- What information WVS collects
- What information WVS does not collect
- How WVS uses your information
- How we share the information we collect
- Repository contents
- Other important information
- How WVS secures your information
- WVS’s global privacy practices
- How we communicate with you
|Area: Legal||Subarea: none||Audience: Everyone|
“User Personal Information” is any information about one of our Users which could, alone or together with other information, personally identify them or otherwise be reasonably linked or connected with them. Information such as a username and password, an email address, a real name, an Internet protocol (IP) address, and a photograph are examples of “User Personal Information.”
User Personal Information does not include aggregated, non-personally identifying information that does not identify a User or cannot otherwise be reasonably linked or connected with them. We may use such aggregated, non-personally identifying information for research purposes and to operate, analyze, improve, and optimize our Website and Service.
We require some basic information at the time of account creation. When you create your own username and password, we ask you for a valid email address.
If you sign on to a paid Account with us, or spend funds with us, we collect your full name, address, and credit card information or PayPal information. Please note, WVS does not process or store your credit card information or PayPal information, but our third-party payment processor does.
You may choose to give us more information for your Account profile, such as your full name, an avatar which may include a photograph, your biography, your location, your company, and a URL to a third-party website. This information may include User Personal Information. Please note that your profile information may be visible to other Users of our Service.
If you have a paid Account with us, we automatically collect certain information about your transactions on the Service, such as the date, time, and amount charged.
If you’re accessing our Service or Website, we automatically collect the same basic information that most services collect, subject, where necessary, to your consent. This includes information about how you use the Service, such as the pages you view, the referring site, your IP address and session information, and the date and time of each request. This is information we collect from every visitor to the Website, whether they have an Account or not. This information may include User Personal information.
As further described below, we automatically collect information from cookies (such as cookie ID and settings) to keep you logged in, to remember your preferences, to identify you and your device and to analyze your use of our service.
We may collect certain information about your device, such as its IP address, browser or client application information, language preference, operating system and application version, device type and ID, and device model and manufacturer. This information may include User Personal information.
WVS may collect User Personal Information from third parties. For example, this may happen if you sign up for training or to receive information about WVS from one of our vendors, partners, or affiliates. WVS does not purchase User Personal Information from third-party data brokers.
We do not intentionally collect “Sensitive Personal Information”, such as personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. If you choose to store any Sensitive Personal Information on our servers, you are responsible for complying with any regulatory controls regarding that data.
If you are a child under the age of 13, you may not have an Account on WVS. WVS does not knowingly collect information from or direct any of our content specifically to children under 13. If we learn or have reason to suspect that you are a User who is under the age of 13, we will have to close your Account. We don’t want to discourage you from learning to code, but those are the rules. Please see our Terms of Service for information about Account termination. Different countries may have different minimum age limits, and if you are below the minimum age for providing consent for data collection in your country, you may not have an Account on WVS.
We do not intentionally collect User Personal Information that is stored in your repositories or other free-form content inputs. Any personal information within a user’s repository is the responsibility of the repository owner.
We may use your information for the following purposes:
- We use your Registration Information to create your account, and to provide you the Service.
- We use your Payment Information to provide you with the Paid Account service or any other WVS paid service you request.
- We use your User Personal Information, specifically your username, to identify you on WVS.
- We use your Profile Information to fill out your Account profile and to share that profile with other users if you ask us to.
- We use your email address to communicate with you.
- We use User Personal Information to respond to support requests.
- We use User Personal Information and other data to make recommendations for you, such as to suggest projects you may want to follow or contribute to. We learn from your public behavior on GitHub—such as the projects you star—to determine your coding interests, and we recommend similar projects. These recommendations are automated decisions, but they have no legal impact on your rights.
- We may use User Personal Information to invite you to take part in surveys, beta programs, or other research projects, subject, where necessary, to your consent .
- We use Usage Information and Device Information to better understand how our Users use WVS and to improve our Website and Service.
- We may use your User Personal Information if it is necessary for security purposes or to investigate possible fraud or attempts to harm WVS or our Users.
- We may use your User Personal Information to comply with our legal obligations, protect our intellectual property, and enforce our Terms of Service.
To the extent that our processing of your User Personal Information is subject to certain international laws (including, but not limited to, the European Union’s General Data Protection Regulation (GDPR)), WVS is required to notify you about the legal basis on which we process User Personal Information. WVS processes User Personal Information on the following legal bases:
- Contract Performance:
- When you create a WVS Account, you provide your Registration Information. We require this information for you to enter into the Terms of Service agreement with us, and we process that information on the basis of performing that contract. We also process your username and email address on other legal bases, as described below.
- If you have a paid Account with us, we collect and process additional Payment Information on the basis of performing that contract.
- We rely on your consent to use your User Personal Information under the following circumstances: when you fill out the information in your user profile; when you decide to participate in a WVS training, research project, beta program, or survey; and for marketing purposes, where applicable. All of this User Personal Information is entirely optional, and you have the ability to access, modify, and delete it at any time. While you are not able to delete your email address entirely, you can make it private. You may withdraw your consent at any time.
- Legitimate Interests:
- Generally, the remainder of the processing of User Personal Information we perform is necessary for the purposes of our legitimate interest, for example, for legal compliance purposes, security purposes, or to maintain ongoing confidentiality, integrity, availability, and resilience of GitHub’s systems, Website, and Service.
We may share your User Personal Information with third parties under one of the following circumstances:
We share your User Personal Information, if you consent, after letting you know what information will be shared, with whom, and why. For example, if you purchase an application listed on our Marketplace, we share your username to allow the application Developer to provide you with services. Additionally, you may direct us through your actions on WVS to share your User Personal Information. For example, if you join an Organization, you indicate your willingness to provide the owner of the Organization with the ability to view your activity in the Organization’s access log.
If you are a member of an Organization, WVS may share your username, Usage Information, and Device Information associated with that Organization with an owner and/or administrator of the Organization, to the extent that such information is provided only to investigate or respond to a security incident that affects or compromises the security of that particular Organization.
WVS strives for transparency in complying with legal process and legal obligations. Unless prevented from doing so by law or court order, or in rare, exigent circumstances, we make a reasonable effort to notify users of any legally compelled or required disclosure of their information. WVS may disclose User Personal Information or other information we collect about you to law enforcement if required in response to a valid subpoena, court order, search warrant, a similar government order, or when we believe in good faith that disclosure is necessary to comply with our legal obligations, to protect our property or rights, or those of third parties or the public at large.
We share certain aggregated, non-personally identifying information with others about how our users, collectively, use WVS, or how our users respond to our other offerings, such as our conferences or events.
We do not sell your User Personal Information for monetary or other consideration.
- security purposes
- to assist the repository owner with a support matter
- to maintain the integrity of the Service
- to comply with our legal obligations
- if we have reason to believe the contents are in violation of the law, or
- with your consent.
However, while we do not generally search for content in your repositories, we may scan our servers and content to detect certain tokens or security signatures, known active malware, known vulnerabilities in dependencies, or other content known to violate our Terms of Service, such as violent extremist or terrorist content or child exploitation imagery, based on algorithmic fingerprinting techniques (collectively, “automated scanning”). Our Terms of Service provides more details on private repositories.
Please note, you may choose to disable certain access to your private repositories that is enabled by default as part of providing you with the Service (for example, automated scanning needed to enable Dependency Graph and Dependabot alerts).
WVS will provide notice regarding our access to private repository content, unless for legal disclosure, to comply with our legal obligations, or where otherwise bound by requirements under law, for automated scanning, or if in response to a security threat or other risk to security.
If your repository is public, anyone may view its contents. If you include User Personal Information, Sensitive Personal Information, or confidential information, such as email addresses or passwords, in your public repository, that information may be indexed by search engines or used by third parties.
Many of WVS services and features are public-facing. If your content is public-facing, third parties may access and use it in compliance with our Terms of Service, such as by viewing your profile or repositories or pulling data via our API. We do not sell that content; it is yours. However, we do allow third parties, such as research organizations or archives, to compile public-facing WVS information. Other third parties, such as data brokers, have been known to scrape WVS and compile data as well.
Your User Personal Information associated with your content could be gathered by third parties in these compilations of WVS data. If you do not want your User Personal Information to appear in third parties’ compilations of WVS data, please do not make your User Personal Information publicly available.
Similarly, projects on WVS may include publicly available User Personal Information collected as part of the collaborative process.
Generally, WVS retains User Personal Information for as long as your account is active or as needed to provide you services.
If you would like to cancel your account or delete your User Personal Information, you may do so at any time. We retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements, but barring legal requirements, we will delete your full profile (within reason) within 90 days of your request.
After an account has been deleted, certain data, such as contributions to other Users’ repositories and comments in others’ issues, will remain.
The email address you have supplied via your Git commit settings will always be associated with your commits in the Git system. If you wish to make your email address private, you should also update your Git commit settings. We are unable to change or delete data in the Git commit history — the Git software is designed to maintain a record — but we do enable you to control what information you put in that record.
WVS only uses strictly necessary cookies. Cookies are small text files that websites often store on computer hard drives or mobile devices of visitors.
By using our service, you agree that we can place these types of cookies on your computer or device. If you disable your browser or device’s ability to accept these cookies, you will not be able to log in or use our service.
WVS takes all measures reasonably necessary to protect User Personal Information from unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of User Personal Information.
- aligns with industry recognized frameworks;
- includes security safeguards reasonably designed to protect the confidentiality, integrity, availability, and resilience of our Users’ data;
- is appropriate to the nature, size, and complexity of GitHub’s business operations;
- complies with applicable information security-related laws and regulations in the geographic regions where WVS does business.
In the event of a data breach that affects your User Personal Information, we will act promptly to mitigate the impact of a breach and notify any affected Users without undue delay.
Transmission of data on WVS is encrypted using SSH, HTTPS (TLS), and git repository content is encrypted at rest. All data is hosted on AWS and is encrypted.
No method of transmission, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security.
Wevr Inc. is the controllers responsible for the processing of your personal information in connection with the Service, except (a) with respect to personal information that was added to a repository by its contributors, in which case the owner of that repository is the controller and WVS is the processor (or, if the owner acts as a processor, WVS will be the subprocessor); or (b) when you and WVS have entered into a separate agreement that covers data privacy (such as a Data Processing Agreement).
Our addresses is:
- Wevr Inc.; 1001 Wilshire Boulevard; Suite 1028; Los Angeles, CA 90017.
- WVS provides clear methods of unambiguous, informed, specific, and freely given consent at the time of data collection, when we collect your User Personal Information using consent as a basis.
- We collect only the minimum amount of User Personal Information necessary for our purposes, unless you choose to provide more. We encourage you to only give us the amount of data you are comfortable sharing.
- We offer you simple methods of accessing, altering, or deleting the User Personal Information we have collected, where legally permitted.
- We provide our Users notice, choice, accountability, security, and access regarding their User Personal Information, and we limit the purpose for processing it. We also provide our Users a method of recourse and enforcement.
We use your email address to communicate with you.
By design, the Git version control system associates many actions with a User’s email address, such as commit messages. We are not able to change many aspects of the Git system.
WVS may occasionally send notification emails about changes in a repository you’re watching, new features, requests for feedback, important policy changes, or to offer customer support. We also send marketing emails, based on your choices and in accordance with applicable laws and regulations. There’s an “unsubscribe” link located at the bottom of each of the marketing emails we send you. Please note that you cannot opt out of receiving important communications from us, such as emails from our Support team or system emails, but you can configure your notifications settings in your profile to opt out of other communications.
Our emails may contain a pixel tag, which is a small, clear image that can tell us whether or not you have opened an email and what your IP address is. We use this pixel tag to make our email more effective for you and to make sure we’re not sending you unwanted email.
In the unlikely event that a dispute arises between you and WVS regarding our handling of your User Personal Information, we will do our best to resolve it.