Privacy Shield

GitHub, Inc.

Active Participant

Industries

Information and Communications Technology
Information Services

Participation

Swiss-U.S. Privacy Shield Framework: Active

Original Certification Date: 7/23/2019

Next Certification Due Date: 5/29/2020

Data Collected: HR, NON-HR

EU-U.S. Privacy Shield Framework: Active

Original Certification Date: 1/26/2017

Next Certification Due Date: 5/29/2020

Data Collected: HR, NON-HR

Purpose of Data Collection

GitHub processes organizational, customer, and user personal data for various purposes, including user identification; providing support; and enabling sales, marketing, and business transactions; as well as performing internal data analysis to improve our product and services. GitHub also processes employee data for the purposes of providing human resources services, including payroll and health insurance. GitHub discloses personal information to third parties to process payment, assist in support ticketing, and provide other network and communications services.

Privacy Policy

HR Data

GitHub Internal Privacy & Data Use Policy

Description:

GitHub's Internal Privacy & Data Use Policy describes the company's data use practices and the responsibilities our employees have regarding the data they have access to.

Effective Date: 4/9/2018

Non-HR Data

Document: GitHub Privacy Statement

Description:

GitHub's public-facing privacy statement describes privacy practices such as what information we collect and do not collect, how we share that information and with whom, our use of cookies and tracking, how we secure information, how we handle compelled disclosure, how we communicate with users, and our global privacy practices.

Effective Date: 5/23/2019

Document: Global Privacy Practices

Description:

Global Privacy Practices

Effective Date: 3/15/2019

Verification Method

Self-Assessment

Dispute Resolution

Questions or Complaints?

If you have a question or complaint regarding the covered data, please contact GitHub, Inc. at:

May Haim Kotlarsky
Privacy Counsel

GitHub, Inc.

88 Colin P Kelly Jr Street
San Francisco, California 94107

privacy@github.com

Phone: (415) 735-4488

Privacy Shield organizations must respond within 45 days of receiving a complaint.

If you have not received a timely or satisfactory response from GitHub, Inc. to your question or complaint, please contact the independent recourse mechanism listed below

HR RECOURSE MECHANISM

Swiss Federal Data Protection and Information Commissioner (FDPIC)

EU Data Protection Authorities (DPAs)

NON-HR RECOURSE MECHANISM

Swiss Federal Data Protection and Information Commissioner (FDPIC)

EU Data Protection Authorities (DPAs)

Appropriate statutory body with jurisdiction to investigate any claims against GitHub, Inc. regarding possible unfair or deceptive practices and violations of laws or regulations covering privacy Federal Trade Commission