GitHub Docs

GitHub Privacy Statement

In this article

The short version

Summary
GitHub Privacy Statement
What information GitHub collects
What information GitHub does not collect
How GitHub uses your information
How we share the information we collect
Repository contents
Other important information
Additional services
How you can access and control the information we collect
Our use of cookies and tracking
How GitHub secures your information
GitHub's global privacy practices
How we communicate with you
Resolving complaints
Changes to our Privacy Statement
License
Contacting GitHub
Translations

Effective date: December 19, 2020

Thanks for entrusting GitHub Inc. (“GitHub”, “we”) with your source code, your
projects, and your personal information. Holding on to your private information is a

serious responsibility, and we want you to know how we're handling it.

All capitalized terms have their definition in GitHub’s Terms of Service, unless
otherwise noted here.

The short version

We use your personal information as this Privacy Statement describes. No matter

where you are, where you live, or what your citizenship is, we provide the same high
standard of privacy protection to all our users around the world, regardless of their
country of origin or location.

Of course, the short version and the Summary below don't tell you everything, so
please read on for more details.

Summary

Section What can you find there?

What GitHub collects information directly from you for your registration, payment,
information transactions, and user profile. We also automatically collect from you your
GitHub usage information, cookies, and device information, subject, where necessary,
collects to your consent. GitHub may also collect User Personal Information from third
parties. We only collect the minimum amount of personal information
necessary from you, unless you choose to provide more.

What We don’t knowingly collect information from children under 13, and we don’t
information collect Sensitive Personal Information.
GitHub does
not collect

How GitHub In this section, we describe the ways in which we use your information,
uses your including to provide you the Service, to communicate with you, for security
information and compliance purposes, and to improve our Service. We also describe the
legal basis upon which we process your information, where legally required.

How we We may share your information with third parties under one of the following
share the circumstances: with your consent, with our service providers, for security
share the circumstances: with your consent, with our service providers, for security
information purposes, to comply with our legal obligations, or when there is a change of
we collect control or sale of corporate entities or business units. We do not sell your
personal information and we do not host advertising on GitHub. You can see a
list of the service providers that access your information.

Other We provide additional information specific to repository contents, public

important information, and Organizations on GitHub.
information

Additional We provide information about additional service offerings, including third-

services party applications, GitHub Pages, and GitHub applications.

How you can We provide ways for you to access, alter, or delete your personal information.
access and
control the
information
we collect

Our use of We only use strictly necessary cookies to provide, secure and improve our
cookies and service. We offer a page that makes this very transparent. Please see this
tracking section for more information.

How GitHub We take all measures reasonably necessary to protect the confidentiality,
secures your integrity, and availability of your personal information on GitHub and to
information protect the resilience of our servers.

GitHub's We provide the same high standard of privacy protection to all our users
global around the world.
privacy
practices

How we We communicate with you by email. You can control the way we contact you in
communicate your account settings, or by contacting us.
with you

Resolving In the unlikely event that we are unable to resolve a privacy concern quickly
complaints and thoroughly, we provide a path of dispute resolution.
Changes to We notify you of material changes to this Privacy Statement 30 days before
our Privacy any such changes become effective. You may also track changes in our Site
Statement Policy repository.

License This Privacy Statement is licensed under the Creative Commons Zero license.

Contacting Please feel free to contact us if you have questions about our Privacy
GitHub Statement.

Translations We provide links to some translations of the Privacy Statement.

GitHub Privacy Statement

What information GitHub collects

"User Personal Information" is any information about one of our Users which could,
alone or together with other information, personally identify them or otherwise be
reasonably linked or connected with them. Information such as a username and
password, an email address, a real name, an Internet protocol (IP) address, and a
photograph are examples of “User Personal Information.”

User Personal Information does not include aggregated, non-personally identifying

information that does not identify a User or cannot otherwise be reasonably linked or
connected with them. We may use such aggregated, non-personally identifying
information for research purposes and to operate, analyze, improve, and optimize
our Website and Service.

Information users provide directly to GitHub

Registration information

We require some basic information at the time of account creation. When you create
We require some basic information at the time of account creation. When you create
your own username and password, we ask you for a valid email address.

Payment information

If you sign on to a paid Account with us, send funds through the GitHub Sponsors
Program, or buy an application on GitHub Marketplace, we collect your full name,
address, and credit card information or PayPal information. Please note, GitHub does
not process or store your credit card information or PayPal information, but our third-
party payment processor does.

If you list and sell an application on GitHub Marketplace, we require your banking
information. If you raise funds through the GitHub Sponsors Program, we require
some additional information through the registration process for you to participate in
and receive funds through those services and for compliance purposes.

Profile information

You may choose to give us more information for your Account profile, such as your
full name, an avatar which may include a photograph, your biography, your location,
your company, and a URL to a third-party website. This information may include User
Personal Information. Please note that your profile information may be visible to
other Users of our Service.

Information GitHub automatically collects from your use of the

Service

Transactional information

If you have a paid Account with us, sell an application listed on GitHub Marketplace,
or raise funds through the GitHub Sponsors Program, we automatically collect
certain information about your transactions on the Service, such as the date, time,
and amount charged.

Usage information
Usage information

If you're accessing our Service or Website, we automatically collect the same basic
information that most services collect, subject, where necessary, to your consent.
This includes information about how you use the Service, such as the pages you
view, the referring site, your IP address and session information, and the date and
time of each request. This is information we collect from every visitor to the Website,
whether they have an Account or not. This information may include User Personal
information.

Cookies

As further described below, we automatically collect information from cookies (such

as cookie ID and settings) to keep you logged in, to remember your preferences, to
identify you and your device and to analyze your use of our service.

Device information

We may collect certain information about your device, such as its IP address,
browser or client application information, language preference, operating system
and application version, device type and ID, and device model and manufacturer.
This information may include User Personal information.

Information we collect from third parties

GitHub may collect User Personal Information from third parties. For example, this
may happen if you sign up for training or to receive information about GitHub from
one of our vendors, partners, or affiliates. GitHub does not purchase User Personal
Information from third-party data brokers.

What information GitHub does not collect

We do not intentionally collect “Sensitive Personal Information”, such as personal
data revealing racial or ethnic origin, political opinions, religious or philosophical
beliefs, or trade union membership, and the processing of genetic data, biometric
beliefs, or trade union membership, and the processing of genetic data, biometric
data for the purpose of uniquely identifying a natural person, data concerning health
or data concerning a natural person’s sex life or sexual orientation. If you choose to
store any Sensitive Personal Information on our servers, you are responsible for
complying with any regulatory controls regarding that data.

If you are a child under the age of 13, you may not have an Account on GitHub.
GitHub does not knowingly collect information from or direct any of our content
specifically to children under 13. If we learn or have reason to suspect that you are a
User who is under the age of 13, we will have to close your Account. We don't want to
discourage you from learning to code, but those are the rules. Please see our Terms
of Service for information about Account termination. Different countries may have
different minimum age limits, and if you are below the minimum age for providing
consent for data collection in your country, you may not have an Account on GitHub.

We do not intentionally collect User Personal Information that is stored in your

repositories or other free-form content inputs. Any personal information within a
user's repository is the responsibility of the repository owner.

How GitHub uses your information

We may use your information for the following purposes:

We use your Registration Information to create your account, and to provide you
the Service.
We use your Payment Information to provide you with the Paid Account service,
the Marketplace service, the Sponsors Program, or any other GitHub paid
service you request.
We use your User Personal Information, specifically your username, to identify
you on GitHub.
We use your Profile Information to fill out your Account profile and to share that
profile with other users if you ask us to.

We use your email address to communicate with you, if you've said that's okay,
and only for the reasons you’ve said that’s okay. Please see our section on
email communication for more information.
 email communication for more information.
We use User Personal Information to respond to support requests.
We use User Personal Information and other data to make recommendations for
you, such as to suggest projects you may want to follow or contribute to. We
learn from your public behavior on GitHub—such as the projects you star—to
determine your coding interests, and we recommend similar projects. These
recommendations are automated decisions, but they have no legal impact on
your rights.
We may use User Personal Information to invite you to take part in surveys, beta
programs, or other research projects, subject, where necessary, to your consent
.
We use Usage Information and Device Information to better understand how our
Users use GitHub and to improve our Website and Service.
We may use your User Personal Information if it is necessary for security
purposes or to investigate possible fraud or attempts to harm GitHub or our
Users.
We may use your User Personal Information to comply with our legal obligations,
protect our intellectual property, and enforce our Terms of Service.
We limit our use of your User Personal Information to the purposes listed in this
Privacy Statement. If we need to use your User Personal Information for other
purposes, we will ask your permission first. You can always see what information
we have, how we're using it, and what permissions you have given us in your user
profile.

Our legal bases for processing information

To the extent that our processing of your User Personal Information is subject to
certain international laws (including, but not limited to, the European Union's General
Data Protection Regulation (GDPR)), GitHub is required to notify you about the legal
basis on which we process User Personal Information. GitHub processes User
Personal Information on the following legal bases:

Contract Performance:

When you create a GitHub Account, you provide your Registration

 Information. We require this information for you to enter into the Terms of
Service agreement with us, and we process that information on the basis of
performing that contract. We also process your username and email address
on other legal bases, as described below.
If you have a paid Account with us, we collect and process additional
Payment Information on the basis of performing that contract.
When you buy or sell an application listed on our Marketplace or, when you
send or receive funds through the GitHub Sponsors Program, we process
Payment Information and additional elements in order to perform the
contract that applies to those services.

Consent:

We rely on your consent to use your User Personal Information under the
following circumstances: when you fill out the information in your user
profile; when you decide to participate in a GitHub training, research project,
beta program, or survey; and for marketing purposes, where applicable. All
of this User Personal Information is entirely optional, and you have the ability
to access, modify, and delete it at any time. While you are not able to delete
your email address entirely, you can make it private. You may withdraw your
consent at any time.

Legitimate Interests:

Generally, the remainder of the processing of User Personal Information we

perform is necessary for the purposes of our legitimate interest, for
example, for legal compliance purposes, security purposes, or to maintain
ongoing confidentiality, integrity, availability, and resilience of GitHub’s
systems, Website, and Service.

If you would like to request deletion of data we process on the basis of consent
or if you object to our processing of personal information, please use our Privacy
contact form.

How we share the information we collect

We may share your User Personal Information with third parties under one of the
following circumstances:

With your consent

We share your User Personal Information, if you consent, after letting you know what
information will be shared, with whom, and why. For example, if you purchase an
application listed on our Marketplace, we share your username to allow the
application Developer to provide you with services. Additionally, you may direct us
through your actions on GitHub to share your User Personal Information. For
example, if you join an Organization, you indicate your willingness to provide the
owner of the Organization with the ability to view your activity in the Organization’s
access log.

With service providers

We share User Personal Information with a limited number of service providers who
process it on our behalf to provide or improve our Service, and who have agreed to
privacy restrictions similar to the ones in our Privacy Statement by signing data
protection agreements or making similar commitments. Our service providers
perform payment processing, customer support ticketing, network data
transmission, security, and other similar services. While GitHub processes all User
Personal Information in the United States, our service providers may process data
outside of the United States or the European Union. If you would like to know who our
service providers are, please see our page on Subprocessors.

For security purposes

If you are a member of an Organization, GitHub may share your username, Usage
Information, and Device Information associated with that Organization with an owner
and/or administrator of the Organization, to the extent that such information is
provided only to investigate or respond to a security incident that affects or
compromises the security of that particular Organization.
For legal disclosure
GitHub strives for transparency in complying with legal process and legal
obligations. Unless prevented from doing so by law or court order, or in rare, exigent
circumstances, we make a reasonable effort to notify users of any legally compelled
or required disclosure of their information. GitHub may disclose User Personal
Information or other information we collect about you to law enforcement if required
in response to a valid subpoena, court order, search warrant, a similar government
order, or when we believe in good faith that disclosure is necessary to comply with
our legal obligations, to protect our property or rights, or those of third parties or the
public at large.

For more information about our disclosure in response to legal requests, see our
Guidelines for Legal Requests of User Data.

Change in control or sale

We may share User Personal Information if we are involved in a merger, sale, or
acquisition of corporate entities or business units. If any such change of ownership
happens, we will ensure that it is under terms that preserve the confidentiality of
User Personal Information, and we will notify you on our Website or by email before
any transfer of your User Personal Information. The organization receiving any User
Personal Information will have to honor any promises we made in our Privacy
Statement or Terms of Service.

Aggregate, non-personally identifying information

We share certain aggregated, non-personally identifying information with others
about how our users, collectively, use GitHub, or how our users respond to our other
offerings, such as our conferences or events.

We do not sell your User Personal Information for monetary or other consideration.

Please note: The California Consumer Privacy Act of 2018 (“CCPA”) requires
businesses to state in their privacy policy whether or not they disclose personal
information in exchange for monetary or other valuable consideration. While CCPA
only covers California residents, we voluntarily extend its core rights for people to
control their data to all of our users, not just those who live in California. You can
learn more about the CCPA and how we comply with it here.

Repository contents

Access to private repositories

If your repository is private, you control the access to your Content. If you include
User Personal Information or Sensitive Personal Information, that information may
only be accessible to GitHub in accordance with this Privacy Statement. GitHub
personnel do not access private repository content except for

security purposes
to assist the repository owner with a support matter
to maintain the integrity of the Service
to comply with our legal obligations
if we have reason to believe the contents are in violation of the law, or
with your consent.

However, while we do not generally search for content in your repositories, we may
scan our servers and content to detect certain tokens or security signatures, known
active malware, known vulnerabilities in dependencies, or other content known to
violate our Terms of Service, such as violent extremist or terrorist content or child
exploitation imagery, based on algorithmic fingerprinting techniques (collectively,
"automated scanning"). Our Terms of Service provides more details on private
repositories.

Please note, you may choose to disable certain access to your private repositories
that is enabled by default as part of providing you with the Service (for example,
automated scanning needed to enable Dependency Graph and Dependabot alerts).
GitHub will provide notice regarding our access to private repository content, unless
for legal disclosure, to comply with our legal obligations, or where otherwise bound
by requirements under law, for automated scanning, or if in response to a security
threat or other risk to security.

Public repositories
If your repository is public, anyone may view its contents. If you include User
Personal Information, Sensitive Personal Information, or confidential information,
such as email addresses or passwords, in your public repository, that information
may be indexed by search engines or used by third parties.

Please see more about User Personal Information in public repositories.

Other important information

Public information on GitHub

Many of GitHub services and features are public-facing. If your content is public-
facing, third parties may access and use it in compliance with our Terms of Service,
such as by viewing your profile or repositories or pulling data via our API. We do not
sell that content; it is yours. However, we do allow third parties, such as research
organizations or archives, to compile public-facing GitHub information. Other third
parties, such as data brokers, have been known to scrape GitHub and compile data
as well.

Your User Personal Information associated with your content could be gathered by
third parties in these compilations of GitHub data. If you do not want your User
Personal Information to appear in third parties’ compilations of GitHub data, please
do not make your User Personal Information publicly available and be sure to
configure your email address to be private in your user profile and in your git commit
settings. We currently set Users' email address to private by default, but legacy
GitHub Users may need to update their settings.
If you would like to compile GitHub data, you must comply with our Terms of Service
regarding information usage and privacy, and you may only use any public-facing
User Personal Information you gather for the purpose for which our user authorized
it. For example, where a GitHub user has made an email address public-facing for the
purpose of identification and attribution, do not use that email address for the
purposes of sending unsolicited emails to users or selling User Personal Information,
such as to recruiters, headhunters, and job boards, or for commercial advertising.
We expect you to reasonably secure any User Personal Information you have
gathered from GitHub, and to respond promptly to complaints, removal requests,
and "do not contact" requests from GitHub or GitHub users.

Similarly, projects on GitHub may include publicly available User Personal

Information collected as part of the collaborative process. If you have a complaint
about any User Personal Information on GitHub, please see our section on resolving
complaints.

Organizations
You may indicate, through your actions on GitHub, that you are willing to share your
User Personal Information. If you collaborate on or become a member of an
Organization, then its Account owners may receive your User Personal Information.
When you accept an invitation to an Organization, you will be notified of the types of
information owners may be able to see (for more information, see About Organization
Membership). If you accept an invitation to an Organization with a verified domain,
then the owners of that Organization will be able to see your full email address(es)
within that Organization's verified domain(s).

Please note, GitHub may share your username, Usage Information, and Device
Information with the owner(s) of the Organization you are a member of, to the extent
that your User Personal Information is provided only to investigate or respond to a
security incident that affects or compromises the security of that particular
Organization.

If you collaborate on or become a member of an Account that has agreed to the

Corporate Terms of Service and a Data Protection Addendum (DPA) to this Privacy
Statement, then that DPA governs in the event of any conflicts between this Privacy
Statement, then that DPA governs in the event of any conflicts between this Privacy
Statement and the DPA with respect to your activity in the Account.

Please contact the Account owners for more information about how they might
process your User Personal Information in their Organization and the ways for you to
access, update, alter, or delete the User Personal Information stored in the Account.

Additional services

Third party applications

You have the option of enabling or adding third-party applications, known as
"Developer Products," to your Account. These Developer Products are not necessary
for your use of GitHub. We will share your User Personal Information with third
parties when you ask us to, such as by purchasing a Developer Product from the
Marketplace; however, you are responsible for your use of the third-party Developer
Product and for the amount of User Personal Information you choose to share with it.
You can check our API documentation to see what information is provided when you
authenticate into a Developer Product using your GitHub profile.

GitHub Pages
If you create a GitHub Pages website, it is your responsibility to post a privacy
statement that accurately describes how you collect, use, and share personal
information and other visitor information, and how you comply with applicable data
privacy laws, rules, and regulations. Please note that GitHub may collect User
Personal Information from visitors to your GitHub Pages website, including logs of
visitor IP addresses, to comply with legal obligations, and to maintain the security
and integrity of the Website and the Service.

GitHub applications
You can also add applications from GitHub, such as our Desktop app, our Atom
You can also add applications from GitHub, such as our Desktop app, our Atom
application, or other application and account features, to your Account. These
applications each have their own terms and may collect different kinds of User
Personal Information; however, all GitHub applications are subject to this Privacy
Statement, and we collect the amount of User Personal Information necessary, and
use it only for the purpose for which you have given it to us.

How you can access and control the information we

collect

If you're already a GitHub user, you may access, update, alter, or delete your basic
user profile information by editing your user profile or contacting GitHub Support.
You can control the information we collect about you by limiting what information is
in your profile, by keeping your information current, or by contacting GitHub
Support.

If GitHub processes information about you, such as information GitHub receives from
third parties, and you do not have an account, then you may, subject to applicable
law, access, update, alter, delete, or object to the processing of your personal
information by contacting GitHub Support.

Data portability
As a GitHub User, you can always take your data with you. You can clone your
repositories to your desktop, for example, or you can use our Data Portability tools to
download information we have about you.

Data retention and deletion of data

Generally, GitHub retains User Personal Information for as long as your account is
active or as needed to provide you services.
If you would like to cancel your account or delete your User Personal Information, you
may do so in your user profile. We retain and use your information as necessary to
comply with our legal obligations, resolve disputes, and enforce our agreements, but
comply with our legal obligations, resolve disputes, and enforce our agreements, but
barring legal requirements, we will delete your full profile (within reason) within 90
days of your request. You may contact GitHub Support to request the erasure of the
data we process on the basis of consent within 30 days.

After an account has been deleted, certain data, such as contributions to other
Users' repositories and comments in others' issues, will remain. However, we will
delete or de-identify your User Personal Information, including your username and
email address, from the author field of issues, pull requests, and comments by
associating them with a ghost user.

That said, the email address you have supplied via your Git commit settings will
always be associated with your commits in the Git system. If you choose to make
your email address private, you should also update your Git commit settings. We are
unable to change or delete data in the Git commit history — the Git software is
designed to maintain a record — but we do enable you to control what information
you put in that record.

Our use of cookies and tracking

Cookies
GitHub only uses strictly necessary cookies. Cookies are small text files that
websites often store on computer hard drives or mobile devices of visitors.

We use cookies solely to provide, secure, and improve our service. For example, we
use them to keep you logged in, remember your preferences, identify your device for
security purposes, analyze your use of our service, compile statistical reports, and
provide information for future development of GitHub. We use our own cookies for
analytics purposes, but do not use any third-party analytics service providers.

By using our service, you agree that we can place these types of cookies on your

computer or device. If you disable your browser or device’s ability to accept these
cookies, you will not be able to log in or use our service.
We provide more information about cookies on GitHub on our GitHub Subprocessors
and Cookies page that describes the cookies we set, the needs we have for those
cookies, and the expiration of such cookies.

DNT
"Do Not Track" (DNT) is a privacy preference you can set in your browser if you do
not want online services to collect and share certain kinds of information about your
online activity from third party tracking services. GitHub responds to browser DNT
signals and follows the W3C standard for responding to DNT signals. If you would
like to set your browser to signal that you would not like to be tracked, please check
your browser's documentation for how to enable that signal. There are also good
applications that block online tracking, such as Privacy Badger.

How GitHub secures your information

GitHub takes all measures reasonably necessary to protect User Personal

Information from unauthorized access, alteration, or destruction; maintain data
accuracy; and help ensure the appropriate use of User Personal Information.

GitHub enforces a written security information program. Our program:

aligns with industry recognized frameworks;

includes security safeguards reasonably designed to protect the confidentiality,
integrity, availability, and resilience of our Users' data;
is appropriate to the nature, size, and complexity of GitHub’s business
operations;
includes incident response and data breach notification processes; and
complies with applicable information security-related laws and regulations in the
geographic regions where GitHub does business.

In the event of a data breach that affects your User Personal Information, we will act
promptly to mitigate the impact of a breach and notify any affected Users without
undue delay.
undue delay.

Transmission of data on GitHub is encrypted using SSH, HTTPS (TLS), and git
repository content is encrypted at rest. We manage our own cages and racks at top-
tier data centers with high level of physical and network security, and when data is
stored with a third-party storage provider, it is encrypted.

No method of transmission, or method of electronic storage, is 100% secure.

Therefore, we cannot guarantee its absolute security. For more information, see our
security disclosures.

GitHub's global privacy practices

GitHub, Inc. and, for those in the European Economic Area, the United Kingdom, and
Switzerland, GitHub B.V. are the controllers responsible for the processing of your
personal information in connection with the Service, except (a) with respect to
personal information that was added to a repository by its contributors, in which
case the owner of that repository is the controller and GitHub is the processor (or, if
the owner acts as a processor, GitHub will be the subprocessor); or (b) when you and
GitHub have entered into a separate agreement that covers data privacy (such as a
Data Processing Agreement).

Our addresses are:

GitHub, Inc., 88 Colin P. Kelly Jr. Street, San Francisco, CA 94107.

GitHub B.V., Vijzelstraat 68-72, 1017 HL Amsterdam, The Netherlands.

We store and process the information that we collect in the United States in
accordance with this Privacy Statement, though our service providers may store and
process data outside the United States. However, we understand that we have Users
from different countries and regions with different privacy expectations, and we try
to meet those needs even when the United States does not have the same privacy
framework as other countries.

We provide the same high standard of privacy protection—as described in this

Privacy Statement—to all our users around the world, regardless of their country of
origin or location, and we are proud of the levels of notice, choice, accountability,
origin or location, and we are proud of the levels of notice, choice, accountability,
security, data integrity, access, and recourse we provide. We work hard to comply
with the applicable data privacy laws wherever we do business, working with our
Data Protection Officer as part of a cross-functional team that oversees our privacy
compliance efforts. Additionally, if our vendors or affiliates have access to User
Personal Information, they must sign agreements that require them to comply with
our privacy policies and with applicable data privacy laws.

In particular:

GitHub provides clear methods of unambiguous, informed, specific, and freely

given consent at the time of data collection, when we collect your User Personal
Information using consent as a basis.
We collect only the minimum amount of User Personal Information necessary for
our purposes, unless you choose to provide more. We encourage you to only
give us the amount of data you are comfortable sharing.
We offer you simple methods of accessing, altering, or deleting the User
Personal Information we have collected, where legally permitted.
We provide our Users notice, choice, accountability, security, and access
regarding their User Personal Information, and we limit the purpose for
processing it. We also provide our Users a method of recourse and enforcement.

Cross-border data transfers

GitHub processes personal information both inside and outside of the United States
and relies on Standard Contractual Clauses as the legally provided mechanism to
lawfully transfer data from the European Economic Area, the United Kingdom, and
Switzerland to the United States. In addition, GitHub is certified to the EU-US and
Swiss-US Privacy Shield Frameworks. To learn more about our cross-border data
transfers, see our Global Privacy Practices.

How we communicate with you

We use your email address to communicate with you, if you've said that's okay, and
only for the reasons you’ve said that’s okay. For example, if you contact our
Support team with a request, we respond to you via email. You have a lot of control
over how your email address is used and shared on and through GitHub. You may
manage your communication preferences in your user profile.

By design, the Git version control system associates many actions with a User's
email address, such as commit messages. We are not able to change many aspects
of the Git system. If you would like your email address to remain private, even when
you’re commenting on public repositories, you can create a private email address in
your user profile. You should also update your local Git configuration to use your
private email address. This will not change how we contact you, but it will affect how
others see you. We set current Users' email address private by default, but legacy
GitHub Users may need to update their settings. Please see more about email
addresses in commit messages here.

Depending on your email settings, GitHub may occasionally send notification emails
about changes in a repository you’re watching, new features, requests for feedback,
important policy changes, or to offer customer support. We also send marketing
emails, based on your choices and in accordance with applicable laws and
regulations. There's an “unsubscribe” link located at the bottom of each of the
marketing emails we send you. Please note that you cannot opt out of receiving
important communications from us, such as emails from our Support team or system
emails, but you can configure your notifications settings in your profile to opt out of
other communications.

Our emails may contain a pixel tag, which is a small, clear image that can tell us
whether or not you have opened an email and what your IP address is. We use this
pixel tag to make our email more effective for you and to make sure we’re not
sending you unwanted email.

Resolving complaints
If you have concerns about the way GitHub is handling your User Personal
Information, please let us know immediately. We want to help. You may contact us by
filling out the Privacy contact form. You may also email us directly at
filling out the Privacy contact form. You may also email us directly at
[email protected] with the subject line "Privacy Concerns." We will respond
promptly — within 45 days at the latest.

You may also contact our Data Protection Officer directly.

Our United States HQ Our EU Office

GitHub Data Protection Officer GitHub BV

88 Colin P. Kelly Jr. St. Vijzelstraat 68-72

San Francisco, CA 94107 1017 HL Amsterdam

United States The Netherlands

[email protected] [email protected]

Dispute resolution process

In the unlikely event that a dispute arises between you and GitHub regarding our
handling of your User Personal Information, we will do our best to resolve it.
Additionally, if you are a resident of an EU member state, you have the right to file a
complaint with your local supervisory authority, and you might have more options.

Changes to our Privacy Statement

Although most changes are likely to be minor, GitHub may change our Privacy
Statement from time to time. We will provide notification to Users of material
changes to this Privacy Statement through our Website at least 30 days prior to the
change taking effect by posting a notice on our home page or sending email to the
primary email address specified in your GitHub account. We will also update our Site
Policy repository, which tracks all changes to this policy. For other changes to this
Privacy Statement, we encourage Users to watch or to check our Site Policy
repository frequently.
repository frequently.

License

This Privacy Statement is licensed under this Creative Commons Zero license. For
details, see our site-policy repository.

Contacting GitHub

Questions regarding GitHub's Privacy Statement or information practices should be

directed to our Privacy contact form.

Translations

Below are translations of this document into other languages. In the event of any
conflict, uncertainty, or apparent inconsistency between any of those versions and
the English version, this English version is the controlling version.

French
Cliquez ici pour obtenir la version française: Déclaration de confidentialité de GitHub

Other translations
For translations of this statement into other languages, please visit
https://docs.github.com/ and select a language from the drop-down menu under
“English.”

© 2022 GitHub, Inc. Terms Privacy Security Status Help Contact GitHub Pricing
Developer API Training Blog About