Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Privacy Statement Updates September 2022 #582

Merged
merged 2 commits into from Sep 1, 2022

Conversation

gh-privacy-bot
Copy link

@gh-privacy-bot gh-privacy-bot commented Aug 2, 2022

GitHub is introducing non-essential cookies on web pages that market our products to businesses. These cookies will provide analytics to improve the site experience and personalize content and ads for enterprise users. This change is only on subdomains, like resources.github.com, where GitHub markets products and services to enterprise customers. Github.com will continue to operate as-is.

This change updates the Privacy Statement based on this new activity.

These updates will go into effect after the 30-day notice and comment period, on September 1, 2022.

See comment below with clarifications and changes made at the end of the comment period.
Comment on #582 Privacy Statement Updates September 2022
We want to thank everyone for their review and feedback on the Privacy Statement Update. We appreciate and share your passion for developer privacy. GitHub remains committed to having the highest privacy standards and will continue to center the needs of developers in all of our platform decisions. We intend for this to be a minimally invasive change that will enable us to provide the best tools to our users. In response to your comments, we are providing the following changes and points of clarification:
DNT and self-help browser extensions
Commenters raised questions about our language on DNT and self-help browser extensions. We've pushed a commit that:
• Folds the existing DNT and browser extension information into a new section on disabling non-essential cookies.
• Specifies there will be a user setting to disable non-essential cookies and provides additional details to clarify which cookies will be used and for what reasons.
• Specifies that DNT will be honored on GitHub, and that if a DNT signal is sent, GitHub will not load third party resources which set non-essential cookies, so that we do not have to rely on third parties honoring DNT.
• Browsers' built-in tracking protection has advanced significantly in recent years, so we've noted that configuring that built-in protection may block non-essential cookies.
• Separated mentions of browser extensions designed to block tracking, and extensions designed to block unwanted content with the effect of blocking tracking, for clarity, though using either alone or in combination may block non-essential cookies.
• Changed links with additional information on DNT and browser extensions to point to their respective Wikipedia articles for neutrality, currency, and to clarify that these are not GitHub products (though of course we're proud that many privacy protection tools are developed on GitHub).
Finally, some have asked why we’re explaining technical self-help tools. GitHub has a very broad user base, including new developers – and we want everyone to be informed about the scope of their options, including technical options.
Enterprise user experience
Commenters asked for clarification about how this change will impact the enterprise user experience. We are introducing cookies on GitHub’s Enterprise Marketing Pages (e.g. resources.github.com), not on Enterprise user accounts. We intend for this change to make it easier for our Marketing team to better understand the needs of users who are visiting Enterprise Marketing Pages and connect them with the solutions that will benefit them most.
Users who visit these pages will have the option to express their cookies preferences by navigating to the link in the footer of the page.
Stylistic change
Commenters have asked why ‘Personal Data’ was changed to ‘personal data’ in the Privacy Statement update. We made personal data lowercase because it is not a defined term in our Terms of Service, for consistency with “All capitalized terms have their definition in GitHub’s Terms of Service, unless otherwise noted here.” The stylistic change does not impact its definition.

Updates to privacy statement
@gh-privacy-bot gh-privacy-bot changed the title Update github-privacy-statement.md Privacy Statement Updates September 2022 Aug 2, 2022
@gh-privacy-bot gh-privacy-bot requested a review from literarytea Aug 2, 2022
@@ -33,13 +34,13 @@ To see our Privacy Notice to residents of California, please go to [GitHub's Not

| Section | What can you find there? |
|---|---|
| [Who is responsible for the processing of your information](#who-is-responsible-for-the-processing-of-your-information) | Subject to limited exceptions, GitHub is the controller and entity responsible for the processing of your Personal Data in connection with the Website or Service. |
Copy link

@rick rick Aug 2, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is the change from "Personal Data" to "personal data" a stylistic change?

I note that the paragraph above is still intact:

All capitalized terms have their definition in GitHub’s Terms of Service, unless otherwise noted here.

Presuming this capitalization change is unintentional, it has the unfortunate effect of decoupling "Personal Data" from the definition provided in the GitHub Terms of Service, which means that "personal data" is no longer as delineated there, but could well be anything.

If this is an intentional change, it would seem better made as a visible change to the Terms of Service. If the intent is not to change the Terms of Service but to arbitrarily expand "personal data" without drawing attention, well, that seems evil.

Copy link

@rick rick Aug 2, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looking into this further -- it looks like "Personal Data" is defined these days in the GitHub Data Protection Agreement. Perhaps this was being decapitalized since it is not directly defined (afaict) in the GitHub Terms of Service?

Copy link

@afkvido afkvido Aug 9, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh bet

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The collection of information and sale of it I think is something that has been going on for a long time. I think what matters is knowing what information we provide. But it's always good to know

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

salve cade os BR

Copy link

@BEEFF BEEFF Aug 18, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

in a court of law, doesn't "Personal Data" mean "personal data" ?

lol


Our emails to users may contain a pixel tag, which is a small, clear image that can tell us whether or not you have opened an email and what your IP address is. We use this pixel tag to make our email communications more effective and to make sure we are not sending you unwanted email.

### DNT

"[Do Not Track](https://www.eff.org/issues/do-not-track)" (DNT) is a privacy preference you can set in your browser if you do not want online services to collect and share certain kinds of information about your online activity from third party tracking services. GitHub responds to browser DNT signals and follows the [W3C standard for responding to DNT signals](https://www.w3.org/TR/tracking-dnt/). If you would like to set your browser to signal that you would not like to be tracked, please check your browser's documentation for how to enable that signal. There are also good applications that block online tracking, such as [Privacy Badger](https://privacybadger.org/).
"[Do Not Track](https://www.eff.org/issues/do-not-track)" (DNT) is a privacy preference you can set in your browser if you do not want online services to collect and share certain kinds of information about your online activity from third party tracking services. Some services may respond to browser DNT signals and follow the [W3C standard for responding to DNT signals](https://www.w3.org/TR/tracking-dnt/). If you would like to set your browser to signal that you would not like to be tracked, please check your browser's documentation for how to enable that signal. There are also good applications that block online tracking, such as [Privacy Badger](https://privacybadger.org/) or [uBlock Origin](https://github.com/gorhill/uBlock/).

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let me prefix this by stating that I am a complete layman.

Previously: *GitHub* responds to browser DNT signals and follows the W3C spec.
Now: Some random services, somewhere in the world, hosted by GitHub or somebody else *may* respond to browser DNT signals and follow the W3C spec.

Doesn't this change invalidate the whole paragraph and turns it into a generic wiki article?

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dunno, they will stop respecting DNT but leave this paragraph and make it seem as if they do. This is just confusing.

Copy link

@Consolatis Consolatis Aug 3, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

"Confusing" is one way to put it.

Edit:
@zzo38 articulated my personal opinion better than I could so I'll quote part of their comment here:

I also think that they should avoid using confusing privacy policies; the mention of DNT should either be kept as is if GitHub uses the DNT header to reduce tracking, or deleted entirely if GitHub does not use the DNT header. If it does so only in some cases, it should mention what cases these are. The privacy policy made sense before the change in the section about DNT, although the change mentioned above makes it confusing (as other comments already mention).

[..]

I have no problem with adding these non-essential cookies to the enterprise marketing pages, as long as the rest of GitHub can be used without it and it is documented which pages these are (and if the cookie domain is the same, also which cookies). Moving the enterprise marketing pages to a separate domain seems to me to be a good idea though, in order to be clearly distinguished (although a subdomain is probably good enough, in my opinion; as long as it is documented clearly which subdomains these are).

Emphasis are mine.
In my opinion, documented should mean being very specific and being part of a legally binding document like the privacy policy.

An example for not being specific is this part of the changes:

As described below, we may use non-essential cookies on certain pages of our website

Copy link

@al1103 al1103 Aug 7, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:))

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So; let's get this straight:

  1. According to GDPR article 22 data subjects may exercise their right to object to processing using technical specifications.
  2. GitHub acknowledges the DNT signal as a valid technical standard, i.e. technical specification.
  3. Moreover; GitHub honors - or at least used to honor - that signal, illustrating that they have the capacity to respond to it appropriately.

Yeah... uhm..
How is attempting to weasel yourself out from under that not morally blackest evil?

@jdgregson
Copy link

jdgregson commented Aug 2, 2022

You lost me at ads for enterprise users.

@leoheck
Copy link

leoheck commented Aug 3, 2022

Github is being undermined by Microsoft.

@TechSolomon
Copy link

TechSolomon commented Aug 3, 2022

🍪 https://github.blog/2020-12-17-no-cookie-for-you/

@TheMaverickProgrammer
Copy link

TheMaverickProgrammer commented Aug 3, 2022

so what github alternative is everyone using these days? asking for a friend.

@ocdtrekkie
Copy link

ocdtrekkie commented Aug 3, 2022

"We are also committing that going forward, we will only use cookies that are required for us to serve GitHub.com."

Apparently in corporate terms, a "commitment" is now less than two calendar years of obligation. Good to know. Though, I guess I don't visit the marketing pages and hence, don't really care that much? Corporations being untrustworthy isn't new territory.

Literally just "business advice": Your marketing teams should be weighing the value of the data here against the cost of "yet another breach of user trust and commitment", user trust, of course, being something extremely hard to earn back.

@karlshea
Copy link

karlshea commented Aug 3, 2022

Marketing people don't care about user trust or commitments. They'll just burn things to the ground and move on to the next corp job, each time making the world a slightly worse place.

@afkvido
Copy link

afkvido commented Aug 3, 2022

This clearly shows that GitHub cares more about revenue than the user base behind it.

Microsoft fucking sucks, GitHub wasn't evil until Microsoft really started to abuse GitHub.

@afkvido
Copy link

afkvido commented Aug 3, 2022

so what github alternative is everyone using these days? asking for a friend.

@TheMaverickProgrammer GitLab probbably.

Copy link

@afkvido afkvido left a comment

Requesting a change: Don't add this.

@RoyTinker
Copy link

RoyTinker commented Aug 3, 2022

I understand that cookies are helpful for analytics and gathering sales funnel data. It's always sad when companies don't keep prior promises, though 😟

If you must break the promise, here's my suggestion, for what it's worth: move enterprise marketing pages (maybe even all marketing pages besides the front page?) off of github.com onto a separate domain. Maybe github.info?

Then point marketing links from the front page to that domain.

This will allow folks to deal with that domain separately from github.com.

@tylt6688
Copy link

tylt6688 commented Aug 3, 2022

I personally feel that the enterprise version can be made independently.

@jacamera
Copy link

jacamera commented Aug 3, 2022

As a happy GitHub user I just hope all this recreational outrage doesn't result in GitHub allocating more time or resources than would otherwise be required to complete this change. Full speed ahead!

@afkvido
Copy link

afkvido commented Aug 3, 2022

As a happy GitHub user I just hope all this recreational outrage doesn't result in GitHub allocating more time or resources than would otherwise be required to complete this change. Full speed ahead!

I'd want GitHub to remove Microsoft, then continue full speed ahead

@evelynmarie
Copy link

evelynmarie commented Aug 3, 2022

This change is only on subdomains where GitHub markets products and services to enterprise customers, and all other GitHub subdomains will continue to operate as-is.

Why are people getting so riled up when this change only impacts the Enterprise marketing subdomains? Makes no sense to me how this of all things is getting negative attention. Majority of people don't use GitHub Enterprise, as its only for businesses, And they're just cookies. Use uBlock Origin as it says if you really can't stand a few cookies on subdomains you'll probably never end up going to.

Also, people love pointing the finger at Microsoft, as if this change was demanded by them. It more than likely wasn't. There are always going to be changes that people don't like, but not all changes are influenced by the parent company. If Microsoft was puttng their hands all over GitHub, they probably would've moved GitHub to the Microsoft Policy Statement a long time ago.

@afkvido
Copy link

afkvido commented Aug 3, 2022

Cuz GitHub said they wouldnt use cookies
daym its a borken promise

@evelynmarie
Copy link

evelynmarie commented Aug 3, 2022

"We are also committing that going forward, we will only use cookies that are required for us to serve GitHub.com."

Apparently in corporate terms, a "commitment" is now less than two calendar years of obligation. Good to know. Though, I guess I don't visit the marketing pages and hence, don't really care that much? Corporations being untrustworthy isn't new territory.

Literally just "business advice": Your marketing teams should be weighing the value of the data here against the cost of "yet another breach of user trust and commitment", user trust, of course, being something extremely hard to earn back.

How exactly does this in any way impact user trust? It doesn't impact the main site, like the dashboard, the landing page, or any other part of GitHub like profiles, repositories, or organizations. It literally only impacts the enterprise marketing pages, and its for sales data tracking & analytics. GitHub Enterprise is a very business-oriented product, so the only visitors to those pages will be by business leaders potentially interested in GitHub Enterprise, or users who land on that page by mistake.

And I believe that is what GitHub meant when they said "to serve GitHub.com" - the main site (dashboard, repos, profiles, etc), not including stuff related to their Enterprise product, so I genuinely don't believe they broke their commitment. People are overreacting, as usual, to insignificant changes that don't really impact them.

@afkvido
Copy link

afkvido commented Aug 3, 2022

Thats fine but fuck microsoft for existing

@afkvido
Copy link

afkvido commented Aug 3, 2022

There's a reason this PR has 128+ negative reactions 👎

@afkvido
Copy link

afkvido commented Aug 3, 2022

Also, they have, take a look at this PR.

@evelynmarie
Copy link

evelynmarie commented Aug 3, 2022

@afkvido: Also, they have, take a look at this PR.

This was more than likely not Microsoft's doing. Not everything a subsidiary of Microsoft does is because of Microsoft itself. You have the vast majority of comments on this PR (at 8 comments), and your opinion isn't be all end all. Most of the negative reactions are additionally probably from people who don't understand the scope of what GitHub said back when they committed to not use cookies not necessary to serve GitHub itself - they probably didn't extend it to the Enterprise marketing pages to begin with and always meant the main site that serves repositories and profiles and such.

There are things worse than cookies by the way, like actual trackers embedded in web pages. Cookies are relatively harmless if used sparingly and for very specific purposes like tracking sales analytics or for keeping a user logged into their web browsers, or in a specific GitHub use case, tracking the current site theme. There is nothing wrong with stuff like this.

You seem awfully mad at Microsoft for some reason, as if they stole your pet dog or something. This isn't 2000s & early 2010s-era Microsoft, Microsoft is nowhere near as bad as they were when Steve Ballmer was the CEO of Microsoft. Ever since Satya became CEO, I have noticed a significant improvement in Microsoft's business culture and strategy. MS was way, way, way worse back when Ballmer was CEO.

(also, slight question, why upvote your own comments?)

@afkvido
Copy link

afkvido commented Aug 3, 2022

This was more than likely not Microsoft's doing. Not everything a subsidiary of Microsoft does is because of Microsoft itself.

I don't know why anyone at GitHub would do this change, and Microsoft is the only other entity with the authority to make such a change.


You have the vast majority of comments on this PR (at 8 comments), and your opinion isn't be all end all.

I just poke in whenever this comes up on my GitHub notifications.


Most of the negative reactions are additionally probably from people who don't understand the scope of what GitHub said back when they committed to not use cookies not necessary to serve GitHub itself - they probably didn't extend it to the Enterprise marketing pages to begin with and always meant the main site that serves repositories and profiles and such.

That is a good point, however, that doesn't change the fact that GitHub is no longer the white and fluffy angel that it was.


There are things worse than cookies by the way, like actual trackers embedded in web pages. Cookies are relatively harmless if used sparingly and for very specific purposes like tracking sales analytics or for keeping a user logged into their web browsers, or in a specific GitHub use case, tracking the current site theme. There is nothing wrong with stuff like this.

While you seem quite intelligent, I don't think that you understand that cookies could actually be used as slight trackers, and if used to their fullest potential, complete on-site tracking for AI/ML based targeted recommendations for profit.


You seem awfully mad at Microsoft for some reason, as if they stole your pet dog or something. This isn't 2000s & early 2010s-era Microsoft, Microsoft is nowhere near as bad as they were when Steve Ballmer was the CEO of Microsoft. Ever since Satya became CEO, I have noticed a significant improvement in Microsoft's business culture and strategy. MS was way, way, way worse back when Ballmer was CEO.

Microsoft is still a mega-corp. They're still 'evil', just like Google or Apple. I also don't see much of a difference with the two CEOs. One was making more money, one was discussing ethics more often, but in the end, Microsoft is still somewhat invasive. To add on, Microsoft decided to absolutely RUIN Minecraft, a game that I don't really play these days, but my friends play a lot.


(also, slight question, why upvote your own comments?)

(also, slight question, why downvote my comments?)

@zzo38
Copy link

zzo38 commented Aug 3, 2022

I think that the cookies ought to be documented, so that you know which cookie means what.

I also think that they should avoid using confusing privacy policies; the mention of DNT should either be kept as is if GitHub uses the DNT header to reduce tracking, or deleted entirely if GitHub does not use the DNT header. If it does so only in some cases, it should mention what cases these are. The privacy policy made sense before the change in the section about DNT, although the change mentioned above makes it confusing (as other comments already mention).

Mentioning other programs such as Privacy Badger and uBlock Origin are OK, although it might be worth to add a disclaimer if GitHub is not affiliated with such programs, even if they are hosted on GitHub. (Since GitHub is used for many FOSS projects, it is likely that some of them will be.)

I have no problem with adding these non-essential cookies to the enterprise marketing pages, as long as the rest of GitHub can be used without it and it is documented which pages these are (and if the cookie domain is the same, also which cookies). Moving the enterprise marketing pages to a separate domain seems to me to be a good idea though, in order to be clearly distinguished (although a subdomain is probably good enough, in my opinion; as long as it is documented clearly which subdomains these are).

About alternatives to GitHub, I would not recommend GitLab because it will not display the files if JavaScripts are not enabled. However, it is acceptable to use GitLab if there are mirrors on multiple services. GitHub, Codeberg, and NotABug, and some others, also use JavaScripts, although the files can be displayed even if JavaScripts are disabled (even though there is a note that says enable JavaScripts, it is not required to simply view files), so it is acceptable. Another alternative is Sourcehut, which also doesn't need JavaScripts (and says that all features work without JavaScripts, although it still has some).

@afkvido
Copy link

afkvido commented Aug 3, 2022

I don't mind GitLab, except that I have to pause for 15 minutes to finish laughing every time i see "Merge Requests"

@sammcj
Copy link

sammcj commented Aug 3, 2022

What happened to this policy https://github.blog/2020-12-17-no-cookie-for-you/ ?

I guess it's a bit like Microsoft ❤️ Linux....

@afkvido
Copy link

afkvido commented Sep 1, 2022

NOOOOOOOOOO

@afkvido

This comment was marked as disruptive content.

@afkvido
Copy link

afkvido commented Sep 1, 2022

@afkvido, I believe that both is useful.

Copilot gives users code suggestions. MARKETING COOKIES, ON THE OTHER HAND,

@TheMaverickProgrammer
Copy link

TheMaverickProgrammer commented Sep 1, 2022

We want to thank everyone for their review and feedback on the Privacy Statement Update. We appreciate and will say anything to the public because we are ethically bankrupt and/or truly believe our own BS.

GitHub remains committed to having the highest paying bidder direct our company. We have a fiduciary duty after all and we have bills to pay. We intend to keep lying to you in any way possible and build tools our bigger paying companies ask us to make. In response to your comments, we are providing the following changes and points of clarification:

  • new github account, who dis? lmao
  • seen @ 11:30 AM

@afkvido
Copy link

afkvido commented Sep 1, 2022

lmao

@pixincreate
Copy link

pixincreate commented Sep 1, 2022

@shellsmck, if you were so keen on merging this privacy statement even after thousands of people opposed this, what was point of even asking for comments and replies and waiting period? Just to make people believe that you don't care? You've already scanned everyone's code to build co-pilot and know, you want to scan and track users by deploying cookies.

Good job!

@Consolatis
Copy link

Consolatis commented Sep 1, 2022

what was point of even asking for comments

Maybe you should read the message above and the new commit. Example:

If your browser sends a Do Not Track (DNT) signal, GitHub will not set non-essential cookies and will not load third party resources which set non-essential cookies.

This is much clearer than the watered down version from before.

@JokerQyou
Copy link

JokerQyou commented Sep 2, 2022

The official response could have came out earlier and be more responsive. But instead of that, they only replied the last minute before merging. It's hard to believe that's the way a company like GitHub do business - imagine if your business partner reply to you one minute before the deadline.

I'm overall pleased with the updated version of DNT behavior and the explanation of "personal data" change. But still very disappointed by the inconsistency between your saying and doing.

@Karmavil
Copy link

Karmavil commented Sep 2, 2022

The official response could have came out earlier ..

Define official

@doot0
Copy link

doot0 commented Sep 2, 2022

They're adding marketing cookies to microsites and domains used for, well... marketing. Furthermore, these changes are geared towards enterprise users, who have already signed their proverbial lives away simply by using the enterprise offerings from GitHub.

Am I missing something here? Isn't this sort of thing expected? What's the big deal? If you don't like being tracked, use an adblocker or privacy preserving plugin. If you're privacy-concious I'm sure you're already using such software.

It's a Friday night. Go and spend time with your families/friends instead of arguing over whether or not Yet Another Evil Big Tech Corporation is trying to market to you harder.

@LJWxyz
Copy link

LJWxyz commented Sep 3, 2022

@Karmavil
Define official?
official staff.lmao.like an actual working employee in xx company.Ever worked in a company that is registered and asked by client?
Yeah you are supposed to say I am from xxx company.
(AND thats Official)

@LJWxyz
Copy link

LJWxyz commented Sep 3, 2022

It's a Friday night. Go and spend time with your families/friends instead of arguing over whether or not Yet Another Evil Big Tech Corporation is trying to market to you harder.
True,but I believe people should also voice out at least,or act and discuss with factual infos.
else any freedom given to us*(modern people) will be the same useless thing as the older generation.

there is a reason why court need the lawyer to speak up,and not just sit there for hours and let the judge think and guess.

But anyway.

Final TLDR


-the final version is slightly improved(possibly for the pride of the company or some kind of stepping stone,Lets be serious. IT SHOULD BE REVIEWED BY A EXPERIENCED LAWYER BEFORE PUTTING SUCH A PR IN PUBLIC.ITS COMMON SENSE!But I will give Github the benefit of doubt this time as being inexperienced.)

-Any arguement is useless.A business will not change from a few comment.Instead,Go and spend time with your families/friends.

  • There is only a few thing current users can do.1,deal with it.2,find some hackish way to bypass.3,go away,

@Nllii
Copy link

Nllii commented Sep 7, 2022

If your browser sends a Do Not Track (DNT) signal, GitHub will not set non-essential cookies and will not load third party resources which set non-essential cookies.

This is much clearer than the watered down version from before.

I don't trust those settings on mobile devices.

On iOS, most 'BigTech" hulu, netflix, coinbase,google,facebook,twitter... etc will ignore the user "Do Not Track" request and just run an API fo analysis. Mixpanel is one of those notorious data collection companies.

Apple still hasn't fixed that issue. My point is, there is going to be another api tracking the user time,heatmap,engagement with content etc if cookies are opt-out, some sites don't work if you block data-analysis via adguard or dns. This happens on some iPhone apps and safari.

I don't know about other devices, like android or windows phones?. But for Ios. Companies are just using apis to track the end-users, when they opt-out of tracking.

@rokejulianlockhart
Copy link

rokejulianlockhart commented Sep 8, 2022

@Nllii, whether something is an API or not is irrelevant. Do you mean that local code acquires this information irrespective of whether DND is active? If so, if that information is subsequently provided to a 3rd party, surely that is considered to be identical to inadherence to the preference; it is not a way to legally bypass it.

Copy link

@Mc480 Mc480 left a comment

@dragonDScript
Copy link

dragonDScript commented Sep 21, 2022

Hahahahah what is happening??

Copy link

@ghost ghost left a comment

Duplicate of #

This was referenced Sep 23, 2022
@sunays
Copy link

sunays commented Sep 29, 2022

GitHub is introducing non-essential cookies on web pages that market our products to businesses. These cookies will provide analytics to improve the site experience and personalize content and ads for enterprise users. This change is only on subdomains, like resources.github.com, where GitHub markets products and services to enterprise customers. Github.com will continue to operate as-is.

This change updates the Privacy Statement based on this new activity.

These updates will go into effect after the 30-day notice and comment period, on September 1, 2022.

See comment below with clarifications and changes made at the end of the comment period. Comment on #582 Privacy Statement Updates September 2022 We want to thank everyone for their review and feedback on the Privacy Statement Update. We appreciate and share your passion for developer privacy. GitHub remains committed to having the highest privacy standards and will continue to center the needs of developers in all of our platform decisions. We intend for this to be a minimally invasive change that will enable us to provide the best tools to our users. In response to your comments, we are providing the following changes and points of clarification: DNT and self-help browser extensions Commenters raised questions about our language on DNT and self-help browser extensions. We've pushed a commit that: • Folds the existing DNT and browser extension information into a new section on disabling non-essential cookies. • Specifies there will be a user setting to disable non-essential cookies and provides additional details to clarify which cookies will be used and for what reasons. • Specifies that DNT will be honored on GitHub, and that if a DNT signal is sent, GitHub will not load third party resources which set non-essential cookies, so that we do not have to rely on third parties honoring DNT. • Browsers' built-in tracking protection has advanced significantly in recent years, so we've noted that configuring that built-in protection may block non-essential cookies. • Separated mentions of browser extensions designed to block tracking, and extensions designed to block unwanted content with the effect of blocking tracking, for clarity, though using either alone or in combination may block non-essential cookies. • Changed links with additional information on DNT and browser extensions to point to their respective Wikipedia articles for neutrality, currency, and to clarify that these are not GitHub products (though of course we're proud that many privacy protection tools are developed on GitHub). Finally, some have asked why we’re explaining technical self-help tools. GitHub has a very broad user base, including new developers – and we want everyone to be informed about the scope of their options, including technical options. Enterprise user experience Commenters asked for clarification about how this change will impact the enterprise user experience. We are introducing cookies on GitHub’s Enterprise Marketing Pages (e.g. resources.github.com), not on Enterprise user accounts. We intend for this change to make it easier for our Marketing team to better understand the needs of users who are visiting Enterprise Marketing Pages and connect them with the solutions that will benefit them most. Users who visit these pages will have the option to express their cookies preferences by navigating to the link in the footer of the page. Stylistic change Commenters have asked why ‘Personal Data’ was changed to ‘personal data’ in the Privacy Statement update. We made personal data lowercase because it is not a defined term in our Terms of Service, for consistency with “All capitalized terms have their definition in GitHub’s Terms of Service, unless otherwise noted here.” The stylistic change does not impact its definition.

@Abdunasere
Copy link

Abdunasere commented Oct 3, 2022

gh pr checkout 582

@@ -33,13 +34,13 @@ To see our Privacy Notice to residents of California, please go to [GitHub's Not

| Section | What can you find there? |
|---|---|
| [Who is responsible for the processing of your information](#who-is-responsible-for-the-processing-of-your-information) | Subject to limited exceptions, GitHub is the controller and entity responsible for the processing of your Personal Data in connection with the Website or Service. |
| [What information GitHub collects](#what-information-github-collects) | GitHub collects information directly from you for your registration, payment, transactions, and user profile. We also automatically collect from you your usage information, cookies, and device information, subject, where necessary, to your consent. GitHub may also collect Personal Data from third parties. We only collect the minimum amount of Personal Data necessary from you, unless you choose to provide more.|
Copy link

@djsunay djsunay Oct 10, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

582

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Aprobado

@@ -24,7 +25,7 @@ All capitalized terms have their definition in [GitHub’s Terms of Service](/gi

## The short version
Copy link

@djsunay djsunay Oct 10, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In my discontinuation of Internet and access
The runaway done should check the settings
To protect my project and integration
Do the problems with my supervisors to address the project actions and check the entire measures
Sugar from the Automated Management Team
پاسخ...

@@ -24,7 +25,7 @@ All capitalized terms have their definition in [GitHub’s Terms of Service](/gi

## The short version

We use your personal information as this Privacy Statement describes. No matter where you are, where you live, or what your citizenship is, we provide the same high standard of privacy protection to all our users around the world, regardless of their country of origin or location.
Copy link

@djsunay djsunay Oct 10, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

#27

@@ -24,7 +25,7 @@ All capitalized terms have their definition in [GitHub’s Terms of Service](/gi

## The short version

We use your personal information as this Privacy Statement describes. No matter where you are, where you live, or what your citizenship is, we provide the same high standard of privacy protection to all our users around the world, regardless of their country of origin or location.
Copy link

@djsunay djsunay Oct 10, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

#27

@@ -24,7 +25,7 @@ All capitalized terms have their definition in [GitHub’s Terms of Service](/gi

## The short version

Copy link

@djsunay djsunay Oct 10, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

``

@Emmy1106
Copy link

Emmy1106 commented Oct 11, 2022

Copy link

@amirkhan7javi amirkhan7javi left a comment

In my discontinuation of Internet and access
The runaway done should check the settings
To protect my project and integration
Do the problems with my supervisors to address the project actions and check the entire measures
Sugar from the Automated Management Team

versions:
fpt: '*'
topics:
- Policy
- Legal
---

Effective date: May 31, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In my discontinuation of Internet and access
The runaway done should check the settings
To protect my project and integration
Do the problems with my supervisors to address the project actions and check the entire measures
Sugar from the Automated Management Team

versions:
fpt: '*'
topics:
- Policy
- Legal
---

Effective date: May 31, 2022
Effective date: September 1, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In my discontinuation of Internet and access
The runaway done should check the settings
To protect my project and integration
Do the problems with my supervisors to address the project actions and check the entire measures
Sugar from the Automated Management Tea

@@ -24,7 +25,7 @@ All capitalized terms have their definition in [GitHub’s Terms of Service](/gi

## The short version

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In my discontinuation of Internet and access
The runaway done should check the settings
To protect my project and integration
Do the problems with my supervisors to address the project actions and check the entire measures
Sugar from the Automated Management Team
پاسخ...

Copy link

@homelyseven250 homelyseven250 left a comment

No

Copy link

@amirkhan7javi amirkhan7javi left a comment

Thank you

Copy link

@ASTON-ELON ASTON-ELON left a comment

@mhirkhan1988
Copy link

mhirkhan1988 commented Nov 14, 2022

image

@Sakineh1375
Copy link

Sakineh1375 commented Nov 29, 2022

Hdthvgyu7uuhh

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment