in accordance with requirements under the CCPA to make certain disclosures about the collection and processing of their personal information. This is GitHub’s California-specific description of consumers’ privacy rights under the CCPA. For information about how we’ve extended the CCPA core rights to control personal information to all of our users in the United States, please see our Privacy Statement.
+If you are in the European Economic Area, we process your personal data in accordance with applicable laws, and the processing of personal data about you is subject to European Union data protection law, you have certain rights with respect to that data:

-Our handling of personal information
+You can request access to, and rectification or erasure of, personal data; If any automated processing of personal data is based on your consent or a contract with you, you have a right to transfer or receive a copy of the personal data in a usable and portable format; If the processing of personal data is based on your consent, you can withdraw consent at any time for future processing; You can to object to, or obtain a restriction of, the processing of personal data under certain circumstances; and fFor residents of France, you can send us specific instructions regarding the use of your data after your death.

-While the table below contains information about the categories of personal information we collect, process, and share, please see the GitHub Privacy Statement for full details.
+To make such requests, please use the contact information at the bottom of this statement. When we are processing data on behalf of another party (i.e., where GitHub is acting as a data processor) you should direct your request to that party. You also have the right to lodge a complaint with a supervisory authority, but we encourage you to first contact us with any questions or concerns.

-Category of personal information collected in last 12 months   Category of sources from which the personal information has been collected
-Identifiers (such as real name, alias, postal address, unique personal identifier, online identifier Internet Protocol address, email address, account name, or other similar identifiers) Information consumer provides directly or automatically through their interaction with our Service and/or Website or GitHub’s vendors, partners, or affiliates
-Personal information described in Cal. Civ. Code §1798.80 (e) such as name, address, credit card or debit card number) Information consumer may choose to provide directly, through service providers
-Characteristics of protected classifications under California or federal law (such as gender)  Information consumer may choose to provide directly
-Commercial information (such as about products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies)   Information consumer provides directly or automatically through their interaction with our Services
-Geolocation data (such as any information collected after giving users the opportunity to opt-in to location-based services, which rely upon a device’s precise location services. )   Information consumer provides automatically through their interaction with our Services
-Audio, electronic, visual, or similar information such as content and files uploaded to the Service.   Information consumer may choose to provide directly
-Professional or employment information Information consumer may choose to provide directly
-Inferences drawn from any of the information identified in this table to create a profile about a consumer reflecting the consumer’s preferences   Information consumer provides directly or automatically through their interaction with our Services
+We rely on different lawful bases for collecting and processing personal data about you, for example, with your consent and/or as necessary to provide the services you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfill other legitimate interests.

-We use the categories of personal information described above for the purposes listed in the “How GitHub uses your information” section of our Privacy Statement. We also disclose the categories of personal information listed above for business purposes. Please see the “How we share the information we collect” section of our Privacy Statement for additional details.
+U.S. State Data Privacy

-We do not sell your personal information
+If you are a U.S. resident, we process your personal data in accordance with applicable U.S. state data privacy laws, including the California Consumer Privacy Act (CCPA). This section of our Privacy Statement contains information required by the CCPA and other U.S. state data privacy laws and supplements our Privacy Statement.

-Under the CCPA, a business that sells California residents' personal information to others: 1) must give notice to California residents before selling their personal information to others; and 2) must provide the right to opt out of the sale of their personal information. GitHub does not sell personal information, including personal information of anyone under 16 years old.
+Sale. We do not sell your personal data. So, we do not offer an opt-out to the sale of personal data.

-Your rights under the CCPA
+Share. We may “share” your personal data for targeted advertising purposes. You may opt out of sharing data for cross-contextual advertising purposes, and make additional privacy choices on GitHub’s Enterprise Marketing pages by selecting Managing Your Cookie Preferences. Here are the categories of personal data shared over the past 12 months with additional details.

-The CCPA provides California residents with certain rights related to their personal information. To submit a request based on these rights, please contact us via our contact form.
+Categories of Personal Data Shared Categories of Recipients    Business or commercial purpose for sharing
+Usage information and Interactions Advertisers To support GitHub’s enterprise marketing efforts

-When receiving a request, we will verify that the individual making the request is the resident to whom the personal information subject to the request pertains. California residents may exercise their rights themselves or may use an authorized agent, designated in writing or through a power of attorney, to make requests on their behalf. If you use an authorized agent to submit a request, we may require that you provide us additional information demonstrating that the agent is acting on your behalf, and we may need you to verify your identity directly with us. With respect to your personal information, California residents may exercise the rights described below.
+Rights. You have the right to request that we (i) disclose what personal data we collect, use, disclose, share, and sell, (ii) delete your personal data, (iii) correct your personal data, and (iv) restrict the use and disclosure of your sensitive data, and (v) opt-out of future “sharing” of personal data for targeted advertising purposes. You may make these requests yourself or through an authorized agent. If you use an authorized agent, we provide your agent with detailed guidance on how to exercise your privacy rights.

-Right to Know.
+Please see Your choices regarding our processing of your personal data section of the GitHub Privacy Statement for additional information on how to exercise these rights. You can use GitHub’s User Migration API to access and download your data. Learn more here.

-You have a right to request that we disclose to you the personal information we have collected about you. You also have a right to request additional information about our collection, use, disclosure, or sale of such personal information. Note that we have provided much of this information in this privacy statement. You can use GitHub’s User Migration tool to access and download your data. Learn more here. You may also make such a “request to know” by contacting us here.
+If you have a Github account, you must exercise your rights through the tools provided, which requires you to log in to your GitHub account. If you have an additional request or questions after logging in, you may contact GitHub at the address in the How to contact us section, including through our web form.

-Right to Request Deletion.
+If you do not have an account, you may exercise your rights by contacting us as described above. We may ask for additional information to validate your request before honoring the request. To submit a request based on these rights, you can also contact us via our contact form.

-You also have a right to request that we delete personal information under certain circumstances, subject to a number of exceptions. To make a request to delete, you can contact us here or use the account settings here.
+You may opt-out of “sharing” information for cross-contextual behavioral advertising purposes, and make additional privacy choices related to GitHub’s Enterprise Marketing pages by selecting Managing Your Cookie Preferences. You have a right not to receive discriminatory treatment if you exercise your privacy rights. We will not discriminate against you if you exercise your privacy rights.

-Right to Opt-Out.
+Additionally, under California Civil Code section 1798.83, also known as the “Shine the Light” law, California residents who have provided personal information to a business with which the individual has established a business relationship for personal, family, or household purposes (“California Customers”) may request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes. Please be aware that we do not disclose personal information to any third parties for their direct marketing purposes as defined by this law. California Customers may request further information about our compliance with this law by emailing (privacy [at] github [dot] com). Please note that businesses are required to respond to one request per California Customer each year and may not be required to respond to requests made by means other than through the designated email address.

-You have a right to opt-out from future “sales” of personal information. Note that we do not “sell” personal information as defined by the CCPA and have not done so in the past 12 months.
+California residents under the age of 18 who are registered users of online sites, services, or applications have a right under California Business and Professions Code Section 22581 to remove, or request and obtain removal of, content or information they have publicly posted. To remove content or information you have publicly posted, please submit a Private Information Removal request. Alternatively, to request that we remove such content or information, please send a detailed description of the specific content or information you wish to have removed to GitHub support. Please be aware that your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances. If you have any questions about our privacy practices with respect to California residents, please contact us via our contact form.

-Right to Non-Discrimination.
+Our handling of personal information

-You have a right to not be discriminated against for exercising your CCPA rights. We will not discriminate against you for exercising your CCPA rights.
+The table below contains information about the categories of personal information we collect, our purposes of processing, and the categories of third-party recipients with whom we share the personal information. Please see the GitHub Privacy Statement for full details, including a description of the data included in each category.

-You may designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights under the CCPA. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf, and we may need you to verify your identity directly with us. Further, to provide or delete specific pieces of personal information we will need to verify your identity to the degree of certainty required by law. We will verify your request by asking you to submit the request from the email address associated with your account or requiring you to provide information necessary to verify your account. Please note that you may use two-factor authentication with your GitHub account.
-Finally, you have a right to receive notice of our practices at or before collection of personal information.
+Category of Personal Data  Sources of Personal Data    Purposes of Processing  Recipients
+Registration information   Users and customers who use create an account   Provide and personalize our Services; authenticate and provide account access; respond to user and customer questions; help, secure, and troubleshoot; honor users rights; and marketing    Service providers and user-directed entities
+Demographic information    Users and customers, third-party data brokers   Provide and personalize our Services; product improvement and development; help, secure, and troubleshoot; and marketing    Service providers and user-directed entities
+Payment and billing information    Users and customers, financial institutions Transact commerce; provide our Services; process transactions; fulfill orders; help, secure, and troubleshoot; and detect and prevent fraud Service providers and user-directed entities
+Content and files  Users and customers Provide our Services; safety; compliance; and help, secure, and troubleshoot; honor user rights Service providers and user-directed entities
+Feedback and ratings   Users and customers Provide our Services; product improvement; product improvement and development; marketing; customer support; and help, secure, and troubleshoot Service providers and user-directed entities
+Transaction information, subscription and licensing data   Users and customers Provide, personalize, and activate our Services; customer support; help, secure, and troubleshoot; and marketing    Service providers and user-directed entities
+Usage information and Interactions Users, customers, website visitors  Provide and personalize our Services; product improvement and development; marketing; and help, secure and troubleshoot Service providers and user-directed entities
+Geolocation information    Users, customers, website visitors  Provide and personalize our Services; product improvement and development; marketing; and help, secure and troubleshoot Service providers and user-directed entities

-Additionally, under California Civil Code section 1798.83, also known as the “Shine the Light” law, California residents who have provided personal information to a business with which the individual has established a business relationship for personal, family, or household purposes (“California Customers”) may request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes. Please be aware that we do not disclose personal information to any third parties for their direct marketing purposes as defined by this law. California Customers may request further information about our compliance with this law by emailing (privacy [at] github [dot] com). Please note that businesses are required to respond to one request per California Customer each year and may not be required to respond to requests made by means other than through the designated email address.
+Categories of Sensitive Data. We may collect, process, or disclose certain personal data that qualifies as “sensitive data” under applicable U.S. state data privacy laws. For example, this data may be collected if you participate in a survey, share it in your account profile, or are engaged in certain community-focused repos. Sensitive data is a subset of personal data. In the list below, we outline the categories of sensitive data we collect, the sources of the sensitive data, our purposes of processing, and the categories of third-party recipients with whom we share the sensitive data. Please see the "What information GitHub collects" section for more information about the sensitive data we may collect.
+
+Sensitive Data Type    Purposes of Processing  Recipients
+Account log-in, financial account, debit or credit card number, and the means to access the account (security or access code, password, credentials, etc.) Transact commerce; process transactions; fulfill orders; provide our Services; help, secure, and troubleshoot; and detect and prevent fraud Service providers and user-directed entities
+Racial or ethnic origin, religious or philosophical beliefs, or union membership   Provide and personalize our products; product development; help, secure, and troubleshoot; and marketing    Service providers and user-directed entities
+Medical or mental health, sex life, or sexual orientation  Provide and personalize our products; product development; help, secure, and troubleshoot; and marketing    Service providers and user-directed entities
+Contents of your mail, email, or text messages (where GitHub is not the intended recipient of the communication)   Provide our products; safety; compliance; and help, secure, and troubleshoot    Service providers and user-directed entities
+
+GitHub asks your consent to collect and process your sensitive data or does so at your direction. We do not use or disclose your sensitive data for purposes other than the following:
+
+To perform the services, fulfill the transactions, or provide the goods or Services you reasonably expect;
+To help ensure the security and integrity of our Services, to combat malicious deceptive, fraudulent or illegal acts, and to protect the physical safety of individuals, to the extent the processing is reasonably necessary and proportionate;
+for transient use (including non-personalized advertising), so long as the personal data is not used for profiling, and is not used to alter an individual’s experience outside the current interaction with GitHub;
+To perform services to operate our business, such as maintaining accounts, providing customer service, processing, or fulfilling orders/transactions, verifying customer information, processing payments, provide financing, providing analytics, providing storage, and similar services;
+To undertake activities to verify or maintain the quality or safety of, or improve, upgrade, or enhance a service or device owned or controlled by GitHub; and
+To conduct any other activities in accordance with applicable law.
+
+The charts above contain the primary sources, purposes of processing, and recipients for each category of personal data. We use the categories of personal information described above for the purposes listed in the "How GitHub uses your information" section of our Privacy Statement, such as meeting our legal obligations, improving our internal operations, and doing research. We also disclose the categories of personal information listed above for business or compliance purposes. Please see the "How we share the information we collect" section of our Privacy Statement for additional details.
+
+Not in a Position to Identify Data. In some situations GitHub may process data in a state called Not in a Position to Identify Data (NPI) or de-identified data. Data is in this state when we are not able to link data to an individual to whom such data may relate without taking additional steps. In those instances, and unless allowed under applicable law, we will maintain such information in an NPI state, and will not try to re-identify the individual to whom NPI data relates.
+
+Disclosures of personal data for business or commercial purposes. As indicated in the How We share the information we collect section, we share personal data with third parties for various business and commercial purposes. The primary business and commercial purposes for which we share personal data are the purposes of processing listed in the table above. We also disclose the categories of personal information listed above for business purposes. Please see the "How we share the information we collect" section of our Privacy Statement for additional details.
+
+Parties that control collection of personal data. In certain situations, we may allow a third party to control the collection of your personal data. For example, on our Enterprise Marketing Pages, advertisers may be the controllers of information they collect through their cookies.

-California residents under the age of 18 who are registered users of online sites, services, or applications have a right under California Business and Professions Code Section 22581 to remove, or request and obtain removal of, content or information they have publicly posted. To remove content or information you have publicly posted, please submit a Private Information Removal request. Alternatively, to request that we remove such content or information, please send a detailed description of the specific content or information you wish to have removed to GitHub support. Please be aware that your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances. If you have any questions about our privacy practices with respect to California residents, please contact us via our contact form.
\ No newline at end of file
+We use the categories of personal information described above for the purposes listed in the "How GitHub uses your information" section of our Privacy Statement. We also disclose the categories of personal information listed above for business purposes. Please see the "How we share the information we collect" section of our Privacy Statement for additional details.
\ No newline at end of file
milonmaze commented 1 year ago

274021b31f059df88ca4439246ed3f297d64882c: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2023-01-25

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index bc09251..6e11b45 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -281,7 +281,7 @@ Cross-border data transfers

 GitHub may store and process your personal data in your region, in the United States, and in any other country where GitHub or its affiliates, subsidiaries, or service providers operate facilities.

-We transfer personal data from the European Union, the United Kingdom, and Switzerland to other countries, some of which have not yet been determined by the European Commission to have an adequate level of data protection. For example, their laws may not guarantee you the same rights, or there may not be a privacy supervisory authority there that is capable of addressing your complaints. When we engage in such transfers, we use a variety of legal mechanisms, including contracts, such as the standard contractual clauses published by the European Commission under Commission Implementing Decision 2021/914, to help protect your rights and enable these protections to travel with your data. To learn more about the European Commission’s decisions on the adequacy of the protection of personal data in the countries where Microsoft processes personal data, see this article on the European Commission website. You may request a copy of the Standard Contractual Clauses using the contact details provided in the section entitled “Contacting GitHub” below.
+We transfer personal data from the European Union, the United Kingdom, and Switzerland to other countries, some of which have not yet been determined by the European Commission to have an adequate level of data protection. For example, their laws may not guarantee you the same rights, or there may not be a privacy supervisory authority there that is capable of addressing your complaints. When we engage in such transfers, we use a variety of legal mechanisms, including contracts, such as the standard contractual clauses published by the European Commission under Commission Implementing Decision 2021/914, to help protect your rights and enable these protections to travel with your data. You may request a copy of the Standard Contractual Clauses using the contact details provided in the section entitled “Contacting GitHub” below.

 How to Contact Us

@@ -298,7 +298,7 @@ United States

 Privacy contact form

-Github Data Protection Officer
+GitHub Data Protection Officer

 c/o DP Dock DPO Services GmbH,
 Attn: GitHub BV, Gut Projensdorf,
milonmaze commented 1 year ago

954969c43923c7dc538d53b480ffa572597fc3cd: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2023-01-30

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 6e11b45..650cd9d 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -361,7 +361,7 @@ Rights. You have the right to request that we (i) disclose what personal data we

 Please see Your choices regarding our processing of your personal data section of the GitHub Privacy Statement for additional information on how to exercise these rights. You can use GitHub’s User Migration API to access and download your data. Learn more here.

-If you have a Github account, you must exercise your rights through the tools provided, which requires you to log in to your GitHub account. If you have an additional request or questions after logging in, you may contact GitHub at the address in the How to contact us section, including through our web form.
+If you have a GitHub account, you must exercise your rights through the tools provided, which requires you to log in to your GitHub account. If you have an additional request or questions after logging in, you may contact GitHub at the address in the How to contact us section, including through our web form.

 If you do not have an account, you may exercise your rights by contacting us as described above. We may ask for additional information to validate your request before honoring the request. To submit a request based on these rights, you can also contact us via our contact form.
milonmaze commented 1 year ago

cb2f006e7cee580207d35d23da45671a3bbfa80c: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2023-02-15

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 650cd9dd..249b20b2 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -25,7 +25,7 @@ Cookies and tracking technologies Except for some of the cookies used on our Ent

 As described below, we may use non-essential cookies on certain pages of our website to support our enterprise marketing efforts and market our products and services to enterprise customers, for example on resources.github.com (collectively “Enterprise Marketing Pages”).

-We offer a page that makes all uses of cookies very transparent.
+For more information about cookies, see the list of cookies used by GitHub.
 How GitHub secures your information    We take all measures reasonably necessary to protect the confidentiality, integrity, and availability of your personal data on GitHub and to protect the resilience of our servers.
 Communication preferences  We communicate with you by email. You can control the way we contact you in your account settings, or by contacting us.
 Resolving complaints   In the unlikely event that we are unable to resolve a privacy concern quickly and thoroughly, we provide a path of dispute resolution.
@@ -98,7 +98,7 @@ Other companies with whom you choose to engage. GitHub may collect personal data

 Service Providers. We may also receive information from processors or service providers who process the data on our behalf, such as our payment processor who process payment and billing information in connection with our Service.

-Content you post on our Service. Information you store in, or contribute to, a public repository, provide for use in connection with a Community Feature or make otherwise publicly available through the Service will be collected by GitHub as described in this Privacy Statement. Such information may also be available to the GitHub user community as well as the general public. For more information, please review details regarding public repositories and community features here.
+Content you post on our Service. Information you store in, or contribute to, a public repository, provide for use in connection with a Community Feature or make otherwise publicly available through the Service will be collected by GitHub as described in this Privacy Statement. Such information may also be available to the GitHub user community as well as the general public. For more information about repositories and community features, see "About your profile."

 Co-branding/marketing partners. We may receive information from partners with which we offer co-branded services or engage in joint marketing activities.

@@ -127,7 +127,7 @@ We share personal data as described below, including with your consent or as nec

 Public information

-You may select options available through our Service to publicly display and share your name and/or username and certain other information, such as your profile, demographic data, content and files, or geolocation data. For example, if you would like your email address to remain private, even when you’re commenting on public repositories, you can adjust your setting for your email address to be private in your user profile. You can also update your local Git configuration to use your private email address. Please see more about email addresses in commit messages here.
+You may select options available through our Service to publicly display and share your name and/or username and certain other information, such as your profile, demographic data, content and files, or geolocation data. For example, if you would like your email address to remain private, even when you’re commenting on public repositories, you can adjust your setting for your email address to be private in your user profile. You can also update your local Git configuration to use your private email address. For more information, see "Setting your commit email address."

 Please note that if you would like to compile GitHub data, you must comply with our Terms of Service regarding information usage and privacy, and you may only use any public-facing information you gather for the purpose for which our user authorized it. For example, where a GitHub user has made an email address public-facing for the purpose of identification and attribution, do not use that email address for the purposes of sending unsolicited emails to users or selling personal information, such as to recruiters, headhunters, and job boards, or for commercial advertising. We expect you to reasonably secure information you have gathered from GitHub, and to respond promptly to complaints, removal requests, and "do not contact" requests from GitHub or GitHub users.

@@ -190,7 +190,7 @@ As a GitHub User, you can always take your data with you. You can clone your rep

 Communication preferences

-We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay. For example, if you contact our Support team with a request, we respond to you via email. You have control over how your email address is used and shared with other Users on and through our Service. You may manage your communication preferences in your profile.
+We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay. For example, if you contact our Support team with a request, we respond to you via email. You have control over how your email address is used and shared with other Users on and through our Service. You may manage your communication preferences in your profile's email settings.

 By design, the Git version control system associates many actions with a user's email address, such as commit messages. See more details regarding setting your commit email address.

@@ -207,7 +207,7 @@ For Enterprise Marketing Pages, we may also use non-essential cookies to (i) gat

 Our emails to users may contain a pixel tag, which is a small, clear image that can tell us whether or not you have opened an email and what your IP address is. We use this pixel tag to make our email communications more effective and to make sure we are not sending you unwanted email.

-The length of time a cookie will stay on your browser or device depends on whether it is a “persistent” or “session” cookie. Session cookies will only stay on your device until you stop browsing. Persistent cookies stay until they expire or are deleted. The expiration time or retention period applicable to persistent cookies depends on the purpose of the cookie collection and tool used. You may be able to delete cookie data as described here.
+The length of time a cookie will stay on your browser or device depends on whether it is a “persistent” or “session” cookie. Session cookies will only stay on your device until you stop browsing. Persistent cookies stay until they expire or are deleted. The expiration time or retention period applicable to persistent cookies depends on the purpose of the cookie collection and tool used. You may be able to delete cookie data. For more information, see "What are your cookie choices and controls?."

 What are cookies and similar technologies?

@@ -314,7 +314,7 @@ In the unlikely event that a dispute arises between you and GitHub regarding our

 Changes to our Privacy Statement

-GitHub may change this Privacy Statement from time to time for a variety of reasons, including to comply with new laws and regulations, to cover new features and functionality, and to increase transparency. We will provide notice of material changes to this Privacy Statement through our Website at least 30 days prior to the change taking effect by posting a notice on our home page or sending email to the primary email address specified in your GitHub account. We will also update our Site Policy repository, which tracks all changes to this policy. For other changes to this Privacy Statement, we encourage Users to watch or to check our Site Policy repository frequently.
+GitHub may change this Privacy Statement from time to time for a variety of reasons, including to comply with new laws and regulations, to cover new features and functionality, and to increase transparency. We will provide notice of material changes to this Privacy Statement through our Website at least 30 days prior to the change taking effect by posting a notice on our home page or sending email to the primary email address specified in your GitHub account. We will also update our Site Policy repository, which tracks all changes to this policy. For other changes to this Privacy Statement, we encourage Users to watch or to check our Site Policy repository frequently. To learn how to watch a repository, see "Configuring your watch settings for an individual repository."

 License

@@ -330,7 +330,7 @@ Below are translations of this document into other languages. In the event of an

 French

-Cliquez ici pour obtenir la version française: Déclaration de confidentialité de GitHub
+Cliquez ici pour obtenir la version française: Déclaration de confidentialité de GitHub (PDF)

 Other translations

@@ -359,7 +359,7 @@ Usage information and Interactions  Advertisers To support GitHub’s enterprise

 Rights. You have the right to request that we (i) disclose what personal data we collect, use, disclose, share, and sell, (ii) delete your personal data, (iii) correct your personal data, and (iv) restrict the use and disclosure of your sensitive data, and (v) opt-out of future “sharing” of personal data for targeted advertising purposes. You may make these requests yourself or through an authorized agent. If you use an authorized agent, we provide your agent with detailed guidance on how to exercise your privacy rights.

-Please see Your choices regarding our processing of your personal data section of the GitHub Privacy Statement for additional information on how to exercise these rights. You can use GitHub’s User Migration API to access and download your data. Learn more here.
+Please see Your choices regarding our processing of your personal data section of the GitHub Privacy Statement for additional information on how to exercise these rights. You can use GitHub’s User Migration API to access and download your data. For more information, see "Requesting an archive of your personal account's data."

 If you have a GitHub account, you must exercise your rights through the tools provided, which requires you to log in to your GitHub account. If you have an additional request or questions after logging in, you may contact GitHub at the address in the How to contact us section, including through our web form.
milonmaze commented 1 year ago

65e40f93c1dc58741a3f3bc646e3f5255fd829a3: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2023-02-17

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 249b20b2..246aa497 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -207,7 +207,7 @@ For Enterprise Marketing Pages, we may also use non-essential cookies to (i) gat

 Our emails to users may contain a pixel tag, which is a small, clear image that can tell us whether or not you have opened an email and what your IP address is. We use this pixel tag to make our email communications more effective and to make sure we are not sending you unwanted email.

-The length of time a cookie will stay on your browser or device depends on whether it is a “persistent” or “session” cookie. Session cookies will only stay on your device until you stop browsing. Persistent cookies stay until they expire or are deleted. The expiration time or retention period applicable to persistent cookies depends on the purpose of the cookie collection and tool used. You may be able to delete cookie data. For more information, see "What are your cookie choices and controls?."
+The length of time a cookie will stay on your browser or device depends on whether it is a “persistent” or “session” cookie. Session cookies will only stay on your device until you stop browsing. Persistent cookies stay until they expire or are deleted. The expiration time or retention period applicable to persistent cookies depends on the purpose of the cookie collection and tool used. You may be able to delete cookie data. For more information, see "GitHub Privacy Statement."

 What are cookies and similar technologies?

@@ -314,7 +314,7 @@ In the unlikely event that a dispute arises between you and GitHub regarding our

 Changes to our Privacy Statement

-GitHub may change this Privacy Statement from time to time for a variety of reasons, including to comply with new laws and regulations, to cover new features and functionality, and to increase transparency. We will provide notice of material changes to this Privacy Statement through our Website at least 30 days prior to the change taking effect by posting a notice on our home page or sending email to the primary email address specified in your GitHub account. We will also update our Site Policy repository, which tracks all changes to this policy. For other changes to this Privacy Statement, we encourage Users to watch or to check our Site Policy repository frequently. To learn how to watch a repository, see "Configuring your watch settings for an individual repository."
+GitHub may change this Privacy Statement from time to time for a variety of reasons, including to comply with new laws and regulations, to cover new features and functionality, and to increase transparency. We will provide notice of material changes to this Privacy Statement through our Website at least 30 days prior to the change taking effect by posting a notice on our home page or sending email to the primary email address specified in your GitHub account. We will also update our Site Policy repository, which tracks all changes to this policy. For other changes to this Privacy Statement, we encourage Users to watch or to check our Site Policy repository frequently. To learn how to watch a repository, see "Configuring notifications."

 License

@@ -359,7 +359,7 @@ Usage information and Interactions  Advertisers To support GitHub’s enterprise

 Rights. You have the right to request that we (i) disclose what personal data we collect, use, disclose, share, and sell, (ii) delete your personal data, (iii) correct your personal data, and (iv) restrict the use and disclosure of your sensitive data, and (v) opt-out of future “sharing” of personal data for targeted advertising purposes. You may make these requests yourself or through an authorized agent. If you use an authorized agent, we provide your agent with detailed guidance on how to exercise your privacy rights.

-Please see Your choices regarding our processing of your personal data section of the GitHub Privacy Statement for additional information on how to exercise these rights. You can use GitHub’s User Migration API to access and download your data. For more information, see "Requesting an archive of your personal account's data."
+Please see Your choices regarding our processing of your personal data section of the GitHub Privacy Statement for additional information on how to exercise these rights. You can use GitHub’s User Migration API to access and download your data. For more information, see "Requesting an archive of your personal account’s data."

 If you have a GitHub account, you must exercise your rights through the tools provided, which requires you to log in to your GitHub account. If you have an additional request or questions after logging in, you may contact GitHub at the address in the How to contact us section, including through our web form.

@@ -402,12 +402,12 @@ To perform services to operate our business, such as maintaining accounts, provi
 To undertake activities to verify or maintain the quality or safety of, or improve, upgrade, or enhance a service or device owned or controlled by GitHub; and
 To conduct any other activities in accordance with applicable law.

-The charts above contain the primary sources, purposes of processing, and recipients for each category of personal data. We use the categories of personal information described above for the purposes listed in the "How GitHub uses your information" section of our Privacy Statement, such as meeting our legal obligations, improving our internal operations, and doing research. We also disclose the categories of personal information listed above for business or compliance purposes. Please see the "How we share the information we collect" section of our Privacy Statement for additional details.
+The charts above contain the primary sources, purposes of processing, and recipients for each category of personal data. We use the categories of personal information described above for the purposes listed in the "GitHub Privacy Statement" section of our Privacy Statement, such as meeting our legal obligations, improving our internal operations, and doing research. We also disclose the categories of personal information listed above for business or compliance purposes. Please see the "GitHub Privacy Statement" section of our Privacy Statement for additional details.

 Not in a Position to Identify Data. In some situations GitHub may process data in a state called Not in a Position to Identify Data (NPI) or de-identified data. Data is in this state when we are not able to link data to an individual to whom such data may relate without taking additional steps. In those instances, and unless allowed under applicable law, we will maintain such information in an NPI state, and will not try to re-identify the individual to whom NPI data relates.

-Disclosures of personal data for business or commercial purposes. As indicated in the How We share the information we collect section, we share personal data with third parties for various business and commercial purposes. The primary business and commercial purposes for which we share personal data are the purposes of processing listed in the table above. We also disclose the categories of personal information listed above for business purposes. Please see the "How we share the information we collect" section of our Privacy Statement for additional details.
+Disclosures of personal data for business or commercial purposes. As indicated in the How We share the information we collect section, we share personal data with third parties for various business and commercial purposes. The primary business and commercial purposes for which we share personal data are the purposes of processing listed in the table above. We also disclose the categories of personal information listed above for business purposes. Please see the "GitHub Privacy Statement" section of our Privacy Statement for additional details.

 Parties that control collection of personal data. In certain situations, we may allow a third party to control the collection of your personal data. For example, on our Enterprise Marketing Pages, advertisers may be the controllers of information they collect through their cookies.

-We use the categories of personal information described above for the purposes listed in the "How GitHub uses your information" section of our Privacy Statement. We also disclose the categories of personal information listed above for business purposes. Please see the "How we share the information we collect" section of our Privacy Statement for additional details.
\ No newline at end of file
+We use the categories of personal information described above for the purposes listed in the "GitHub Privacy Statement" section of our Privacy Statement. We also disclose the categories of personal information listed above for business purposes. Please see the "GitHub Privacy Statement" section of our Privacy Statement for additional details.
\ No newline at end of file
milonmaze commented 1 year ago

aee1826dc6920e6bcfce74afa1ef6ce831559939: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2023-05-03

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 246aa497..f3da129c 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -8,13 +8,13 @@ Thanks for entrusting GitHub, Inc. or GitHub B.V. (“GitHub”, “we”, "us"

 All capitalized terms have their definition in GitHub’s Terms of Service, unless otherwise noted here.

-The short version
+The short version #

 We use your personal information as this Privacy Statement describes. No matter where you are, where you live, or what your citizenship is, you have the same high standard of privacy protection when using GitHub's products as all our users around the world, regardless of their country of origin or location.

 To see our Privacy Notice for U.S. Residents, please go to GitHub's Notice about U.S. State Data Privacy or scroll down.

-Summary
+Summary #
 Section    What can you find there?
 Who is responsible for the processing of your information  Subject to limited exceptions, GitHub is the controller and entity responsible for the processing of your personal data in connection with the Website or Service if you are in North America. For individuals outside North America the data controller is GitHub B.V.
 What information GitHub collects   GitHub collects information directly from you for your registration, payment, transactions, and user profile. We also automatically collect from you your usage information, cookies, and device information, subject, where necessary, to your consent. GitHub may also collect personal data from third parties. We only collect the minimum amount of personal data necessary to provide innovative services and personalized experiences, unless you choose to provide more.
@@ -33,66 +33,66 @@ Changes to our Privacy Statement    We notify you of material changes to this Priva
 License    This Privacy Statement is licensed under the Creative Commons Zero license.
 Contacting GitHub  Please feel free to contact us if you have questions about our Privacy Statement.
 Translations   We provide links to some translations of the Privacy Statement.
-GitHub Privacy Statement
-Who is responsible for the processing of your information?
+GitHub Privacy Statement #
+Who is responsible for the processing of your information? #

 The data controller of your personal data is GitHub, Inc. For individuals outside North America, the data controller is GitHub B.V.

 This privacy statement does not apply to personal data we process as a service provider or data processor on behalf of our enterprise customers. Our data processing activities as service provider or data processor is governed by our Data Protection Agreement. If you are an end-user of one of those organizations, such as an employee or student, you should read that organization’s privacy statement and direct any privacy inquiries to that organization.

-GitHub acting on your behalf
+GitHub acting on your behalf #

 In some cases, GitHub is acting only on your behalf for the personal data we collect and process in connection with our Service (for example, for the personal data added to a repository by the contributors to such repository). In such cases, GitHub will only process the data in order to provide, protect, and improve Service. Please note that subject to our Private Information Removal Policy contributors’ requests to remove personal data generally require notice to and action from the repository owner.

-What information GitHub collects
+What information GitHub collects #

 The personal data we collect depends on how you interact with us, the services you use, and the choices you make. We collect information about you from different sources and in various ways when you use our Service, including information you provide directly, information collected automatically, third-party data sources, and data we infer or generate from other data.

-Information users provide directly to GitHub
+Information users provide directly to GitHub #

 We collect personal data you provide to us. For example:

-Registration information
+Registration information #

 We collect information such as your name and contact data, including username and email address, and credentials such as your password, during account creation.

-Demographic information
+Demographic information #

 In some cases, we request that you provide age, gender, and similar demographic details.

-Payment and billing information
+Payment and billing information #

 If you make a purchase or other financial transaction, we collect credit card numbers, financial account information, and other payment details.

-Content and files
+Content and files #

 We collect any code, text, photographs, documents, or other files, including videos or recordings, you upload to our Service; and if you send us email messages or other communications, we collect and retain those communications. For example, you may choose to give us more information for your Account profile, such as your full name, an avatar which may include a photograph, your biography, your location, your company, and a URL to a third-party website. Please note that your profile information may be visible to other Users of our Service.

-Feedback and ratings
+Feedback and ratings #

 We collect any feedback or ratings you provide, including through written communications and via surveys.

-Information GitHub automatically collects
+Information GitHub automatically collects #

 When you visit or use our Service, we collect some information automatically. For example:

-Transaction information, Subscription and licensing data
+Transaction information, Subscription and licensing data #

 If you have a paid Account or subscription with us, or make a purchase or sale using our Service, we automatically collect certain information about your transactions on the Service, such as your full name, address, region, state, country, zip code, the date, time, and amount charged.

-Usage information and Interactions
+Usage information and Interactions #

 If you're accessing or using our Service, we may automatically collect information about how you use and how your device interacts with the Service, such as the pages you view, the referring site, your IP address and information about your device, session information, the date and time of each request, device type and ID, operation system and application version, information contained in or relating to your contributions to individual repositories, and telemetry data (i.e., information about how a specific feature or service is performing) regarding your use of other features and functionality of the Service. As further described below, we automatically collect usage information and interaction data using cookies (which may use a cookie ID), depending on your settings or preferences, in connection with our Service.

-Geolocation information
+Geolocation information #

 In connection with certain features and depending on the functionality of the Service, we collect geolocation information such as through IP addresses or the location information you choose to provide in your Account profile.

-Information we create or generate
+Information we create or generate #

 We infer new information from other data we collect, including using automated means to generate information about your likely preferences or other characteristics (“inferences”). For example, we infer your general geographic location (such as city, state, and country) based on your IP address.

-Information we collect from third parties
+Information we collect from third parties #

 Other companies with whom you choose to engage. GitHub may collect personal data about you from third parties. For example, this may happen if you sign up for training or to receive information about GitHub from one of our vendors, partners, or affiliates. GitHub does not purchase personal data from third-party data brokers.

@@ -106,7 +106,7 @@ Publicly available sources. We may also obtain information from publicly availab

 When you are asked to provide personal data, you may decline. And you may use web browser or operating system controls to prevent certain types of automatic data collection. But if you choose not to provide or allow information that is necessary for certain services or features, those services or features may not be available or fully functional.

-How GitHub uses your information
+How GitHub uses your information #

 We may use your information to provide, administer, analyze, manage, and operate our Service. For example, we use your information for the following purposes:

@@ -121,48 +121,48 @@ Send you information, including confirmations, invoices, technical notices, upda

 We combine data we collect from different sources for these purposes and to give you a more seamless, consistent, and personalized experience.

-How we share the information we collect
+How we share the information we collect #

 We share personal data as described below, including with your consent or as necessary to complete your transactions or provide the services you have requested or authorized. In addition, we may share each of the categories of your personal data described above with the types of third parties described below for the following business purposes:

-Public information
+Public information #

 You may select options available through our Service to publicly display and share your name and/or username and certain other information, such as your profile, demographic data, content and files, or geolocation data. For example, if you would like your email address to remain private, even when you’re commenting on public repositories, you can adjust your setting for your email address to be private in your user profile. You can also update your local Git configuration to use your private email address. For more information, see "Setting your commit email address."

 Please note that if you would like to compile GitHub data, you must comply with our Terms of Service regarding information usage and privacy, and you may only use any public-facing information you gather for the purpose for which our user authorized it. For example, where a GitHub user has made an email address public-facing for the purpose of identification and attribution, do not use that email address for the purposes of sending unsolicited emails to users or selling personal information, such as to recruiters, headhunters, and job boards, or for commercial advertising. We expect you to reasonably secure information you have gathered from GitHub, and to respond promptly to complaints, removal requests, and "do not contact" requests from GitHub or GitHub users.

-Third-party applications
+Third-party applications #

 We share your personal data with third party applications when you tell us to do so. For example, if you purchase an application listed on our Marketplace, we share your username to allow the application developer to provide you with services. You can enable or add third-party applications, known as "Developer Products," to your Account. These Developer Products are not necessary for your use of GitHub. We will share your personal data with such third-party applications when you ask us to; however, you are responsible for your use of the third-party Developer Products and for the amount of personal data you choose to share with it. You can check our API documentation to see what information is provided when you authenticate into a Developer Product using your GitHub profile.

-Organizations with which you engage
+Organizations with which you engage #

 You may indicate, through your actions on GitHub, that you are willing to share your personal data with Organizations, as defined in GitHub’s Terms of Service, who also use the Services. If you collaborate on or become a member of an Organization, then its Account owners may receive your personal data, for example by having the ability to view your activity in the Organization’s access log.

 When you accept an invitation to an Organization, you will be notified of the types of information owners may be able to see (for more information, see About Organization Membership). Please contact the Account owners for more information about how they might process your personal data in their Organization and the ways for you to access, update, alter, or delete your personal data stored in the Account.

-Service providers
+Service providers #

 We share your personal data with service providers who process the information on our behalf to provide or improve our Service. For example, our service providers may perform payment processing, customer support ticketing, network data transmission, web analytics, marketing operations, security, online advertising, and other similar services. Our service providers may process data in your region, in the United States, or in any other country where they operate facilities.

 Such processing by service providers and any related cross border data transfers will be in compliance with applicable law.

-Affiliates
+Affiliates #

 We enable access to personal data across our subsidiaries, affiliates, and related companies, for example, where we share common data systems, when affiliates provide services on our behalf, or where access is needed to operate and provide the Service.

-For security purposes
+For security purposes #

 We will disclose personal data if we believe it is necessary to:

 protect our customers and others, for example to prevent spam or attempts to commit fraud, or to help prevent the loss of life or serious injury of anyone;
 operate and maintain the security of the Service, including to prevent or stop an attack on our systems or networks; or
 protect the rights or property or ourselves or others, including enforcing our agreements, terms, and policies.
-For legal disclosure
+For legal disclosure #

 GitHub may disclose personal data or other information we collect about you to law enforcement or other governmental agencies if required in response to a valid legal process. For more information about our disclosure in response to legal requests, see our Guidelines for Legal Requests of User Data.

-Change in control or sale
+Change in control or sale #

 We may share your personal data if we are involved in a merger, sale, or acquisition of corporate entities or business units as described in this Privacy Statement.

@@ -170,7 +170,7 @@ Please note that some of the features on our Service include integrations, refer

 Finally, we may share de-identified information in accordance with applicable law.

-Your choices regarding our processing of your personal data
+Your choices regarding our processing of your personal data #

 We provide choices about the personal data we collect about you. The choices you make will not apply to any personal data associated with an Organization under your Account.

@@ -184,11 +184,11 @@ You can adjust the settings on your Account regarding the display of your person

 Additionally, if you are unable to access certain personal data we have via the means described above, you can request access by contacting us as described at the bottom of this privacy statement.

-Data portability
+Data portability #

 As a GitHub User, you can always take your data with you. You can clone your repositories to your desktop, for example, or you can use our Data Portability tools to download information we have about you.

-Communication preferences
+Communication preferences #

 We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay. For example, if you contact our Support team with a request, we respond to you via email. You have control over how your email address is used and shared with other Users on and through our Service. You may manage your communication preferences in your profile's email settings.

@@ -198,8 +198,8 @@ Depending on your email settings, GitHub may occasionally send notification emai

 Please note that you cannot opt out of receiving important communications from us, such as emails from our Support team or system emails, but you can configure your notifications settings in your profile to opt out of other communications.

-Our use of cookies and tracking technologies
-Cookies and tracking technologies
+Our use of cookies and tracking technologies #
+Cookies and tracking technologies #

 GitHub uses cookies to provide, secure and improve our Service or to develop new features and functionality of our Service. For example, we use them to (i) keep you logged in, (ii) remember your preferences, (iii) identify your device for security and fraud purposes, including as needed to maintain the integrity of our Service, (iv) compile statistical reports, and (v) provide information and insight for future development of GitHub. We provide more information about cookies on GitHub that describes the cookies we set, the needs we have for those cookies, and the expiration of such cookies.

@@ -209,7 +209,7 @@ Our emails to users may contain a pixel tag, which is a small, clear image that

 The length of time a cookie will stay on your browser or device depends on whether it is a “persistent” or “session” cookie. Session cookies will only stay on your device until you stop browsing. Persistent cookies stay until they expire or are deleted. The expiration time or retention period applicable to persistent cookies depends on the purpose of the cookie collection and tool used. You may be able to delete cookie data. For more information, see "GitHub Privacy Statement."

-What are cookies and similar technologies?
+What are cookies and similar technologies? #

 We use cookies and similar technologies, such as web beacons, local storage, and mobile analytics, to operate and provide our Services. When visiting Enterprise Marketing Pages, like resources.github.com, these and additional cookies, like advertising IDs, may be used for sales and marketing purposes.

@@ -221,7 +221,7 @@ Mobile identifiers for analytics can be accessed and used by apps on mobile devi

 We may also use so-called “flash cookies” (also known as “Local Shared Objects” or “LSOs”) to collect and store information about your use of our Services. Flash cookies are commonly used for advertisements and videos.

-How do we and our partners use cookies and similar technologies?
+How do we and our partners use cookies and similar technologies? #

 The GitHub Services use cookies and similar technologies for a variety of purposes, including to store your preferences and settings, enable you to sign-in, analyze how our Services perform, track your interaction with the Services, develop inferences, combat fraud, and fulfill other legitimate purposes. Some of these cookies and technologies may be provided by third parties, including service providers and advertising partners. For example, our analytics and advertising partners may use these technologies in our Services to collect personal information (such as the pages you visit, the links you click on, and similar usage information, identifiers, and device information) related to your online activities over time and across Services for various purposes, including targeted advertising. GitHub will place non-essential cookies on pages where we market products and services to enterprise customers, for example, on resources.github.com.

@@ -234,7 +234,7 @@ Required Cookies    GitHub uses required cookies to perform essential website funct
 Analytics  We allow third parties to use analytics cookies to understand how you use our websites so we can make them better. For example, cookies are used to gather information about the pages you visit and how many clicks you need to accomplish a task. We also use some analytics cookies to provide personalized advertising.
 Social Media   GitHub and third parties use social media cookies to show you ads and content based on your social media profiles and activity on GitHub’s websites. This ensures that the ads and content you see on our websites and on social media will better reflect your interests. This also enables third parties to develop and improve their products, which they may use on websites that are not owned or operated by GitHub.
 Advertising    In addition, GitHub and third parties use advertising cookies to show you new ads based on ads you've already seen. Cookies also track which ads you click or purchases you make after clicking an ad. This is done both for payment purposes and to show you ads that are more relevant to you. For example, cookies are used to detect when you click an ad and to show you ads based on your social media interests and website browsing history.
-What are your cookie choices and controls?
+What are your cookie choices and controls? #

 You have several options to disable non-essential cookies:

@@ -258,11 +258,11 @@ Europe: European Digital Advertising Alliance

 These choices are specific to the browser you are using. If you access our Services from other devices or browsers, take these actions from those systems to ensure your choices apply to the data collected when you use those systems.

-Retention of personal data
+Retention of personal data #

 We retain personal data for as long as necessary to provide the services and fulfill the transactions you have requested, comply with our legal obligations, resolve disputes, enforce our agreements, and other legitimate and lawful business purposes. Because these needs can vary for different data types in the context of different services, actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the data, the availability of automated controls that enable users to delete data, and our legal or contractual obligations. For example, we may retain your personal data for longer periods, where necessary, subject to applicable law, for security purposes.

-How GitHub secures your information
+How GitHub secures your information #

 GitHub takes reasonable measures necessary to protect your personal data from unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of your personal data. To help us protect personal data, we request that you use a strong password and never share your password with anyone or use the same password with other sites or accounts.

@@ -277,13 +277,13 @@ or with your consent.

 GitHub will provide notice regarding private repository access where not prohibited by law or if in response to a security threat or other risk to security.

-Cross-border data transfers
+Cross-border data transfers #

 GitHub may store and process your personal data in your region, in the United States, and in any other country where GitHub or its affiliates, subsidiaries, or service providers operate facilities.

 We transfer personal data from the European Union, the United Kingdom, and Switzerland to other countries, some of which have not yet been determined by the European Commission to have an adequate level of data protection. For example, their laws may not guarantee you the same rights, or there may not be a privacy supervisory authority there that is capable of addressing your complaints. When we engage in such transfers, we use a variety of legal mechanisms, including contracts, such as the standard contractual clauses published by the European Commission under Commission Implementing Decision 2021/914, to help protect your rights and enable these protections to travel with your data. You may request a copy of the Standard Contractual Clauses using the contact details provided in the section entitled “Contacting GitHub” below.

-How to Contact Us
+How to Contact Us #

 If you have a privacy inquiry or concerns about the way GitHub is handling your personal data, please let us know immediately. We want to help. You may contact us by filling out the Privacy contact form. We will respond promptly.

@@ -308,35 +308,35 @@ CC: GitHub BV, Vijzelstraat 68-72, 1017 HL Amsterdam, The Netherlands

 Privacy contact form

-Dispute resolution process
+Dispute resolution process #

 In the unlikely event that a dispute arises between you and GitHub regarding our handling of your personal data, please email us directly at (privacy [at] github [dot] com) with the subject line "Privacy Concerns". We will respond promptly and do our best to resolve the dispute. Additionally, you may have the right to file a complaint with your local data protection or privacy agency or supervisory authority.

-Changes to our Privacy Statement
+Changes to our Privacy Statement #

 GitHub may change this Privacy Statement from time to time for a variety of reasons, including to comply with new laws and regulations, to cover new features and functionality, and to increase transparency. We will provide notice of material changes to this Privacy Statement through our Website at least 30 days prior to the change taking effect by posting a notice on our home page or sending email to the primary email address specified in your GitHub account. We will also update our Site Policy repository, which tracks all changes to this policy. For other changes to this Privacy Statement, we encourage Users to watch or to check our Site Policy repository frequently. To learn how to watch a repository, see "Configuring notifications."

-License
+License #

 This Privacy Statement is licensed under this Creative Commons Zero license. For details, see our site-policy repository.

-Contacting GitHub
+Contacting GitHub #

 Questions regarding GitHub's Privacy Statement or information practices should be directed to our Privacy contact form.

-Translations
+Translations #

 Below are translations of this document into other languages. In the event of any conflict, uncertainty, or apparent inconsistency between any of those versions and the English version, this English version is the controlling version.

-French
+French #

 Cliquez ici pour obtenir la version française: Déclaration de confidentialité de GitHub (PDF)

-Other translations
+Other translations #

 For translations of this statement into other languages, please visit https://docs.github.com/ and select a language from the drop-down menu under “English.”

-European Data Protection Rights Notice
+European Data Protection Rights Notice #

 If you are in the European Economic Area, we process your personal data in accordance with applicable laws, and the processing of personal data about you is subject to European Union data protection law, you have certain rights with respect to that data:

@@ -346,7 +346,7 @@ To make such requests, please use the contact information at the bottom of this

 We rely on different lawful bases for collecting and processing personal data about you, for example, with your consent and/or as necessary to provide the services you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfill other legitimate interests.

-U.S. State Data Privacy
+U.S. State Data Privacy #

 If you are a U.S. resident, we process your personal data in accordance with applicable U.S. state data privacy laws, including the California Consumer Privacy Act (CCPA). This section of our Privacy Statement contains information required by the CCPA and other U.S. state data privacy laws and supplements our Privacy Statement.

@@ -371,7 +371,7 @@ Additionally, under California Civil Code section 1798.83, also known as the “

 California residents under the age of 18 who are registered users of online sites, services, or applications have a right under California Business and Professions Code Section 22581 to remove, or request and obtain removal of, content or information they have publicly posted. To remove content or information you have publicly posted, please submit a Private Information Removal request. Alternatively, to request that we remove such content or information, please send a detailed description of the specific content or information you wish to have removed to GitHub support. Please be aware that your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances. If you have any questions about our privacy practices with respect to California residents, please contact us via our contact form.

-Our handling of personal information
+Our handling of personal information #

 The table below contains information about the categories of personal information we collect, our purposes of processing, and the categories of third-party recipients with whom we share the personal information. Please see the GitHub Privacy Statement for full details, including a description of the data included in each category.
milonmaze commented 1 year ago

e29b5d9606ec34a613f42357fbb2054ee5bc5d92: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2023-05-05

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index f3da129c..3bb6b3f6 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -340,7 +340,7 @@ European Data Protection Rights Notice #

 If you are in the European Economic Area, we process your personal data in accordance with applicable laws, and the processing of personal data about you is subject to European Union data protection law, you have certain rights with respect to that data:

-You can request access to, and rectification or erasure of, personal data; If any automated processing of personal data is based on your consent or a contract with you, you have a right to transfer or receive a copy of the personal data in a usable and portable format; If the processing of personal data is based on your consent, you can withdraw consent at any time for future processing; You can to object to, or obtain a restriction of, the processing of personal data under certain circumstances; and fFor residents of France, you can send us specific instructions regarding the use of your data after your death.
+You can request access to, and rectification or erasure of, personal data; If any automated processing of personal data is based on your consent or a contract with you, you have a right to transfer or receive a copy of the personal data in a usable and portable format; If the processing of personal data is based on your consent, you can withdraw consent at any time for future processing; You can to object to, or obtain a restriction of, the processing of personal data under certain circumstances; and for residents of France, you can send us specific instructions regarding the use of your data after your death.

 To make such requests, please use the contact information at the bottom of this statement. When we are processing data on behalf of another party (i.e., where GitHub is acting as a data processor) you should direct your request to that party. You also have the right to lodge a complaint with a supervisory authority, but we encourage you to first contact us with any questions or concerns.
milonmaze commented 1 year ago

6146838ffa8113d6166dd6ccfd73f5a89bae2d9a: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2023-05-10

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 3bb6b3f6..3fa8f783 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -8,13 +8,13 @@ Thanks for entrusting GitHub, Inc. or GitHub B.V. (“GitHub”, “we”, "us"

 All capitalized terms have their definition in GitHub’s Terms of Service, unless otherwise noted here.

-The short version #
+The short version

 We use your personal information as this Privacy Statement describes. No matter where you are, where you live, or what your citizenship is, you have the same high standard of privacy protection when using GitHub's products as all our users around the world, regardless of their country of origin or location.

 To see our Privacy Notice for U.S. Residents, please go to GitHub's Notice about U.S. State Data Privacy or scroll down.

-Summary #
+Summary
 Section    What can you find there?
 Who is responsible for the processing of your information  Subject to limited exceptions, GitHub is the controller and entity responsible for the processing of your personal data in connection with the Website or Service if you are in North America. For individuals outside North America the data controller is GitHub B.V.
 What information GitHub collects   GitHub collects information directly from you for your registration, payment, transactions, and user profile. We also automatically collect from you your usage information, cookies, and device information, subject, where necessary, to your consent. GitHub may also collect personal data from third parties. We only collect the minimum amount of personal data necessary to provide innovative services and personalized experiences, unless you choose to provide more.
@@ -33,66 +33,66 @@ Changes to our Privacy Statement    We notify you of material changes to this Priva
 License    This Privacy Statement is licensed under the Creative Commons Zero license.
 Contacting GitHub  Please feel free to contact us if you have questions about our Privacy Statement.
 Translations   We provide links to some translations of the Privacy Statement.
-GitHub Privacy Statement #
-Who is responsible for the processing of your information? #
+GitHub Privacy Statement
+Who is responsible for the processing of your information?

 The data controller of your personal data is GitHub, Inc. For individuals outside North America, the data controller is GitHub B.V.

 This privacy statement does not apply to personal data we process as a service provider or data processor on behalf of our enterprise customers. Our data processing activities as service provider or data processor is governed by our Data Protection Agreement. If you are an end-user of one of those organizations, such as an employee or student, you should read that organization’s privacy statement and direct any privacy inquiries to that organization.

-GitHub acting on your behalf #
+GitHub acting on your behalf

 In some cases, GitHub is acting only on your behalf for the personal data we collect and process in connection with our Service (for example, for the personal data added to a repository by the contributors to such repository). In such cases, GitHub will only process the data in order to provide, protect, and improve Service. Please note that subject to our Private Information Removal Policy contributors’ requests to remove personal data generally require notice to and action from the repository owner.

-What information GitHub collects #
+What information GitHub collects

 The personal data we collect depends on how you interact with us, the services you use, and the choices you make. We collect information about you from different sources and in various ways when you use our Service, including information you provide directly, information collected automatically, third-party data sources, and data we infer or generate from other data.

-Information users provide directly to GitHub #
+Information users provide directly to GitHub

 We collect personal data you provide to us. For example:

-Registration information #
+Registration information

 We collect information such as your name and contact data, including username and email address, and credentials such as your password, during account creation.

-Demographic information #
+Demographic information

 In some cases, we request that you provide age, gender, and similar demographic details.

-Payment and billing information #
+Payment and billing information

 If you make a purchase or other financial transaction, we collect credit card numbers, financial account information, and other payment details.

-Content and files #
+Content and files

 We collect any code, text, photographs, documents, or other files, including videos or recordings, you upload to our Service; and if you send us email messages or other communications, we collect and retain those communications. For example, you may choose to give us more information for your Account profile, such as your full name, an avatar which may include a photograph, your biography, your location, your company, and a URL to a third-party website. Please note that your profile information may be visible to other Users of our Service.

-Feedback and ratings #
+Feedback and ratings

 We collect any feedback or ratings you provide, including through written communications and via surveys.

-Information GitHub automatically collects #
+Information GitHub automatically collects

 When you visit or use our Service, we collect some information automatically. For example:

-Transaction information, Subscription and licensing data #
+Transaction information, Subscription and licensing data

 If you have a paid Account or subscription with us, or make a purchase or sale using our Service, we automatically collect certain information about your transactions on the Service, such as your full name, address, region, state, country, zip code, the date, time, and amount charged.

-Usage information and Interactions #
+Usage information and Interactions

 If you're accessing or using our Service, we may automatically collect information about how you use and how your device interacts with the Service, such as the pages you view, the referring site, your IP address and information about your device, session information, the date and time of each request, device type and ID, operation system and application version, information contained in or relating to your contributions to individual repositories, and telemetry data (i.e., information about how a specific feature or service is performing) regarding your use of other features and functionality of the Service. As further described below, we automatically collect usage information and interaction data using cookies (which may use a cookie ID), depending on your settings or preferences, in connection with our Service.

-Geolocation information #
+Geolocation information

 In connection with certain features and depending on the functionality of the Service, we collect geolocation information such as through IP addresses or the location information you choose to provide in your Account profile.

-Information we create or generate #
+Information we create or generate

 We infer new information from other data we collect, including using automated means to generate information about your likely preferences or other characteristics (“inferences”). For example, we infer your general geographic location (such as city, state, and country) based on your IP address.

-Information we collect from third parties #
+Information we collect from third parties

 Other companies with whom you choose to engage. GitHub may collect personal data about you from third parties. For example, this may happen if you sign up for training or to receive information about GitHub from one of our vendors, partners, or affiliates. GitHub does not purchase personal data from third-party data brokers.

@@ -106,7 +106,7 @@ Publicly available sources. We may also obtain information from publicly availab

 When you are asked to provide personal data, you may decline. And you may use web browser or operating system controls to prevent certain types of automatic data collection. But if you choose not to provide or allow information that is necessary for certain services or features, those services or features may not be available or fully functional.

-How GitHub uses your information #
+How GitHub uses your information

 We may use your information to provide, administer, analyze, manage, and operate our Service. For example, we use your information for the following purposes:

@@ -121,48 +121,48 @@ Send you information, including confirmations, invoices, technical notices, upda

 We combine data we collect from different sources for these purposes and to give you a more seamless, consistent, and personalized experience.

-How we share the information we collect #
+How we share the information we collect

 We share personal data as described below, including with your consent or as necessary to complete your transactions or provide the services you have requested or authorized. In addition, we may share each of the categories of your personal data described above with the types of third parties described below for the following business purposes:

-Public information #
+Public information

 You may select options available through our Service to publicly display and share your name and/or username and certain other information, such as your profile, demographic data, content and files, or geolocation data. For example, if you would like your email address to remain private, even when you’re commenting on public repositories, you can adjust your setting for your email address to be private in your user profile. You can also update your local Git configuration to use your private email address. For more information, see "Setting your commit email address."

 Please note that if you would like to compile GitHub data, you must comply with our Terms of Service regarding information usage and privacy, and you may only use any public-facing information you gather for the purpose for which our user authorized it. For example, where a GitHub user has made an email address public-facing for the purpose of identification and attribution, do not use that email address for the purposes of sending unsolicited emails to users or selling personal information, such as to recruiters, headhunters, and job boards, or for commercial advertising. We expect you to reasonably secure information you have gathered from GitHub, and to respond promptly to complaints, removal requests, and "do not contact" requests from GitHub or GitHub users.

-Third-party applications #
+Third-party applications

 We share your personal data with third party applications when you tell us to do so. For example, if you purchase an application listed on our Marketplace, we share your username to allow the application developer to provide you with services. You can enable or add third-party applications, known as "Developer Products," to your Account. These Developer Products are not necessary for your use of GitHub. We will share your personal data with such third-party applications when you ask us to; however, you are responsible for your use of the third-party Developer Products and for the amount of personal data you choose to share with it. You can check our API documentation to see what information is provided when you authenticate into a Developer Product using your GitHub profile.

-Organizations with which you engage #
+Organizations with which you engage

 You may indicate, through your actions on GitHub, that you are willing to share your personal data with Organizations, as defined in GitHub’s Terms of Service, who also use the Services. If you collaborate on or become a member of an Organization, then its Account owners may receive your personal data, for example by having the ability to view your activity in the Organization’s access log.

 When you accept an invitation to an Organization, you will be notified of the types of information owners may be able to see (for more information, see About Organization Membership). Please contact the Account owners for more information about how they might process your personal data in their Organization and the ways for you to access, update, alter, or delete your personal data stored in the Account.

-Service providers #
+Service providers

 We share your personal data with service providers who process the information on our behalf to provide or improve our Service. For example, our service providers may perform payment processing, customer support ticketing, network data transmission, web analytics, marketing operations, security, online advertising, and other similar services. Our service providers may process data in your region, in the United States, or in any other country where they operate facilities.

 Such processing by service providers and any related cross border data transfers will be in compliance with applicable law.

-Affiliates #
+Affiliates

 We enable access to personal data across our subsidiaries, affiliates, and related companies, for example, where we share common data systems, when affiliates provide services on our behalf, or where access is needed to operate and provide the Service.

-For security purposes #
+For security purposes

 We will disclose personal data if we believe it is necessary to:

 protect our customers and others, for example to prevent spam or attempts to commit fraud, or to help prevent the loss of life or serious injury of anyone;
 operate and maintain the security of the Service, including to prevent or stop an attack on our systems or networks; or
 protect the rights or property or ourselves or others, including enforcing our agreements, terms, and policies.
-For legal disclosure #
+For legal disclosure

 GitHub may disclose personal data or other information we collect about you to law enforcement or other governmental agencies if required in response to a valid legal process. For more information about our disclosure in response to legal requests, see our Guidelines for Legal Requests of User Data.

-Change in control or sale #
+Change in control or sale

 We may share your personal data if we are involved in a merger, sale, or acquisition of corporate entities or business units as described in this Privacy Statement.

@@ -170,7 +170,7 @@ Please note that some of the features on our Service include integrations, refer

 Finally, we may share de-identified information in accordance with applicable law.

-Your choices regarding our processing of your personal data #
+Your choices regarding our processing of your personal data

 We provide choices about the personal data we collect about you. The choices you make will not apply to any personal data associated with an Organization under your Account.

@@ -184,11 +184,11 @@ You can adjust the settings on your Account regarding the display of your person

 Additionally, if you are unable to access certain personal data we have via the means described above, you can request access by contacting us as described at the bottom of this privacy statement.

-Data portability #
+Data portability

 As a GitHub User, you can always take your data with you. You can clone your repositories to your desktop, for example, or you can use our Data Portability tools to download information we have about you.

-Communication preferences #
+Communication preferences

 We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay. For example, if you contact our Support team with a request, we respond to you via email. You have control over how your email address is used and shared with other Users on and through our Service. You may manage your communication preferences in your profile's email settings.

@@ -198,8 +198,8 @@ Depending on your email settings, GitHub may occasionally send notification emai

 Please note that you cannot opt out of receiving important communications from us, such as emails from our Support team or system emails, but you can configure your notifications settings in your profile to opt out of other communications.

-Our use of cookies and tracking technologies #
-Cookies and tracking technologies #
+Our use of cookies and tracking technologies
+Cookies and tracking technologies

 GitHub uses cookies to provide, secure and improve our Service or to develop new features and functionality of our Service. For example, we use them to (i) keep you logged in, (ii) remember your preferences, (iii) identify your device for security and fraud purposes, including as needed to maintain the integrity of our Service, (iv) compile statistical reports, and (v) provide information and insight for future development of GitHub. We provide more information about cookies on GitHub that describes the cookies we set, the needs we have for those cookies, and the expiration of such cookies.

@@ -209,7 +209,7 @@ Our emails to users may contain a pixel tag, which is a small, clear image that

 The length of time a cookie will stay on your browser or device depends on whether it is a “persistent” or “session” cookie. Session cookies will only stay on your device until you stop browsing. Persistent cookies stay until they expire or are deleted. The expiration time or retention period applicable to persistent cookies depends on the purpose of the cookie collection and tool used. You may be able to delete cookie data. For more information, see "GitHub Privacy Statement."

-What are cookies and similar technologies? #
+What are cookies and similar technologies?

 We use cookies and similar technologies, such as web beacons, local storage, and mobile analytics, to operate and provide our Services. When visiting Enterprise Marketing Pages, like resources.github.com, these and additional cookies, like advertising IDs, may be used for sales and marketing purposes.

@@ -221,7 +221,7 @@ Mobile identifiers for analytics can be accessed and used by apps on mobile devi

 We may also use so-called “flash cookies” (also known as “Local Shared Objects” or “LSOs”) to collect and store information about your use of our Services. Flash cookies are commonly used for advertisements and videos.

-How do we and our partners use cookies and similar technologies? #
+How do we and our partners use cookies and similar technologies?

 The GitHub Services use cookies and similar technologies for a variety of purposes, including to store your preferences and settings, enable you to sign-in, analyze how our Services perform, track your interaction with the Services, develop inferences, combat fraud, and fulfill other legitimate purposes. Some of these cookies and technologies may be provided by third parties, including service providers and advertising partners. For example, our analytics and advertising partners may use these technologies in our Services to collect personal information (such as the pages you visit, the links you click on, and similar usage information, identifiers, and device information) related to your online activities over time and across Services for various purposes, including targeted advertising. GitHub will place non-essential cookies on pages where we market products and services to enterprise customers, for example, on resources.github.com.

@@ -234,7 +234,7 @@ Required Cookies    GitHub uses required cookies to perform essential website funct
 Analytics  We allow third parties to use analytics cookies to understand how you use our websites so we can make them better. For example, cookies are used to gather information about the pages you visit and how many clicks you need to accomplish a task. We also use some analytics cookies to provide personalized advertising.
 Social Media   GitHub and third parties use social media cookies to show you ads and content based on your social media profiles and activity on GitHub’s websites. This ensures that the ads and content you see on our websites and on social media will better reflect your interests. This also enables third parties to develop and improve their products, which they may use on websites that are not owned or operated by GitHub.
 Advertising    In addition, GitHub and third parties use advertising cookies to show you new ads based on ads you've already seen. Cookies also track which ads you click or purchases you make after clicking an ad. This is done both for payment purposes and to show you ads that are more relevant to you. For example, cookies are used to detect when you click an ad and to show you ads based on your social media interests and website browsing history.
-What are your cookie choices and controls? #
+What are your cookie choices and controls?

 You have several options to disable non-essential cookies:

@@ -258,11 +258,11 @@ Europe: European Digital Advertising Alliance

 These choices are specific to the browser you are using. If you access our Services from other devices or browsers, take these actions from those systems to ensure your choices apply to the data collected when you use those systems.

-Retention of personal data #
+Retention of personal data

 We retain personal data for as long as necessary to provide the services and fulfill the transactions you have requested, comply with our legal obligations, resolve disputes, enforce our agreements, and other legitimate and lawful business purposes. Because these needs can vary for different data types in the context of different services, actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the data, the availability of automated controls that enable users to delete data, and our legal or contractual obligations. For example, we may retain your personal data for longer periods, where necessary, subject to applicable law, for security purposes.

-How GitHub secures your information #
+How GitHub secures your information

 GitHub takes reasonable measures necessary to protect your personal data from unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of your personal data. To help us protect personal data, we request that you use a strong password and never share your password with anyone or use the same password with other sites or accounts.

@@ -277,13 +277,13 @@ or with your consent.

 GitHub will provide notice regarding private repository access where not prohibited by law or if in response to a security threat or other risk to security.

-Cross-border data transfers #
+Cross-border data transfers

 GitHub may store and process your personal data in your region, in the United States, and in any other country where GitHub or its affiliates, subsidiaries, or service providers operate facilities.

 We transfer personal data from the European Union, the United Kingdom, and Switzerland to other countries, some of which have not yet been determined by the European Commission to have an adequate level of data protection. For example, their laws may not guarantee you the same rights, or there may not be a privacy supervisory authority there that is capable of addressing your complaints. When we engage in such transfers, we use a variety of legal mechanisms, including contracts, such as the standard contractual clauses published by the European Commission under Commission Implementing Decision 2021/914, to help protect your rights and enable these protections to travel with your data. You may request a copy of the Standard Contractual Clauses using the contact details provided in the section entitled “Contacting GitHub” below.

-How to Contact Us #
+How to Contact Us

 If you have a privacy inquiry or concerns about the way GitHub is handling your personal data, please let us know immediately. We want to help. You may contact us by filling out the Privacy contact form. We will respond promptly.

@@ -308,35 +308,35 @@ CC: GitHub BV, Vijzelstraat 68-72, 1017 HL Amsterdam, The Netherlands

 Privacy contact form

-Dispute resolution process #
+Dispute resolution process

 In the unlikely event that a dispute arises between you and GitHub regarding our handling of your personal data, please email us directly at (privacy [at] github [dot] com) with the subject line "Privacy Concerns". We will respond promptly and do our best to resolve the dispute. Additionally, you may have the right to file a complaint with your local data protection or privacy agency or supervisory authority.

-Changes to our Privacy Statement #
+Changes to our Privacy Statement

 GitHub may change this Privacy Statement from time to time for a variety of reasons, including to comply with new laws and regulations, to cover new features and functionality, and to increase transparency. We will provide notice of material changes to this Privacy Statement through our Website at least 30 days prior to the change taking effect by posting a notice on our home page or sending email to the primary email address specified in your GitHub account. We will also update our Site Policy repository, which tracks all changes to this policy. For other changes to this Privacy Statement, we encourage Users to watch or to check our Site Policy repository frequently. To learn how to watch a repository, see "Configuring notifications."

-License #
+License

 This Privacy Statement is licensed under this Creative Commons Zero license. For details, see our site-policy repository.

-Contacting GitHub #
+Contacting GitHub

 Questions regarding GitHub's Privacy Statement or information practices should be directed to our Privacy contact form.

-Translations #
+Translations

 Below are translations of this document into other languages. In the event of any conflict, uncertainty, or apparent inconsistency between any of those versions and the English version, this English version is the controlling version.

-French #
+French

 Cliquez ici pour obtenir la version française: Déclaration de confidentialité de GitHub (PDF)

-Other translations #
+Other translations

 For translations of this statement into other languages, please visit https://docs.github.com/ and select a language from the drop-down menu under “English.”

-European Data Protection Rights Notice #
+European Data Protection Rights Notice

 If you are in the European Economic Area, we process your personal data in accordance with applicable laws, and the processing of personal data about you is subject to European Union data protection law, you have certain rights with respect to that data:

@@ -346,7 +346,7 @@ To make such requests, please use the contact information at the bottom of this

 We rely on different lawful bases for collecting and processing personal data about you, for example, with your consent and/or as necessary to provide the services you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfill other legitimate interests.

-U.S. State Data Privacy #
+U.S. State Data Privacy

 If you are a U.S. resident, we process your personal data in accordance with applicable U.S. state data privacy laws, including the California Consumer Privacy Act (CCPA). This section of our Privacy Statement contains information required by the CCPA and other U.S. state data privacy laws and supplements our Privacy Statement.

@@ -371,7 +371,7 @@ Additionally, under California Civil Code section 1798.83, also known as the “

 California residents under the age of 18 who are registered users of online sites, services, or applications have a right under California Business and Professions Code Section 22581 to remove, or request and obtain removal of, content or information they have publicly posted. To remove content or information you have publicly posted, please submit a Private Information Removal request. Alternatively, to request that we remove such content or information, please send a detailed description of the specific content or information you wish to have removed to GitHub support. Please be aware that your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances. If you have any questions about our privacy practices with respect to California residents, please contact us via our contact form.

-Our handling of personal information #
+Our handling of personal information

 The table below contains information about the categories of personal information we collect, our purposes of processing, and the categories of third-party recipients with whom we share the personal information. Please see the GitHub Privacy Statement for full details, including a description of the data included in each category.
milonmaze commented 1 year ago

78cb7d43981bcd4ca158f3a2c2d53dfcdf78c38d: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2023-08-25

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 3fa8f783..64e06aae 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -287,7 +287,7 @@ How to Contact Us

 If you have a privacy inquiry or concerns about the way GitHub is handling your personal data, please let us know immediately. We want to help. You may contact us by filling out the Privacy contact form. We will respond promptly.

-Our addresses are:
+Our address is:

 GitHub Privacy Team

@@ -298,16 +298,6 @@ United States

 Privacy contact form

-GitHub Data Protection Officer
-
-c/o DP Dock DPO Services GmbH,
-Attn: GitHub BV, Gut Projensdorf,
-24161 Altenholz, Germany
-
-CC: GitHub BV, Vijzelstraat 68-72, 1017 HL Amsterdam, The Netherlands
-
-Privacy contact form
-
 Dispute resolution process

 In the unlikely event that a dispute arises between you and GitHub regarding our handling of your personal data, please email us directly at (privacy [at] github [dot] com) with the subject line "Privacy Concerns". We will respond promptly and do our best to resolve the dispute. Additionally, you may have the right to file a complaint with your local data protection or privacy agency or supervisory authority.
milonmaze commented 1 year ago

4885106a163f5331ee5bad932fddc251e64af172: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2023-09-27

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 64e06aae..c0e33fc0 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -400,4 +400,6 @@ Disclosures of personal data for business or commercial purposes. As indicated i

 Parties that control collection of personal data. In certain situations, we may allow a third party to control the collection of your personal data. For example, on our Enterprise Marketing Pages, advertisers may be the controllers of information they collect through their cookies.

-We use the categories of personal information described above for the purposes listed in the "GitHub Privacy Statement" section of our Privacy Statement. We also disclose the categories of personal information listed above for business purposes. Please see the "GitHub Privacy Statement" section of our Privacy Statement for additional details.
\ No newline at end of file
+We use the categories of personal information described above for the purposes listed in the "GitHub Privacy Statement" section of our Privacy Statement. We also disclose the categories of personal information listed above for business purposes. Please see the "GitHub Privacy Statement" section of our Privacy Statement for additional details.
+
+Press alt+up to activate
\ No newline at end of file
milonmaze commented 1 year ago

29a657272253d7e63cb41b52748534c8c5417e06: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2023-10-15

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index c0e33fc0..77f2e316 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -2,7 +2,7 @@ Skip to main content
 GitHub Privacy Statement
 In this article

-Effective date: December 15, 2022
+Effective date: October 10, 2023

 Thanks for entrusting GitHub, Inc. or GitHub B.V. (“GitHub”, “we”, "us" or "our") with your source code, your projects, and your personal data. This Privacy Statement explains our practices regarding the collection, use, and disclosure of your data, including any personal data we collect and process in connection with our website and any applications, software, products, and services provided by GitHub, including any Beta Previews (collectively, the “Service(s)”).

@@ -127,7 +127,7 @@ We share personal data as described below, including with your consent or as nec

 Public information

-You may select options available through our Service to publicly display and share your name and/or username and certain other information, such as your profile, demographic data, content and files, or geolocation data. For example, if you would like your email address to remain private, even when you’re commenting on public repositories, you can adjust your setting for your email address to be private in your user profile. You can also update your local Git configuration to use your private email address. For more information, see "Setting your commit email address."
+You may select options available through our Service to publicly display and share your name and/or username and certain other information, such as your profile, demographic data, content and files, or geolocation data. For example, if you would like your email address to remain private, even when you’re commenting on public repositories, you can adjust your setting for your email address to be private in your user profile. You can also update your local Git configuration to use your private email address.

 Please note that if you would like to compile GitHub data, you must comply with our Terms of Service regarding information usage and privacy, and you may only use any public-facing information you gather for the purpose for which our user authorized it. For example, where a GitHub user has made an email address public-facing for the purpose of identification and attribution, do not use that email address for the purposes of sending unsolicited emails to users or selling personal information, such as to recruiters, headhunters, and job boards, or for commercial advertising. We expect you to reasonably secure information you have gathered from GitHub, and to respond promptly to complaints, removal requests, and "do not contact" requests from GitHub or GitHub users.

@@ -151,6 +151,8 @@ Affiliates

 We enable access to personal data across our subsidiaries, affiliates, and related companies, for example, where we share common data systems, when affiliates provide services on our behalf, or where access is needed to operate and provide the Service.

+GitHub has the responsibility for the processing of personal information it receives under the Data Privacy Framework (DPF) Principles and subsequently transfers to a third party acting as an agent on GitHub’s behalf. GitHub shall remain liable under the DPF Principles if its agent processes such personal information in a manner inconsistent with the DPF Principles, unless the organization proves that it is not responsible for the event giving rise to the damage.
+
 For security purposes

 We will disclose personal data if we believe it is necessary to:
@@ -278,10 +280,13 @@ or with your consent.
 GitHub will provide notice regarding private repository access where not prohibited by law or if in response to a security threat or other risk to security.

 Cross-border data transfers
+Data Privacy Framework (DPF)
+
+GitHub complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. GitHub has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. GitHub has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

 GitHub may store and process your personal data in your region, in the United States, and in any other country where GitHub or its affiliates, subsidiaries, or service providers operate facilities.

-We transfer personal data from the European Union, the United Kingdom, and Switzerland to other countries, some of which have not yet been determined by the European Commission to have an adequate level of data protection. For example, their laws may not guarantee you the same rights, or there may not be a privacy supervisory authority there that is capable of addressing your complaints. When we engage in such transfers, we use a variety of legal mechanisms, including contracts, such as the standard contractual clauses published by the European Commission under Commission Implementing Decision 2021/914, to help protect your rights and enable these protections to travel with your data. You may request a copy of the Standard Contractual Clauses using the contact details provided in the section entitled “Contacting GitHub” below.
+We transfer personal data from the European Union, the United Kingdom, and Switzerland to other countries, some of which have not yet been determined by the European Commission to have an adequate level of data protection. For example, their laws may not guarantee you the same rights, or there may not be a privacy supervisory authority there that is capable of addressing your complaints. When we engage in such transfers, we use a variety of legal mechanisms, including contracts, such as the standard contractual clauses published by the European Commission under Commission Implementing Decision 2021/914, to help protect your rights and enable these protections to travel with your data. To learn more about the European Commission’s decisions on the adequacy of the protection of personal data in the countries where Microsoft processes personal data, see this article on the European Commission website. You may view a copy of the Standard Contractual Clauses on the GitHub Customer Agreements website under the GitHub Data Protection Agreement.

 How to Contact Us

@@ -300,7 +305,17 @@ Privacy contact form

 Dispute resolution process

-In the unlikely event that a dispute arises between you and GitHub regarding our handling of your personal data, please email us directly at (privacy [at] github [dot] com) with the subject line "Privacy Concerns". We will respond promptly and do our best to resolve the dispute. Additionally, you may have the right to file a complaint with your local data protection or privacy agency or supervisory authority.
+In the unlikely event that a dispute arises between you and GitHub regarding our handling of your personal data, please email us directly at (privacy [at] github [dot] com) with the subject line "Privacy Concerns". We will respond promptly and do our best to resolve the dispute.
+
+Additionally, you may have the right to file a complaint with your local data protection or privacy agency or supervisory authority.
+
+In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, GitHub commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to the International Centre for Dispute Resolution, an alternative dispute resolution provider based in the United States, the European Union, the United Kingdom, and/or Switzerland (as applicable). If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://go.adr.org/dpf_irm.html for more information or to file a complaint. The services of the International Centre for Dispute Resolution are provided at no cost to you.
+
+An individual has the possibility, under certain conditions, to invoke binding arbitration for complaints regarding DPF compliance not resolved by any of the other DPF mechanisms. For additional information visit the Data Privacy Framework website.
+
+Government Enforcement
+
+GitHub is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). Under Section 5 of the Federal Trade Commission Act (15 U.S.C. § 45), an organization's failure to abide by commitments to implement the DPF Principles may be challenged as deceptive by the FTC. The FTC has the power to prohibit such misrepresentations through administrative orders or by seeking court orders.

 Changes to our Privacy Statement

@@ -392,14 +407,12 @@ To perform services to operate our business, such as maintaining accounts, provi
 To undertake activities to verify or maintain the quality or safety of, or improve, upgrade, or enhance a service or device owned or controlled by GitHub; and
 To conduct any other activities in accordance with applicable law.

-The charts above contain the primary sources, purposes of processing, and recipients for each category of personal data. We use the categories of personal information described above for the purposes listed in the "GitHub Privacy Statement" section of our Privacy Statement, such as meeting our legal obligations, improving our internal operations, and doing research. We also disclose the categories of personal information listed above for business or compliance purposes. Please see the "GitHub Privacy Statement" section of our Privacy Statement for additional details.
+The charts above contain the primary sources, purposes of processing, and recipients for each category of personal data. We use the categories of personal information described above for the purposes listed in the "How GitHub uses your information" section of our Privacy Statement, such as meeting our legal obligations, improving our internal operations, and doing research. We also disclose the categories of personal information listed above for business or compliance purposes. Please see the "How we share information we collect" section of our Privacy Statement for additional details.

 Not in a Position to Identify Data. In some situations GitHub may process data in a state called Not in a Position to Identify Data (NPI) or de-identified data. Data is in this state when we are not able to link data to an individual to whom such data may relate without taking additional steps. In those instances, and unless allowed under applicable law, we will maintain such information in an NPI state, and will not try to re-identify the individual to whom NPI data relates.

-Disclosures of personal data for business or commercial purposes. As indicated in the How We share the information we collect section, we share personal data with third parties for various business and commercial purposes. The primary business and commercial purposes for which we share personal data are the purposes of processing listed in the table above. We also disclose the categories of personal information listed above for business purposes. Please see the "GitHub Privacy Statement" section of our Privacy Statement for additional details.
+Disclosures of personal data for business or commercial purposes. As indicated in the How We share the information we collect section, we share personal data with third parties for various business and commercial purposes. The primary business and commercial purposes for which we share personal data are the purposes of processing listed in the table above. We also disclose the categories of personal information listed above for business purposes. Please see the "How we share the information we collect" section of our Privacy Statement for additional details.

 Parties that control collection of personal data. In certain situations, we may allow a third party to control the collection of your personal data. For example, on our Enterprise Marketing Pages, advertisers may be the controllers of information they collect through their cookies.

-We use the categories of personal information described above for the purposes listed in the "GitHub Privacy Statement" section of our Privacy Statement. We also disclose the categories of personal information listed above for business purposes. Please see the "GitHub Privacy Statement" section of our Privacy Statement for additional details.
-
 Press alt+up to activate
\ No newline at end of file
milonmaze commented 1 year ago

9464e65ec06c333cdcbb3e201f017485b1600014: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2023-10-18

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index 77f2e316..a4553b62 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -176,11 +176,11 @@ Your choices regarding our processing of your personal data

 We provide choices about the personal data we collect about you. The choices you make will not apply to any personal data associated with an Organization under your Account.

-Access, correction, and deletion. If you're a GitHub user, you may access, update, alter, or delete your basic user profile information by editing your user profile or contacting GitHub Support or GitHub Premium Support. You can control the information we collect about you by limiting what information is in your profile, by keeping your information current, by changing your cookie preferences, or by contacting GitHub Support or GitHub Premium Support.
+Access, correction, and deletion. If you're a GitHub user, you may access, update, alter, or delete your basic user profile information by editing your user profile or contacting us through the GitHub Support portal or GitHub Premium Support. You can control the information we collect about you by limiting what information is in your profile, by keeping your information current, by changing your cookie preferences, or by contacting us through the GitHub Support portal or GitHub Premium Support.

 We retain and use your information as described in this Privacy Statement, but barring legal requirements, we will delete your full profile within 90 days of your request. After an account has been deleted, certain data, such as contributions to other Users' repositories and comments in others' issues, will remain. However, we will delete or de-identify your personal data, including your username and email address, from the author field of issues, pull requests, and comments by associating them with a ghost user. That said, the email address you have provided via your Git commit settings will always be associated with your commits in the Git system. If you choose to make your email address private, you should also update your Git commit settings. We are unable to change or delete data in the Git commit history — the Git software is designed to maintain a record — but we do enable you to control what information you put in that record.

-If GitHub processes personal data other than your profile information, such as information about you GitHub receives from third parties, then you may, subject to applicable law, access, update, alter, delete, object to or restrict the processing of your personal data by contacting GitHub Support or GitHub Premium Support.
+If GitHub processes personal data other than your profile information, such as information about you GitHub receives from third parties, then you may, subject to applicable law, access, update, alter, delete, object to or restrict the processing of your personal data by contacting us through the GitHub Support portal or GitHub Premium Support.

 You can adjust the settings on your Account regarding the display of your personal data in private or public repositories or personal data processed in connection with Community Features (such as GitHub Feed, GitHub Sponsors, and GitHub Explore) through profile settings.

@@ -368,13 +368,13 @@ Please see Your choices regarding our processing of your personal data section o

 If you have a GitHub account, you must exercise your rights through the tools provided, which requires you to log in to your GitHub account. If you have an additional request or questions after logging in, you may contact GitHub at the address in the How to contact us section, including through our web form.

-If you do not have an account, you may exercise your rights by contacting us as described above. We may ask for additional information to validate your request before honoring the request. To submit a request based on these rights, you can also contact us via our contact form.
+If you do not have an account, you may exercise your rights by contacting us as described above. We may ask for additional information to validate your request before honoring the request. To submit a request based on these rights, you can also contact us through the GitHub Support portal.

 You may opt-out of “sharing” information for cross-contextual behavioral advertising purposes, and make additional privacy choices related to GitHub’s Enterprise Marketing pages by selecting Managing Your Cookie Preferences. You have a right not to receive discriminatory treatment if you exercise your privacy rights. We will not discriminate against you if you exercise your privacy rights.

 Additionally, under California Civil Code section 1798.83, also known as the “Shine the Light” law, California residents who have provided personal information to a business with which the individual has established a business relationship for personal, family, or household purposes (“California Customers”) may request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes. Please be aware that we do not disclose personal information to any third parties for their direct marketing purposes as defined by this law. California Customers may request further information about our compliance with this law by emailing (privacy [at] github [dot] com). Please note that businesses are required to respond to one request per California Customer each year and may not be required to respond to requests made by means other than through the designated email address.

-California residents under the age of 18 who are registered users of online sites, services, or applications have a right under California Business and Professions Code Section 22581 to remove, or request and obtain removal of, content or information they have publicly posted. To remove content or information you have publicly posted, please submit a Private Information Removal request. Alternatively, to request that we remove such content or information, please send a detailed description of the specific content or information you wish to have removed to GitHub support. Please be aware that your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances. If you have any questions about our privacy practices with respect to California residents, please contact us via our contact form.
+California residents under the age of 18 who are registered users of online sites, services, or applications have a right under California Business and Professions Code Section 22581 to remove, or request and obtain removal of, content or information they have publicly posted. To remove content or information you have publicly posted, please submit a Private Information Removal request. Alternatively, to request that we remove such content or information, please send a detailed description of the specific content or information you wish to have removed to GitHub support. Please be aware that your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances. If you have any questions about our privacy practices with respect to California residents, please contact us through the GitHub Support portal.

 Our handling of personal information
milonmaze commented 11 months ago

431fbb71ee95e115d36ce63463a1dad1bcc127a9: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2023-12-06

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index a4553b62..d294e4f9 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -390,7 +390,7 @@ Transaction information, subscription and licensing data    Users and customers Pro
 Usage information and Interactions Users, customers, website visitors  Provide and personalize our Services; product improvement and development; marketing; and help, secure and troubleshoot Service providers and user-directed entities
 Geolocation information    Users, customers, website visitors  Provide and personalize our Services; product improvement and development; marketing; and help, secure and troubleshoot Service providers and user-directed entities

-Categories of Sensitive Data. We may collect, process, or disclose certain personal data that qualifies as “sensitive data” under applicable U.S. state data privacy laws. For example, this data may be collected if you participate in a survey, share it in your account profile, or are engaged in certain community-focused repos. Sensitive data is a subset of personal data. In the list below, we outline the categories of sensitive data we collect, the sources of the sensitive data, our purposes of processing, and the categories of third-party recipients with whom we share the sensitive data. Please see the "What information GitHub collects" section for more information about the sensitive data we may collect.
+Categories of Sensitive Data. We may collect, process, or disclose certain personal data that qualifies as “sensitive data” under applicable U.S. state data privacy laws. For example, this data may be collected if you participate in a survey, share it in your account profile, or are engaged in certain community-focused repositories. Sensitive data is a subset of personal data. In the list below, we outline the categories of sensitive data we collect, the sources of the sensitive data, our purposes of processing, and the categories of third-party recipients with whom we share the sensitive data. Please see the "What information GitHub collects" section for more information about the sensitive data we may collect.

 Sensitive Data Type    Purposes of Processing  Recipients
 Account log-in, financial account, debit or credit card number, and the means to access the account (security or access code, password, credentials, etc.) Transact commerce; process transactions; fulfill orders; provide our Services; help, secure, and troubleshoot; and detect and prevent fraud Service providers and user-directed entities
milonmaze commented 9 months ago

9b53ea442ecbaf6ce60919a557494e38c3183ef9: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2024-02-04

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index d294e4f9..f4f43219 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -1,204 +1,178 @@
 Skip to main content
-GitHub Privacy Statement
+GitHub General Privacy Statement
 In this article
-
-Effective date: October 10, 2023
-
-Thanks for entrusting GitHub, Inc. or GitHub B.V. (“GitHub”, “we”, "us" or "our") with your source code, your projects, and your personal data. This Privacy Statement explains our practices regarding the collection, use, and disclosure of your data, including any personal data we collect and process in connection with our website and any applications, software, products, and services provided by GitHub, including any Beta Previews (collectively, the “Service(s)”).
-
-All capitalized terms have their definition in GitHub’s Terms of Service, unless otherwise noted here.
-
-The short version
-
-We use your personal information as this Privacy Statement describes. No matter where you are, where you live, or what your citizenship is, you have the same high standard of privacy protection when using GitHub's products as all our users around the world, regardless of their country of origin or location.
-
-To see our Privacy Notice for U.S. Residents, please go to GitHub's Notice about U.S. State Data Privacy or scroll down.
-
-Summary
-Section    What can you find there?
-Who is responsible for the processing of your information  Subject to limited exceptions, GitHub is the controller and entity responsible for the processing of your personal data in connection with the Website or Service if you are in North America. For individuals outside North America the data controller is GitHub B.V.
-What information GitHub collects   GitHub collects information directly from you for your registration, payment, transactions, and user profile. We also automatically collect from you your usage information, cookies, and device information, subject, where necessary, to your consent. GitHub may also collect personal data from third parties. We only collect the minimum amount of personal data necessary to provide innovative services and personalized experiences, unless you choose to provide more.
-How GitHub uses your information   In this section, we describe the ways in which we use your information, including to provide you the Service, to communicate with you, for security and compliance purposes, and to improve our Website or Service or develop new features and functionality of our Website or Service. We also describe the legal basis upon which we process your information, where legally required.
-How we share the information we collect    We may share your information with third parties under one of the following circumstances: with your consent, with our service providers, for security purposes, to comply with our legal obligations, or when there is a change of control or sale of corporate entities or business units. We do not sell your personal information and we do not display advertising on GitHub.
-Your choices regarding our processing of your personal data    We provide ways for you to access, alter, or delete your personal information.
-Cookies and tracking technologies  Except for some of the cookies used on our Enterprise Marketing Pages, we only use strictly necessary cookies to provide, secure, and improve our Website or Service or develop new features and functionality of our Website or Service.
-
-As described below, we may use non-essential cookies on certain pages of our website to support our enterprise marketing efforts and market our products and services to enterprise customers, for example on resources.github.com (collectively “Enterprise Marketing Pages”).
-
-For more information about cookies, see the list of cookies used by GitHub.
-How GitHub secures your information    We take all measures reasonably necessary to protect the confidentiality, integrity, and availability of your personal data on GitHub and to protect the resilience of our servers.
-Communication preferences  We communicate with you by email. You can control the way we contact you in your account settings, or by contacting us.
-Resolving complaints   In the unlikely event that we are unable to resolve a privacy concern quickly and thoroughly, we provide a path of dispute resolution.
-Changes to our Privacy Statement   We notify you of material changes to this Privacy Statement 30 days before any such changes become effective. You may also track changes in our Site Policy repository.
-License    This Privacy Statement is licensed under the Creative Commons Zero license.
-Contacting GitHub  Please feel free to contact us if you have questions about our Privacy Statement.
-Translations   We provide links to some translations of the Privacy Statement.
 GitHub Privacy Statement
-Who is responsible for the processing of your information?
-
-The data controller of your personal data is GitHub, Inc. For individuals outside North America, the data controller is GitHub B.V.
-
-This privacy statement does not apply to personal data we process as a service provider or data processor on behalf of our enterprise customers. Our data processing activities as service provider or data processor is governed by our Data Protection Agreement. If you are an end-user of one of those organizations, such as an employee or student, you should read that organization’s privacy statement and direct any privacy inquiries to that organization.
-
-GitHub acting on your behalf
-
-In some cases, GitHub is acting only on your behalf for the personal data we collect and process in connection with our Service (for example, for the personal data added to a repository by the contributors to such repository). In such cases, GitHub will only process the data in order to provide, protect, and improve Service. Please note that subject to our Private Information Removal Policy contributors’ requests to remove personal data generally require notice to and action from the repository owner.
-
-What information GitHub collects
-
-The personal data we collect depends on how you interact with us, the services you use, and the choices you make. We collect information about you from different sources and in various ways when you use our Service, including information you provide directly, information collected automatically, third-party data sources, and data we infer or generate from other data.
-
-Information users provide directly to GitHub
-
-We collect personal data you provide to us. For example:
-
-Registration information
-
-We collect information such as your name and contact data, including username and email address, and credentials such as your password, during account creation.
-
-Demographic information
-
-In some cases, we request that you provide age, gender, and similar demographic details.
-
-Payment and billing information
-
-If you make a purchase or other financial transaction, we collect credit card numbers, financial account information, and other payment details.
-
-Content and files
-
-We collect any code, text, photographs, documents, or other files, including videos or recordings, you upload to our Service; and if you send us email messages or other communications, we collect and retain those communications. For example, you may choose to give us more information for your Account profile, such as your full name, an avatar which may include a photograph, your biography, your location, your company, and a URL to a third-party website. Please note that your profile information may be visible to other Users of our Service.
-
-Feedback and ratings
-
-We collect any feedback or ratings you provide, including through written communications and via surveys.

-Information GitHub automatically collects
-
-When you visit or use our Service, we collect some information automatically. For example:
-
-Transaction information, Subscription and licensing data
-
-If you have a paid Account or subscription with us, or make a purchase or sale using our Service, we automatically collect certain information about your transactions on the Service, such as your full name, address, region, state, country, zip code, the date, time, and amount charged.
-
-Usage information and Interactions
-
-If you're accessing or using our Service, we may automatically collect information about how you use and how your device interacts with the Service, such as the pages you view, the referring site, your IP address and information about your device, session information, the date and time of each request, device type and ID, operation system and application version, information contained in or relating to your contributions to individual repositories, and telemetry data (i.e., information about how a specific feature or service is performing) regarding your use of other features and functionality of the Service. As further described below, we automatically collect usage information and interaction data using cookies (which may use a cookie ID), depending on your settings or preferences, in connection with our Service.
-
-Geolocation information
-
-In connection with certain features and depending on the functionality of the Service, we collect geolocation information such as through IP addresses or the location information you choose to provide in your Account profile.
-
-Information we create or generate
-
-We infer new information from other data we collect, including using automated means to generate information about your likely preferences or other characteristics (“inferences”). For example, we infer your general geographic location (such as city, state, and country) based on your IP address.
-
-Information we collect from third parties
-
-Other companies with whom you choose to engage. GitHub may collect personal data about you from third parties. For example, this may happen if you sign up for training or to receive information about GitHub from one of our vendors, partners, or affiliates. GitHub does not purchase personal data from third-party data brokers.
-
-Service Providers. We may also receive information from processors or service providers who process the data on our behalf, such as our payment processor who process payment and billing information in connection with our Service.
-
-Content you post on our Service. Information you store in, or contribute to, a public repository, provide for use in connection with a Community Feature or make otherwise publicly available through the Service will be collected by GitHub as described in this Privacy Statement. Such information may also be available to the GitHub user community as well as the general public. For more information about repositories and community features, see "About your profile."
-
-Co-branding/marketing partners. We may receive information from partners with which we offer co-branded services or engage in joint marketing activities.
-
-Publicly available sources. We may also obtain information from publicly available sources as GitHub repositories.
-
-When you are asked to provide personal data, you may decline. And you may use web browser or operating system controls to prevent certain types of automatic data collection. But if you choose not to provide or allow information that is necessary for certain services or features, those services or features may not be available or fully functional.
-
-How GitHub uses your information
-
-We may use your information to provide, administer, analyze, manage, and operate our Service. For example, we use your information for the following purposes:
-
-Provide our products and deliver our services including troubleshooting, improving, and personalizing the features on the Service.
-Business operations such as billing, accounting, improving our internal operations, securing our systems, detecting fraudulent or illegal activity, and meeting our legal obligations.
-Improve and develop our products and services including to develop new services or features, and conduct research.
-Personalization of our Service by understanding you and your preferences to enhance your experience and enjoyment using our Service.
-Provide customer support and respond to your questions.
-Deliver promotional communications with you about new services, features, offers, promotions, and other information about our Service.
-Personalize and measure the effectiveness of enterprise business ads, including those you see off of the Services, promotional communications or marketing you receive related to the Enterprise Marketing Pages.
-Send you information, including confirmations, invoices, technical notices, updates, security alerts, support and administrative messages.
-
-We combine data we collect from different sources for these purposes and to give you a more seamless, consistent, and personalized experience.
-
-How we share the information we collect
+Effective date: February 1, 2024
+
+Welcome to the GitHub Privacy Statement. This is where we describe how we handle your “Personal Data”, which is information that is directly linked or can be linked to you. It applies to the Personal Data that GitHub, Inc. or GitHub B.V., processes as the “Data Controller” when you interact with websites, applications, and services that display this Statement (collectively, “Services”). This Statement does not apply to services or products that do not display this Statement, such as Previews, where relevant.
+
+End User Notice: Organization-Provided GitHub Accounts
+
+When a school or employer supplies your GitHub account, they assume the role of Data Controller for most Personal Data used in our Services. This enables them to:
+
+Manage and administer your GitHub account, including adjusting privacy settings.
+Access and utilize your Personal Data, which includes details on how you use the Services, as well as your content and files.
+
+Should you access a GitHub Service through an account provided by an organization, such as your employer or school, the organization becomes the Data Controller, and this Privacy Statement's direct applicability to you changes. Even so, GitHub remains dedicated to preserving your privacy rights. In such circumstances, GitHub functions as a Data Processor, adhering to the Data Controller's instructions regarding your Personal Data's processing. A Data Protection Agreement governs the relationship between GitHub and the Data Controller. For further details regarding their privacy practices, please refer to the privacy statement of the organization providing your account.
+
+In cases where your organization grants access to GitHub products, GitHub acts as the Data Controller solely for specific processing activities. These activities are clearly defined in a contractual agreement with your organization, known as a Data Protection Agreement. You can review our standard Data Protection Agreement at GitHub Data Protection Agreement. For those limited purposes, this Statement governs the handling of your Personal Data. For all other aspects of GitHub product usage, your organization's policies apply.
+
+Third Party Access and Data Protection
+
+When you use third-party extensions, integrations, or follow references and links within our Services, the privacy policies of these third parties apply to any Personal Data you provide or consent to share with them. Their privacy statements will govern how this data is processed.
+
+Personal Data We Collect
+
+Personal Data is collected from you directly, automatically from your device, and also from third parties. The Personal Data GitHub processes when you use the Services depends on variables like how you interact with our Services (such as through web interfaces, desktop or mobile applications), the features you use (such as pull requests, Codespaces, or GitHub Copilot) and your method of accessing the Services (your preferred IDE). Below, we detail the information we collect through each of these channels:
+
+From You
+Account Data: We collect certain information when you open an account such as your GitHub handle, name, email address, password, payment information and transaction information.
+User Content and Files: When you use our Services, we collect Personal Data included as part of the information you provide such as code, inputs, text, documents, images, or feedback.
+Demographic information: In some cases, you provide us with ethnicity, gender, or similar demographic details.
+Feedback Data: This consists of information you submit through surveys, reviews, or interactive features.
+Payment Information: For paid subscriptions, we collect details like name, billing address, and payment specifics.
+Profile Information: We collect information to create a user profile, which may include a photo, additional email addresses, job title, or biography.
+Sales and Marketing Data: This includes information provided for promotional communications, such as name, email address, and company name.
+Support Data: When you seek customer support, we collect details like code, text, or multimedia files.
+Automatically
+Buttons, Tools, and Content from Other Companies: Our Services may contain links or buttons that lead to third-party services like Twitter or LinkedIn. Use of these features may result in data collection. Engaging with these buttons, tools, or content may automatically send certain browser information to these companies. Please review the privacy statements of these companies for more information.
+Essential Cookies and Similar Tracking Technologies: We use cookies and similar technologies to provide essential functionality like storing settings and recognizing you while using our Services.
+Non-essential Cookies: Depending on your jurisdiction, we may use online analytics products that use cookies to help us analyze how de-identified users use our Services and to enhance your experience when you use the Services. We may also employ third-party Cookies to gather data for interest-based advertising. In some jurisdictions, we only use non-essential cookies after obtaining your consent. See this section for more details and control options.
+Email Marketing Interactions: Our emails may have web beacons that offer information on your device type, email client, email reception, opens, and link clicks.
+Geolocation Information: Depending on the Service's functionality, we collect regional geolocation data
+Service Usage Information: We collect data about your interactions with the Services, such as IP address, device information, session details, date and time of requests, device type and ID, operating system and application version, information related to your contributions to repositories, and performance of specific features or Services.
+Website Usage Data: We automatically log data about your Website interactions, including the referring site, date and time of visit, pages viewed, and links clicked.
+From Third Parties
+Information from Other Users of the Services: Other users may share information about you when they submit issues and comments. We may also receive information about you if you are identified as a representative or administrator on your company's account.
+Publicly Available Sources: We may acquire information about you from publicly available sources like public GitHub repositories.
+Services you linked to your GitHub account: When you or your administrator integrate third-party apps or services with our Services, we receive information based on your settings with those services. This can include details like your name and email from services like Google for authentication. The information we receive depends on the third-party's settings and privacy policies. Always review these to understand what data is shared with our Services.
+Vendors, Partners, and Affiliates: We may receive information about you from third parties, like vendors, resellers, partners, or affiliates for the purposes outlined in this statement.
+Processing Purposes: How We Use Your Personal Data
+
+The Personal Data we process depends on your interaction and access methods with our Services, including the interfaces (web, desktop, mobile apps), features used (pull requests, Codespaces, GitHub Copilot), and your preferred access tools (like your IDE). This section details all the potential ways GitHub may process your Personal Data:
+
+Business Operations: We use Personal Data for activities like billing, accounting, and compensation. This includes creating aggregated statistical data for internal reporting, financial reporting, revenue planning, capacity planning, and forecast modeling (including product strategy).
+Communication: We use Personal Data to inform you about new Services, features, offers, promotions, and other pertinent information. This also includes sending confirmations, invoices, technical notices, updates, security alerts, and administrative messages.
+Inference: We generate new information from other data we collect to derive likely preferences or other characteristics. For instance, we infer your general geographic location based on your IP address.
+Personalization: We use Personal Data to customize the Service to your preferences, to evaluate the effectiveness of enterprise business ads and promotional communications, and to ensure a seamless and consistent user experience.
+Safety and Security: To promote safety, integrity, and security across our Services, we process Personal Data, using both automated and, at times, manual techniques for abuse detection, prevention, and violations of terms of service.
+Service Provision: We use Personal Data to deliver and update our Services as configured and used by You, and to make ongoing personalized experiences and recommendations.
+Troubleshooting: We use Personal Data to identify and resolve technical issues.
+Ongoing Service Performance: Personal Data helps us keep the Services up to date and performant, and meet user productivity, reliability, efficacy, quality, privacy, accessibility and security needs.
+Complying with and resolving legal obligations: including responding to Data Subject Requests for Personal Data processed by GitHub as Controller (for example website data), tax requirements, agreements and disputes.
+Delivering Professional Services: We use Personal Data to deliver training, consulting or implementation (“Professional Services”). This includes providing technical support, professional planning, advice, guidance, data migration, deployment, and solution/software development services.
+Improving Professional Services: Enhancing delivery, efficacy, quality, and security of Professional Services and the underlying product(s) based on issues identified while providing Professional Services, including fixing software defects, and otherwise keeping the Professional Services up to date and performant.
+
+When carrying out these activities, GitHub practices data minimization and uses the minimum amount of Personal Information required.
+
+Sharing of Personal Data
+
+We may share Personal Data with the following recipients:
+
+Abuse and Fraud Prevention Entities: We may disclose Personal Data based on a good faith belief it is needed to prevent fraud, abuse, or attacks on our Services, or to protect the safety of GitHub and our users.
+Affiliates: Personal Data may be shared with GitHub affiliates, including Microsoft, to facilitate customer service, marketing and advertising, order fulfillment, billing, technical support, and legal and compliance obligations. Our affiliates may only use the Personal Data in a manner consistent with this Privacy Statement.
+GitHub Organization Accounts: If an organization adds you to their GitHub account, we might share Personal Data with that organization to fulfill the commercial relationship. In such a case, your use of the Services is protected by a data protection agreement and terms between your organization and GitHub
+Competent Authorities: We may disclose Personal Data to authorized law enforcement, regulators, courts, or other public authorities in response to lawful requests or to protect our rights and safety. Please refer to our Guidelines for Legal Requests of User Data for more information.
+Corporate Transaction Entities: we might disclose Personal Data within the limits of the law and in accordance with this Privacy Statement for strategic business transactions such as sales or a merger.
+Partners and Resellers: We cooperate with third-parties that offer sales, consulting, support, and technical services for our Services. We may share your data with these partners and resellers where allowed, and with your consent when required.
+Subprocessors and Service Providers: We may use vendors to provide services on our behalf, including hosting, marketing, advertising, social, analytics, support ticketing, credit card processing, or security services. They are bound by contractual obligations to ensure the security, privacy, and confidentiality of your information. Please visit https://docs.github.com/en/site-policy/privacy-policies/github-subprocessors to see our list of Subprocessors.
+Visual Studio Code (GitHub Codespaces): GitHub Codespaces and github.dev offer Visual Studio Code in a web browser, where some telemetry is collected by default. Details on telemetry collection are on the VS Code website. To opt out, go to File > Preferences > Settings in the top left menu of VS Code. Opting out will sync this preference across all future web sessions in GitHub Codespaces and github.dev.
+Other Third-party Applications: Upon your instruction, we may share Personal Data with third-party applications available on our Marketplace. You are responsible for the data you instruct us to share with these applications.
+Other Users and the Public: Depending on your account settings, we may share Personal Data with other users of the Services and the public. You control what information is made public. To adjust your settings, visit User Settings in your profile. Please be aware that any information you share in a collaborative context may become publicly accessible.
+Private repositories: GitHub Access
+
+If your GitHub account has private repositories, you control the access to that information. GitHub personnel does not access private repository information without your consent except as provided in this Privacy Statement and for:
+
+security purposes
+automated scanning or manual review for known vulnerabilities, active malware, or other content known to violate our Terms of Service
+to assist the repository owner with a support matter
+to maintain the integrity of the Services, or
+to comply with our legal obligations if we have reason to believe the contents are in violation of the law.

-We share personal data as described below, including with your consent or as necessary to complete your transactions or provide the services you have requested or authorized. In addition, we may share each of the categories of your personal data described above with the types of third parties described below for the following business purposes:
+GitHub will provide you with notice regarding private repository access unless doing so is prohibited by law or if GitHub acted in response to a security threat or other risk to security.

-Public information
+Lawful Bases for Processing Personal Data (Applicable to EEA and UK End Users)

-You may select options available through our Service to publicly display and share your name and/or username and certain other information, such as your profile, demographic data, content and files, or geolocation data. For example, if you would like your email address to remain private, even when you’re commenting on public repositories, you can adjust your setting for your email address to be private in your user profile. You can also update your local Git configuration to use your private email address.
+GitHub processes Personal Data in compliance with the GDPR, ensuring a lawful basis for each processing activity. The basis varies depending on the data type and the context, including how you access the services. Our processing activities typically fall under these lawful bases:

-Please note that if you would like to compile GitHub data, you must comply with our Terms of Service regarding information usage and privacy, and you may only use any public-facing information you gather for the purpose for which our user authorized it. For example, where a GitHub user has made an email address public-facing for the purpose of identification and attribution, do not use that email address for the purposes of sending unsolicited emails to users or selling personal information, such as to recruiters, headhunters, and job boards, or for commercial advertising. We expect you to reasonably secure information you have gathered from GitHub, and to respond promptly to complaints, removal requests, and "do not contact" requests from GitHub or GitHub users.
+Contractual Necessity: Processing is required to fulfill our contractual duties to you, in accordance with the GitHub Terms of Service.
+Legal Obligation: We process data when it's necessary to comply with applicable laws or to protect the rights, safety, and property of GitHub, our affiliates, users, or third parties.
+Legitimate Interests: We process data for purposes that are in our legitimate interests, such as securing our Services, communicating with you, and improving our Services. This is done only when these interests are not overridden by your data protection rights or your fundamental rights and freedoms.
+Consent: We process data when you have explicitly consented to such processing. When we rely on consent as the legal basis, you have the right to withdraw your consent for data processing at any time. The procedures for withdrawal are detailed in this Statement and available on our website.
+Your Privacy Rights

-Third-party applications
+Depending on your residence location, you may have specific legal rights regarding your Personal Data:

-We share your personal data with third party applications when you tell us to do so. For example, if you purchase an application listed on our Marketplace, we share your username to allow the application developer to provide you with services. You can enable or add third-party applications, known as "Developer Products," to your Account. These Developer Products are not necessary for your use of GitHub. We will share your personal data with such third-party applications when you ask us to; however, you are responsible for your use of the third-party Developer Products and for the amount of personal data you choose to share with it. You can check our API documentation to see what information is provided when you authenticate into a Developer Product using your GitHub profile.
+The right to access the data collected about you
+The right to request detailed information about the specific types of Personal Data we've collected over the past 12 months, including data disclosed for business purposes
+The right to rectify or update inaccurate or incomplete Personal Data under certain circumstances
+The right to erase or limit the processing of your Personal Data under specific conditions
+The right to object to the processing of your Personal Data, as allowed by applicable law
+The right to withdraw consent, where processing is based on your consent
+The right to receive your collected Personal Data in a structured, commonly used, and machine-readable format to facilitate its transfer to another company, where technically feasible

-Organizations with which you engage
+To exercise these rights, please send an email to privacy[at]github[dot]com and follow the instructions provided.. To verify your identity for security, we may request extra information before addressing your data-related request. Please contact our Data Protection Officer at dpo[at]github[dot]com for any feedback or concerns. Depending on your region, you have the right to complain to your local Data Protection Authority. European users can find authority contacts on the European Data Protection Board website, and UK users on the Information Commissioner’s Office website.

-You may indicate, through your actions on GitHub, that you are willing to share your personal data with Organizations, as defined in GitHub’s Terms of Service, who also use the Services. If you collaborate on or become a member of an Organization, then its Account owners may receive your personal data, for example by having the ability to view your activity in the Organization’s access log.
+We aim to promptly respond to requests in compliance with legal requirements. Please note that we may retain certain data as necessary for legal obligations or for establishing, exercising, or defending legal claims.

-When you accept an invitation to an Organization, you will be notified of the types of information owners may be able to see (for more information, see About Organization Membership). Please contact the Account owners for more information about how they might process your personal data in their Organization and the ways for you to access, update, alter, or delete your personal data stored in the Account.
+International data transfers

-Service providers
+GitHub stores and processes Personal Data in a variety of locations, including your local region, the United States, and other countries where GitHub, its affiliates, subsidiaries, or subprocessors have operations. We transfer Personal Data from the European Union, the United Kingdom, and Switzerland to countries that the European Commission has not recognized as having an adequate level of data protection. When we engage in such transfers, we generally rely on the standard contractual clauses published by the European Commission under Commission Implementing Decision 2021/914, to help protect your rights and enable these protections to travel with your data. To learn more about the European Commission’s decisions on the adequacy of the protection of personal data in the countries where GitHub processes personal data, see this article on the European Commission website.

-We share your personal data with service providers who process the information on our behalf to provide or improve our Service. For example, our service providers may perform payment processing, customer support ticketing, network data transmission, web analytics, marketing operations, security, online advertising, and other similar services. Our service providers may process data in your region, in the United States, or in any other country where they operate facilities.
+Data Privacy Framework (DPF)

-Such processing by service providers and any related cross border data transfers will be in compliance with applicable law.
+GitHub also complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. GitHub has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. GitHub has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy statement and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

-Affiliates
+GitHub has the responsibility for the processing of Personal Data it receives under the Data Privacy Framework (DPF) Principles and subsequently transfers to a third party acting as an agent on GitHub’s behalf. GitHub shall remain liable under the DPF Principles if its agent processes such Personal Data in a manner inconsistent with the DPF Principles, unless the organization proves that it is not responsible for the event giving rise to the damage.

-We enable access to personal data across our subsidiaries, affiliates, and related companies, for example, where we share common data systems, when affiliates provide services on our behalf, or where access is needed to operate and provide the Service.
+Dispute resolution process

-GitHub has the responsibility for the processing of personal information it receives under the Data Privacy Framework (DPF) Principles and subsequently transfers to a third party acting as an agent on GitHub’s behalf. GitHub shall remain liable under the DPF Principles if its agent processes such personal information in a manner inconsistent with the DPF Principles, unless the organization proves that it is not responsible for the event giving rise to the damage.
+In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, GitHub commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU, UK, and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension, and the Swiss-U.S. DPF should first contact GitHub at: dpo[at]github[dot]com.

-For security purposes
+If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://go.adr.org/dpf_irm.html for more information or to file a complaint. The services of the International Centre for Dispute Resolution are provided at no cost to you.

-We will disclose personal data if we believe it is necessary to:
+An individual has the possibility, under certain conditions, to invoke binding arbitration for complaints regarding DPF compliance not resolved by any of the other DPF mechanisms. For additional information visit https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf?tabset-35584=2.

-protect our customers and others, for example to prevent spam or attempts to commit fraud, or to help prevent the loss of life or serious injury of anyone;
-operate and maintain the security of the Service, including to prevent or stop an attack on our systems or networks; or
-protect the rights or property or ourselves or others, including enforcing our agreements, terms, and policies.
-For legal disclosure
+Government Enforcement

-GitHub may disclose personal data or other information we collect about you to law enforcement or other governmental agencies if required in response to a valid legal process. For more information about our disclosure in response to legal requests, see our Guidelines for Legal Requests of User Data.
+GitHub is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). Under Section 5 of the Federal Trade Commission Act (15 U.S.C. § 45), an organization's failure to abide by commitments to implement the DPF Principles may be challenged as deceptive by the FTC. The FTC has the power to prohibit such misrepresentations through administrative orders or by seeking court orders.

-Change in control or sale
+Security and Retention

-We may share your personal data if we are involved in a merger, sale, or acquisition of corporate entities or business units as described in this Privacy Statement.
+GitHub uses appropriate administrative, technical, and physical security controls to protect your Personal Data. We’ll retain your Personal Data as long as your account is active and as needed to fulfill contractual obligations, comply with legal requirements, resolve disputes, and enforce agreements. The retention duration depends on the purpose of data collection and any legal obligations.

-Please note that some of the features on our Service include integrations, references, or links to services provided by third parties whose privacy practices differ from ours. If you provide personal data to any of those third parties, or allow us to share personal data with them, that data is governed by their privacy statements.
+Security

-Finally, we may share de-identified information in accordance with applicable law.
+GitHub uses administrative, technical, and physical security controls where appropriate to protect your Personal Data.

-Your choices regarding our processing of your personal data
+Contact Us

-We provide choices about the personal data we collect about you. The choices you make will not apply to any personal data associated with an Organization under your Account.
+Contact us via our contact form or by emailing our Data Protection Officer at dpo[at]github[dot]com. Our addresses are:

-Access, correction, and deletion. If you're a GitHub user, you may access, update, alter, or delete your basic user profile information by editing your user profile or contacting us through the GitHub Support portal or GitHub Premium Support. You can control the information we collect about you by limiting what information is in your profile, by keeping your information current, by changing your cookie preferences, or by contacting us through the GitHub Support portal or GitHub Premium Support.
+GitHub B.V. Prins Bernhardplein 200, Amsterdam 1097JB The Netherlands

-We retain and use your information as described in this Privacy Statement, but barring legal requirements, we will delete your full profile within 90 days of your request. After an account has been deleted, certain data, such as contributions to other Users' repositories and comments in others' issues, will remain. However, we will delete or de-identify your personal data, including your username and email address, from the author field of issues, pull requests, and comments by associating them with a ghost user. That said, the email address you have provided via your Git commit settings will always be associated with your commits in the Git system. If you choose to make your email address private, you should also update your Git commit settings. We are unable to change or delete data in the Git commit history — the Git software is designed to maintain a record — but we do enable you to control what information you put in that record.
+GitHub, Inc. 88 Colin P. Kelly Jr. St. San Francisco, CA 94107 United States

-If GitHub processes personal data other than your profile information, such as information about you GitHub receives from third parties, then you may, subject to applicable law, access, update, alter, delete, object to or restrict the processing of your personal data by contacting us through the GitHub Support portal or GitHub Premium Support.
+Information for Minors

-You can adjust the settings on your Account regarding the display of your personal data in private or public repositories or personal data processed in connection with Community Features (such as GitHub Feed, GitHub Sponsors, and GitHub Explore) through profile settings.
+Our Services are not intended for individuals under the age of 13. We do not intentionally gather Personal Data from such individuals. If you become aware that a minor has provided us with Personal Data, please notify us.

-Additionally, if you are unable to access certain personal data we have via the means described above, you can request access by contacting us as described at the bottom of this privacy statement.
+Changes to Our Privacy Statement

-Data portability
+GitHub may periodically revise this Privacy Statement. If there are material changes to the statement, we will provide at least 30 days prior notice by updating our website or sending an email to your primary email address associated with your GitHub account.

-As a GitHub User, you can always take your data with you. You can clone your repositories to your desktop, for example, or you can use our Data Portability tools to download information we have about you.
+Translations

-Communication preferences
+Below are translations of this document into other languages. In the event of any conflict, uncertainty, or apparent inconsistency between any of those versions and the English version, this English version is the controlling version.

-We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay. For example, if you contact our Support team with a request, we respond to you via email. You have control over how your email address is used and shared with other Users on and through our Service. You may manage your communication preferences in your profile's email settings.
+French

-By design, the Git version control system associates many actions with a user's email address, such as commit messages. See more details regarding setting your commit email address.
+Cliquez ici pour obtenir la version française: Déclaration de confidentialité de GitHub (PDF).

-Depending on your email settings, GitHub may occasionally send notification emails, for example, about changes in a repository you’re watching, new features, requests for feedback, important policy changes, or to offer customer support. We may also send marketing emails, based on your choices and in accordance with applicable laws and regulations. There's an “unsubscribe” link located at the bottom of each of the marketing emails we send you.
+Other translations

-Please note that you cannot opt out of receiving important communications from us, such as emails from our Support team or system emails, but you can configure your notifications settings in your profile to opt out of other communications.
+For translations of this statement into other languages, please visit https://docs.github.com/ and select a language from the drop-down menu under “English.”

 Our use of cookies and tracking technologies
 Cookies and tracking technologies
@@ -209,7 +183,7 @@ For Enterprise Marketing Pages, we may also use non-essential cookies to (i) gat

 Our emails to users may contain a pixel tag, which is a small, clear image that can tell us whether or not you have opened an email and what your IP address is. We use this pixel tag to make our email communications more effective and to make sure we are not sending you unwanted email.

-The length of time a cookie will stay on your browser or device depends on whether it is a “persistent” or “session” cookie. Session cookies will only stay on your device until you stop browsing. Persistent cookies stay until they expire or are deleted. The expiration time or retention period applicable to persistent cookies depends on the purpose of the cookie collection and tool used. You may be able to delete cookie data. For more information, see "GitHub Privacy Statement."
+The length of time a cookie will stay on your browser or device depends on whether it is a “persistent” or “session” cookie. Session cookies will only stay on your device until you stop browsing. Persistent cookies stay until they expire or are deleted. The expiration time or retention period applicable to persistent cookies depends on the purpose of the cookie collection and tool used. You may be able to delete cookie data. For more information, see "GitHub General Privacy Statement."

 What are cookies and similar technologies?

@@ -260,159 +234,61 @@ Europe: European Digital Advertising Alliance

 These choices are specific to the browser you are using. If you access our Services from other devices or browsers, take these actions from those systems to ensure your choices apply to the data collected when you use those systems.

-Retention of personal data
-
-We retain personal data for as long as necessary to provide the services and fulfill the transactions you have requested, comply with our legal obligations, resolve disputes, enforce our agreements, and other legitimate and lawful business purposes. Because these needs can vary for different data types in the context of different services, actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the data, the availability of automated controls that enable users to delete data, and our legal or contractual obligations. For example, we may retain your personal data for longer periods, where necessary, subject to applicable law, for security purposes.
-
-How GitHub secures your information
-
-GitHub takes reasonable measures necessary to protect your personal data from unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of your personal data. To help us protect personal data, we request that you use a strong password and never share your password with anyone or use the same password with other sites or accounts.
-
-In addition, if your account has private repositories, you control the access to that Content. GitHub personnel does not access private repository content except for
-
-security purposes,
-automated scanning for known vulnerabilities, active malware, or other content known to violate our Terms of Service
-to assist the repository owner with a support matter
-to maintain the integrity of the Service
-to comply with our legal obligations if we have reason to believe the contents are in violation of the law,
-or with your consent.
-
-GitHub will provide notice regarding private repository access where not prohibited by law or if in response to a security threat or other risk to security.
-
-Cross-border data transfers
-Data Privacy Framework (DPF)
-
-GitHub complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. GitHub has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. GitHub has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy policy and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.
-
-GitHub may store and process your personal data in your region, in the United States, and in any other country where GitHub or its affiliates, subsidiaries, or service providers operate facilities.
-
-We transfer personal data from the European Union, the United Kingdom, and Switzerland to other countries, some of which have not yet been determined by the European Commission to have an adequate level of data protection. For example, their laws may not guarantee you the same rights, or there may not be a privacy supervisory authority there that is capable of addressing your complaints. When we engage in such transfers, we use a variety of legal mechanisms, including contracts, such as the standard contractual clauses published by the European Commission under Commission Implementing Decision 2021/914, to help protect your rights and enable these protections to travel with your data. To learn more about the European Commission’s decisions on the adequacy of the protection of personal data in the countries where Microsoft processes personal data, see this article on the European Commission website. You may view a copy of the Standard Contractual Clauses on the GitHub Customer Agreements website under the GitHub Data Protection Agreement.
-
-How to Contact Us
-
-If you have a privacy inquiry or concerns about the way GitHub is handling your personal data, please let us know immediately. We want to help. You may contact us by filling out the Privacy contact form. We will respond promptly.
-
-Our address is:
-
-GitHub Privacy Team
-
-GitHub, Inc.
-88 Colin P. Kelly Jr. St.
-San Francisco, CA 94107
-United States
-
-Privacy contact form
-
-Dispute resolution process
-
-In the unlikely event that a dispute arises between you and GitHub regarding our handling of your personal data, please email us directly at (privacy [at] github [dot] com) with the subject line "Privacy Concerns". We will respond promptly and do our best to resolve the dispute.
-
-Additionally, you may have the right to file a complaint with your local data protection or privacy agency or supervisory authority.
-
-In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, GitHub commits to refer unresolved complaints concerning our handling of personal data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF to the International Centre for Dispute Resolution, an alternative dispute resolution provider based in the United States, the European Union, the United Kingdom, and/or Switzerland (as applicable). If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://go.adr.org/dpf_irm.html for more information or to file a complaint. The services of the International Centre for Dispute Resolution are provided at no cost to you.
-
-An individual has the possibility, under certain conditions, to invoke binding arbitration for complaints regarding DPF compliance not resolved by any of the other DPF mechanisms. For additional information visit the Data Privacy Framework website.
-
-Government Enforcement
-
-GitHub is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). Under Section 5 of the Federal Trade Commission Act (15 U.S.C. § 45), an organization's failure to abide by commitments to implement the DPF Principles may be challenged as deceptive by the FTC. The FTC has the power to prohibit such misrepresentations through administrative orders or by seeking court orders.
-
-Changes to our Privacy Statement
-
-GitHub may change this Privacy Statement from time to time for a variety of reasons, including to comply with new laws and regulations, to cover new features and functionality, and to increase transparency. We will provide notice of material changes to this Privacy Statement through our Website at least 30 days prior to the change taking effect by posting a notice on our home page or sending email to the primary email address specified in your GitHub account. We will also update our Site Policy repository, which tracks all changes to this policy. For other changes to this Privacy Statement, we encourage Users to watch or to check our Site Policy repository frequently. To learn how to watch a repository, see "Configuring notifications."
-
-License
-
-This Privacy Statement is licensed under this Creative Commons Zero license. For details, see our site-policy repository.
-
-Contacting GitHub
-
-Questions regarding GitHub's Privacy Statement or information practices should be directed to our Privacy contact form.
-
-Translations
-
-Below are translations of this document into other languages. In the event of any conflict, uncertainty, or apparent inconsistency between any of those versions and the English version, this English version is the controlling version.
-
-French
-
-Cliquez ici pour obtenir la version française: Déclaration de confidentialité de GitHub (PDF)
-
-Other translations
-
-For translations of this statement into other languages, please visit https://docs.github.com/ and select a language from the drop-down menu under “English.”
-
-European Data Protection Rights Notice
-
-If you are in the European Economic Area, we process your personal data in accordance with applicable laws, and the processing of personal data about you is subject to European Union data protection law, you have certain rights with respect to that data:
-
-You can request access to, and rectification or erasure of, personal data; If any automated processing of personal data is based on your consent or a contract with you, you have a right to transfer or receive a copy of the personal data in a usable and portable format; If the processing of personal data is based on your consent, you can withdraw consent at any time for future processing; You can to object to, or obtain a restriction of, the processing of personal data under certain circumstances; and for residents of France, you can send us specific instructions regarding the use of your data after your death.
-
-To make such requests, please use the contact information at the bottom of this statement. When we are processing data on behalf of another party (i.e., where GitHub is acting as a data processor) you should direct your request to that party. You also have the right to lodge a complaint with a supervisory authority, but we encourage you to first contact us with any questions or concerns.
-
-We rely on different lawful bases for collecting and processing personal data about you, for example, with your consent and/or as necessary to provide the services you use, operate our business, meet our contractual and legal obligations, protect the security of our systems and our customers, or fulfill other legitimate interests.
-
-U.S. State Data Privacy
-
-If you are a U.S. resident, we process your personal data in accordance with applicable U.S. state data privacy laws, including the California Consumer Privacy Act (CCPA). This section of our Privacy Statement contains information required by the CCPA and other U.S. state data privacy laws and supplements our Privacy Statement.
-
-Sale. We do not sell your personal data. So, we do not offer an opt-out to the sale of personal data.
+US State Specific Information

-Share. We may “share” your personal data for targeted advertising purposes. You may opt out of sharing data for cross-contextual advertising purposes, and make additional privacy choices on GitHub’s Enterprise Marketing pages by selecting Managing Your Cookie Preferences. Here are the categories of personal data shared over the past 12 months with additional details.
+This section provides extra information specifically for residents of certain US states that have distinct data privacy laws and regulations. These laws may grant specific rights to residents of these states when the laws come into effect. This section uses the term “personal information” as an equivalent to the term “Personal Data.”

-Categories of Personal Data Shared Categories of Recipients    Business or commercial purpose for sharing
-Usage information and Interactions Advertisers To support GitHub’s enterprise marketing efforts
+Privacy Rights

-Rights. You have the right to request that we (i) disclose what personal data we collect, use, disclose, share, and sell, (ii) delete your personal data, (iii) correct your personal data, and (iv) restrict the use and disclosure of your sensitive data, and (v) opt-out of future “sharing” of personal data for targeted advertising purposes. You may make these requests yourself or through an authorized agent. If you use an authorized agent, we provide your agent with detailed guidance on how to exercise your privacy rights.
+These rights are common to the US State privacy laws:

-Please see Your choices regarding our processing of your personal data section of the GitHub Privacy Statement for additional information on how to exercise these rights. You can use GitHub’s User Migration API to access and download your data. For more information, see "Requesting an archive of your personal account’s data."
+Right to Knowledge and Correction: You have the right to request details on the specific personal information we’ve collected about you and the right to correct inaccurate information. You can exercise this right by contacting us. You can also access and edit basic account information in your settings.
+Right to Know Data Recipients: We share your information with service providers for legitimate business operations, such as data storage and hosting. For more details, please see “Sharing Your Information” below.
+Right to request Deletion: You reserve the right to request the deletion of your data, barring a few exceptions. Such exceptions include circumstances where we are required to retain data to comply with legal obligations, detect fraudulent activity, investigate reports of abuse or other violations of our Terms of Service, or rectify security issues. Upon receiving your verified request, we will promptly delete your personal information (unless an exception applies), and instruct our service providers to do the same. We employ brief retention terms by design.
+Right to a Timely Response: You are allowed to make two free requests in any 12-month period. We commit to responding to your request within 45 days. In complex cases, we may extend our response time by an additional 45 days.
+Non-Discrimination: We will not hold it against you when you exercise any of your rights. On the contrary, we encourage you to review your privacy settings closely and contact us with any questions.
+Notice of Collection of Personal Information

-If you have a GitHub account, you must exercise your rights through the tools provided, which requires you to log in to your GitHub account. If you have an additional request or questions after logging in, you may contact GitHub at the address in the How to contact us section, including through our web form.
+We may collect various categories of personal information about our website visitors and users of "Services" which includes GitHub applications, software, products, or services. That information includes identifiers/contact information, demographic information, payment information, commercial information, internet or electronic network activity information, geolocation data, audio, electronic, visual, or similar information, and inferences drawn from such information.

-If you do not have an account, you may exercise your rights by contacting us as described above. We may ask for additional information to validate your request before honoring the request. To submit a request based on these rights, you can also contact us through the GitHub Support portal.
+We collect this information for various purposes. This includes identifying accessibility gaps and offering targeted support, fostering diversity and representation, providing services, troubleshooting, conducting business operations such as billing and security, improving products and supporting research, communicating important information, ensuring personalized experiences, and promoting safety and security.

-You may opt-out of “sharing” information for cross-contextual behavioral advertising purposes, and make additional privacy choices related to GitHub’s Enterprise Marketing pages by selecting Managing Your Cookie Preferences. You have a right not to receive discriminatory treatment if you exercise your privacy rights. We will not discriminate against you if you exercise your privacy rights.
+Exercising your Privacy Rights

-Additionally, under California Civil Code section 1798.83, also known as the “Shine the Light” law, California residents who have provided personal information to a business with which the individual has established a business relationship for personal, family, or household purposes (“California Customers”) may request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes. Please be aware that we do not disclose personal information to any third parties for their direct marketing purposes as defined by this law. California Customers may request further information about our compliance with this law by emailing (privacy [at] github [dot] com). Please note that businesses are required to respond to one request per California Customer each year and may not be required to respond to requests made by means other than through the designated email address.
+To make an access, deletion, correction, or opt-out request, please send an email to privacy[at]github[dot]com and follow the instructions provided. We may need to verify your identity before processing your request. If you choose to use an authorized agent to submit a request on your behalf, please ensure they have your signed permission or power of attorney as required.

-California residents under the age of 18 who are registered users of online sites, services, or applications have a right under California Business and Professions Code Section 22581 to remove, or request and obtain removal of, content or information they have publicly posted. To remove content or information you have publicly posted, please submit a Private Information Removal request. Alternatively, to request that we remove such content or information, please send a detailed description of the specific content or information you wish to have removed to GitHub support. Please be aware that your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances. If you have any questions about our privacy practices with respect to California residents, please contact us through the GitHub Support portal.
+To opt out of the sharing of your personal information, you can click on the "Do Not Share My Personal Information" link on the footer of our Websites or use the Global Privacy Control ("GPC") if available. Authorized agents can also submit opt-out requests on your behalf.

-Our handling of personal information
+California
+Mandatory Disclosures

-The table below contains information about the categories of personal information we collect, our purposes of processing, and the categories of third-party recipients with whom we share the personal information. Please see the GitHub Privacy Statement for full details, including a description of the data included in each category.
+We also make the following disclosures for purposes of compliance with California privacy law:

-Category of Personal Data  Sources of Personal Data    Purposes of Processing  Recipients
-Registration information   Users and customers who use create an account   Provide and personalize our Services; authenticate and provide account access; respond to user and customer questions; help, secure, and troubleshoot; honor users rights; and marketing    Service providers and user-directed entities
-Demographic information    Users and customers, third-party data brokers   Provide and personalize our Services; product improvement and development; help, secure, and troubleshoot; and marketing    Service providers and user-directed entities
-Payment and billing information    Users and customers, financial institutions Transact commerce; provide our Services; process transactions; fulfill orders; help, secure, and troubleshoot; and detect and prevent fraud Service providers and user-directed entities
-Content and files  Users and customers Provide our Services; safety; compliance; and help, secure, and troubleshoot; honor user rights Service providers and user-directed entities
-Feedback and ratings   Users and customers Provide our Services; product improvement; product improvement and development; marketing; customer support; and help, secure, and troubleshoot Service providers and user-directed entities
-Transaction information, subscription and licensing data   Users and customers Provide, personalize, and activate our Services; customer support; help, secure, and troubleshoot; and marketing    Service providers and user-directed entities
-Usage information and Interactions Users, customers, website visitors  Provide and personalize our Services; product improvement and development; marketing; and help, secure and troubleshoot Service providers and user-directed entities
-Geolocation information    Users, customers, website visitors  Provide and personalize our Services; product improvement and development; marketing; and help, secure and troubleshoot Service providers and user-directed entities
+We collected the following categories of personal information in the last 12 months: identifiers/contact information, demographic information (such as gender), payment card information associated with you, commercial information, Internet or other electronic network activity information, geolocation data, audio, electronic, visual or similar information, and inferences drawn from the above.
+The sources of personal information from whom we collected are: directly from you, automatically or from third parties.
+The business or commercial purposes of collecting personal information are as summarized above and in our Privacy Statement under Processing Purposes.
+We disclosed the following categories of personal information for a business purpose in the last 12 months: identifiers/contact information, demographic information (such as gender and rough geographic location), payment information, commercial information, Internet or other electronic network activity information, geolocation data, audio, electronic, visual or similar information, and inferences drawn from the above. We disclosed each category to third-party business partners and service providers, third-party sites or platforms such as social networking sites, and other third parties as described in the Sharing of Personal Data section of our Privacy Statement.
+As defined by applicable law, we “shared” the following categories of personal information in the last 12 months: identifiers/contact information, Internet or other electronic network activity information, and inferences drawn from the above. We shared each category to or with advertising networks, data analytics providers, and social networks.
+The business or commercial purpose of sharing personal information is to assist us with marketing, advertising, and audience measurement.
+We do not “sell” or “share” the personal information of known minors under 16 years of age.
+Shine the Light Act

-Categories of Sensitive Data. We may collect, process, or disclose certain personal data that qualifies as “sensitive data” under applicable U.S. state data privacy laws. For example, this data may be collected if you participate in a survey, share it in your account profile, or are engaged in certain community-focused repositories. Sensitive data is a subset of personal data. In the list below, we outline the categories of sensitive data we collect, the sources of the sensitive data, our purposes of processing, and the categories of third-party recipients with whom we share the sensitive data. Please see the "What information GitHub collects" section for more information about the sensitive data we may collect.
+Under California Civil Code section 1798.83, also known as the “Shine the Light” law, California residents who have provided personal information to a business with which the individual has established a business relationship for personal, family, or household purposes (“California Customers”) may request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes. Please be aware that we do not disclose personal information to any third parties for their direct marketing purposes as defined by this law. California Customers may request further information about our compliance with this law by emailing (privacy[at]github[dot]com). Please note that businesses are required to respond to one request per California Customer each year and may not be required to respond to requests made by means other than through the designated email address.

-Sensitive Data Type    Purposes of Processing  Recipients
-Account log-in, financial account, debit or credit card number, and the means to access the account (security or access code, password, credentials, etc.) Transact commerce; process transactions; fulfill orders; provide our Services; help, secure, and troubleshoot; and detect and prevent fraud Service providers and user-directed entities
-Racial or ethnic origin, religious or philosophical beliefs, or union membership   Provide and personalize our products; product development; help, secure, and troubleshoot; and marketing    Service providers and user-directed entities
-Medical or mental health, sex life, or sexual orientation  Provide and personalize our products; product development; help, secure, and troubleshoot; and marketing    Service providers and user-directed entities
-Contents of your mail, email, or text messages (where GitHub is not the intended recipient of the communication)   Provide our products; safety; compliance; and help, secure, and troubleshoot    Service providers and user-directed entities
+Removal of Content

-GitHub asks your consent to collect and process your sensitive data or does so at your direction. We do not use or disclose your sensitive data for purposes other than the following:
+California residents under the age of 18 who are registered users of online sites, services, or applications have a right under California Business and Professions Code Section 22581 to remove, or request and obtain removal of, content or information they have publicly posted. To remove content or information you have publicly posted, please submit a Private Information Removal request. Alternatively, to request that we remove such content or information, please send a detailed description of the specific content or information you wish to have removed to GitHub support. Please be aware that your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances. If you have any questions about our privacy practices with respect to California residents, please send an email to privacy[at]github[dot]com.

-To perform the services, fulfill the transactions, or provide the goods or Services you reasonably expect;
-To help ensure the security and integrity of our Services, to combat malicious deceptive, fraudulent or illegal acts, and to protect the physical safety of individuals, to the extent the processing is reasonably necessary and proportionate;
-for transient use (including non-personalized advertising), so long as the personal data is not used for profiling, and is not used to alter an individual’s experience outside the current interaction with GitHub;
-To perform services to operate our business, such as maintaining accounts, providing customer service, processing, or fulfilling orders/transactions, verifying customer information, processing payments, provide financing, providing analytics, providing storage, and similar services;
-To undertake activities to verify or maintain the quality or safety of, or improve, upgrade, or enhance a service or device owned or controlled by GitHub; and
-To conduct any other activities in accordance with applicable law.
+We value the trust you place in us and are committed to handling your personal information with care and respect. If you have any questions or concerns about our privacy practices, please email our Data Protection Officer at dpo[at]github[dot]com.

-The charts above contain the primary sources, purposes of processing, and recipients for each category of personal data. We use the categories of personal information described above for the purposes listed in the "How GitHub uses your information" section of our Privacy Statement, such as meeting our legal obligations, improving our internal operations, and doing research. We also disclose the categories of personal information listed above for business or compliance purposes. Please see the "How we share information we collect" section of our Privacy Statement for additional details.
+Colorado/Connecticut/Virginia

-Not in a Position to Identify Data. In some situations GitHub may process data in a state called Not in a Position to Identify Data (NPI) or de-identified data. Data is in this state when we are not able to link data to an individual to whom such data may relate without taking additional steps. In those instances, and unless allowed under applicable law, we will maintain such information in an NPI state, and will not try to re-identify the individual to whom NPI data relates.
+If you live in Colorado, Connecticut, or Virginia you have some additional rights:

-Disclosures of personal data for business or commercial purposes. As indicated in the How We share the information we collect section, we share personal data with third parties for various business and commercial purposes. The primary business and commercial purposes for which we share personal data are the purposes of processing listed in the table above. We also disclose the categories of personal information listed above for business purposes. Please see the "How we share the information we collect" section of our Privacy Statement for additional details.
+If we deny your rights request, you have the right to appeal that decision. We will provide you with the necessary information to submit an appeal at that time.
+You have the right to opt out of profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer. GitHub does not engage in such profiling as defined by Colorado law, so there’s no need to opt out.
+Nevada

-Parties that control collection of personal data. In certain situations, we may allow a third party to control the collection of your personal data. For example, on our Enterprise Marketing Pages, advertisers may be the controllers of information they collect through their cookies.
+We do not sell your covered information, as defined under Chapter 603A of the Nevada Revised Statutes. If you still have questions about your covered information or anything else in our Privacy Statement, please send an email to privacy[at]github[dot]com.

 Press alt+up to activate
\ No newline at end of file
milonmaze commented 7 months ago

95fac050d4a4dd972077ba355ba6eeacb348ad28: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2024-04-26

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index f4f43219..a2d2ec1a 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -112,7 +112,7 @@ The right to object to the processing of your Personal Data, as allowed by appli
 The right to withdraw consent, where processing is based on your consent
 The right to receive your collected Personal Data in a structured, commonly used, and machine-readable format to facilitate its transfer to another company, where technically feasible

-To exercise these rights, please send an email to privacy[at]github[dot]com and follow the instructions provided.. To verify your identity for security, we may request extra information before addressing your data-related request. Please contact our Data Protection Officer at dpo[at]github[dot]com for any feedback or concerns. Depending on your region, you have the right to complain to your local Data Protection Authority. European users can find authority contacts on the European Data Protection Board website, and UK users on the Information Commissioner’s Office website.
+To exercise these rights, please send an email to privacy[at]github[dot]com and follow the instructions provided. To verify your identity for security, we may request extra information before addressing your data-related request. Please contact our Data Protection Officer at dpo[at]github[dot]com for any feedback or concerns. Depending on your region, you have the right to complain to your local Data Protection Authority. European users can find authority contacts on the European Data Protection Board website, and UK users on the Information Commissioner’s Office website.

 We aim to promptly respond to requests in compliance with legal requirements. Please note that we may retain certain data as necessary for legal obligations or for establishing, exercising, or defending legal claims.
milonmaze commented 1 month ago

37d0f9f8c4e617713d171cdcc853666eef06649a: https://docs.github.com/en/github/site-policy/github-privacy-statement @ 2024-09-27

difference captured:

diff --git a/docs.github.com/en/github/site-policy/github-privacy-statement.md b/docs.github.com/en/github/site-policy/github-privacy-statement.md
index a2d2ec1a..0565cae5 100644
--- a/docs.github.com/en/github/site-policy/github-privacy-statement.md
+++ b/docs.github.com/en/github/site-policy/github-privacy-statement.md
@@ -289,6 +289,4 @@ If we deny your rights request, you have the right to appeal that decision. We w
 You have the right to opt out of profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer. GitHub does not engage in such profiling as defined by Colorado law, so there’s no need to opt out.
 Nevada

-We do not sell your covered information, as defined under Chapter 603A of the Nevada Revised Statutes. If you still have questions about your covered information or anything else in our Privacy Statement, please send an email to privacy[at]github[dot]com.
-
-Press alt+up to activate
\ No newline at end of file
+We do not sell your covered information, as defined under Chapter 603A of the Nevada Revised Statutes. If you still have questions about your covered information or anything else in our Privacy Statement, please send an email to privacy[at]github[dot]com.
\ No newline at end of file