GitHub, Inc.

Active Participant

Industries

  • Information and Communications Technology
  • Information Technology Services
  • Information Services

Participation

EU-U.S. Privacy Shield Framework: Active

Original Certification Date: 1/26/2017
Next Certification Due Date: 1/30/2019
Data Collected: HR, NON-HR

Purpose of Data Collection

GitHub processes organizational, customer, and user personal data for various purposes, including user identification; providing support; and enabling sales, marketing, and business transactions; as well as performing internal data analysis to improve our product and services. GitHub also processes employee data for the purposes of providing human resources services, including payroll and health insurance. GitHub discloses personal information to third parties to process payment, assist in support ticketing, and provide other network and communications services.

Privacy Policy

HR Data

GitHub Internal Privacy & Data Use Policy
Description:

GitHub's Internal Privacy & Data Use Policy describes the company's data use practices and the responsibilities our employees have regarding the data they have access to.

Effective Date: 7/17/2018

Non-HR Data

Document: GitHub Privacy Statement
Description:

GitHub's public-facing privacy statement describes privacy practices such as what information we collect and do not collect, how we share that information and with whom, our use of cookies and tracking, how we secure information, how we handle compelled disclosure, how we communicate with users, and our global privacy practices.

Effective Date: 5/25/2018
Document: Global Privacy Practices
Description:

Global Privacy Practices

Effective Date: 3/15/2019

Verification Method

Self-Assessment

Dispute Resolution

Questions or Complaints?

If you have a question or complaint regarding the covered data, please contact GitHub, Inc. at:

Joseph Mazzella
Product Counsel
GitHub, Inc.
GitHub, Inc.
88 Colin P Kelly Jr Street
San Francisco, California 94107
privacy@github.com
Phone: (415) 735-4488

Privacy Shield organizations must respond within 45 days of receiving a complaint.

If you have not received a timely or satisfactory response from GitHub, Inc. to your question or complaint, please contact the independent recourse mechanism listed below


HR RECOURSE MECHANISM

EU Data Protection Authorities (DPAs)

NON-HR RECOURSE MECHANISM

JAMS Privacy Shield Program


Appropriate statutory body with jurisdiction to investigate any claims against GitHub, Inc. regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission