User trust is a top priority, and GitHub is dedicated to safeguarding its users’ data. GitHub aims to collect only what’s necessary and applies techniques so user information remains secure and private. GitHub is committed to continuous learning and improvement to keep ahead of privacy challenges.
GitHub Trust Center
GitHub’s commitment to privacy
At GitHub, we recognize that user privacy is not just a matter of policy but a fundamental human right. GitHub is committed to protecting this right by embedding privacy into its operations and products.
Our approach is guided by three core tenets: respect, transparency, and empowerment.
Respect for user privacy
GitHub treats user data with care, as we strive to ensure privacy and integrity. Our teams are trained to uphold high standards for managing and protecting information.
Transparency and control
GitHub builds trust through transparency, giving users clear control over their data and privacy settings to make informed decisions with confidence.
Privacy by design
At GitHub, privacy is built into every stage of development. Our Privacy by Design approach bakes in data protection, proactively mitigating risks and prioritizing privacy.
User settings for Monalisa Octocat
GitHub recognizes that privacy is power. GitHub’s platform is designed to give users control over their personal information
- Access and update: Users can view and update their information directly through their account settings.
- Delete user account: Users wishing to delete their account can do so by following the account deletion process in user settings.
- Data portability: To transfer user data to another service provider, visit the data export section in the user account.
Committed to your privacy
At GitHub, we are dedicated to protecting your privacy through respect, transparency, and our Privacy by Design approach. Control your data with confidence and stay informed about your privacy settings.
Frequently asked questions
GitHub’s privacy principles
How does GitHub prioritize and integrate privacy into its services?
Privacy is not just a feature—it's a fundamental part of GitHub’s ethos. That’s why GitHub’s Privacy Principles guide everything GitHub does, to help us ensure that user rights are protected every step of the way.
How does GitHub approach the protection of user data and privacy?
GitHub understands that user data is more than just information; it's a representation of a person. We are deeply committed to safeguarding users’ right to privacy because protecting user data means protecting you. GitHub takes this responsibility seriously, actively working to ensure that user personal information is used in ways that respect user autonomy and rights.
How does GitHub handle varying user expectations of privacy?
Privacy isn’t a one-size-fits-all concept. User expectations of privacy can vary depending on the situation, and GitHub respects that. Whether sharing data in a public forum, communicating privately with colleagues, or simply browsing, the context in which user data is processed is crucial. GitHub tailors its privacy practices to honor these different contexts, striving to ensure that user data is handled in ways that align with user expectations and the specific needs of each situation.
How does GitHub build and maintain user trust?
Trust is the foundation of GitHub’s relationship with its users, and GitHub earns that trust by being transparent. GitHub wants you to understand how user data is collected, used, and shared so users can make informed choices. GitHub’s transparent practices are designed to give users peace of mind.
What role does user control play in GitHub’s privacy practices?
Privacy is a right, and it’s also a form of empowerment. GitHub is committed to giving users the tools and information needed to manage user personal data effectively. By providing control over user privacy, GitHub works to empower users to make decisions that reflect their values and needs.
International data transfers
How does GitHub handle international data transfers?
GitHub understands the complexities and importance of international data transfers, especially in today’s interconnected world. GitHub’s commitment to safeguarding user data extends beyond borders, working to ensure that user personal information remains protected regardless of where it is processed or stored.
For transfers of personal data out of the European Economic Area (EEA), GitHub relies on recognized legal frameworks such as the EU-U.S. Data Privacy Framework (DPF) and Standard Contractual Clauses (SCCs).
What does the European Commission's adequacy decision for the EU-U.S. Data Privacy Framework (DPF) mean for data transfers between the EU and U.S.?
The European Commission adopted an adequacy decision for the EU-U.S. Data Privacy Framework (DPF), which confirms that the United States offers a level of data protection comparable to that of the European Union. This decision allows personal data to flow freely from the EU to U.S. companies participating in the DPF without requiring additional safeguards. At GitHub, we are committed to complying with the DPF Principles, so user data remains protected when transferred to the U.S.
How does GitHub protect user data when it is transferred to third countries?
GitHub also relies on Standard Contractual Clauses (SCCs). These are legally binding agreements that provide appropriate safeguards for the transfer of personal data to third countries, ensuring that user privacy is upheld no matter where user data travels.
For additional information on international data transfers please see GitHub's Privacy Statement.
Third party data protection
What is Github's commitment to data protection with third parties?
GitHub’s commitment to data protection extends to GitHub’s subprocessors and affiliates around the globe. Third parties processing user data on GitHub’s behalf comply with the same stringent data protection standards GitHub upholds in the GitHub Data Processing Agreement (DPA), which outlines GitHub’s obligations regarding data privacy and security in its roles as a data processor.
By leveraging these international data transfer mechanisms, user personal data is treated with the highest level of care and protection, regardless of geographic location.
GitHub’s privacy principles
How does GitHub prioritize and integrate privacy into its services?
Privacy is not just a feature—it's a fundamental part of GitHub’s ethos. That’s why GitHub’s Privacy Principles guide everything GitHub does, to help us ensure that user rights are protected every step of the way.
How does GitHub approach the protection of user data and privacy?
GitHub understands that user data is more than just information; it's a representation of a person. We are deeply committed to safeguarding users’ right to privacy because protecting user data means protecting you. GitHub takes this responsibility seriously, actively working to ensure that user personal information is used in ways that respect user autonomy and rights.
How does GitHub handle varying user expectations of privacy?
Privacy isn’t a one-size-fits-all concept. User expectations of privacy can vary depending on the situation, and GitHub respects that. Whether sharing data in a public forum, communicating privately with colleagues, or simply browsing, the context in which user data is processed is crucial. GitHub tailors its privacy practices to honor these different contexts, striving to ensure that user data is handled in ways that align with user expectations and the specific needs of each situation.
How does GitHub build and maintain user trust?
Trust is the foundation of GitHub’s relationship with its users, and GitHub earns that trust by being transparent. GitHub wants you to understand how user data is collected, used, and shared so users can make informed choices. GitHub’s transparent practices are designed to give users peace of mind.
What role does user control play in GitHub’s privacy practices?
Privacy is a right, and it’s also a form of empowerment. GitHub is committed to giving users the tools and information needed to manage user personal data effectively. By providing control over user privacy, GitHub works to empower users to make decisions that reflect their values and needs.
International data transfers
How does GitHub handle international data transfers?
GitHub understands the complexities and importance of international data transfers, especially in today’s interconnected world. GitHub’s commitment to safeguarding user data extends beyond borders, working to ensure that user personal information remains protected regardless of where it is processed or stored.
For transfers of personal data out of the European Economic Area (EEA), GitHub relies on recognized legal frameworks such as the EU-U.S. Data Privacy Framework (DPF) and Standard Contractual Clauses (SCCs).
What does the European Commission's adequacy decision for the EU-U.S. Data Privacy Framework (DPF) mean for data transfers between the EU and U.S.?
The European Commission adopted an adequacy decision for the EU-U.S. Data Privacy Framework (DPF), which confirms that the United States offers a level of data protection comparable to that of the European Union. This decision allows personal data to flow freely from the EU to U.S. companies participating in the DPF without requiring additional safeguards. At GitHub, we are committed to complying with the DPF Principles, so user data remains protected when transferred to the U.S.
How does GitHub protect user data when it is transferred to third countries?
GitHub also relies on Standard Contractual Clauses (SCCs). These are legally binding agreements that provide appropriate safeguards for the transfer of personal data to third countries, ensuring that user privacy is upheld no matter where user data travels.
For additional information on international data transfers please see GitHub's Privacy Statement.
Third party data protection
What is Github's commitment to data protection with third parties?
GitHub’s commitment to data protection extends to GitHub’s subprocessors and affiliates around the globe. Third parties processing user data on GitHub’s behalf comply with the same stringent data protection standards GitHub upholds in the GitHub Data Processing Agreement (DPA), which outlines GitHub’s obligations regarding data privacy and security in its roles as a data processor.
By leveraging these international data transfer mechanisms, user personal data is treated with the highest level of care and protection, regardless of geographic location.