Privacy Policy

Last updated: June 18, 2020

Who We Are?

This is wchen342's personal Gitea instance (referred to as "we" or "this Gitea Instance" below).

What Personal Data We Collect?

We collect following personal data (collectively called User Personal Information):

  1. Registration information (username, email, password, etc.)
  2. Optional profile information for your Account (such as your full name, biography, website, gpg key, and location.)
  3. Usage information (pages you view, your IP address, referring site, session information, and request date and time.)
  4. Device information (IP address, client application information, language preference, operating system and application version, device type.)
  5. Git data that you upload to a repository
  6. Cookies and Similar Technologies

This Gitea Instance is distributed through Cloudflare. Please refer to Privacy Policy about how your personal information will be collected and processed by Cloudflare.

We don't intentionally collect sensitive information (such as racial or ethnic origin, political affiliations, religious/philosophical beliefs, biometric data, etc.). If you choose to store any of such data on our servers, you are responsible for complying with any regulations regarding them.

How We Share Information We Collect?

We may share your User Personal Information with third-parties under following circumstances:

With your Consent

We share your User Personal Information, if you consent, after letting you know what information will be shared, with whom, and why. For example, if you allow third party applications to access your Account using OAuth2 providers, we share all information associated with your Account, including private repos and organizations. You may also direct us through your action on this Gitea Instance to share your User Personal Information, such as when joining an Organization.

With Service Providers

We share User Personal Information with a limited number of service providers who process it on our behalf to provide or improve our Service, and who have agreed to privacy restrictions similar to the ones in our Privacy Statement by signing data protection agreements or making similar commitments. Our service providers perform payment processing, customer support ticketing, network data transmission, security, and other similar services. While this Gitea Instance processes all User Personal Information in Canada, our service providers may process data outside of Canada, the United States or the European Union.

For Security Purposes

If you are a member of an Organization, this Gitea Instance may share your username, Usage Information, and Device Information associated with that Organization with an owner and/or administrator of the Organization who has agreed to the Corporate Terms of Service or applicable customer agreements, to the extent that such information is provided only to investigate or respond to a security incident that affects or compromises the security of that particular Organization.

For Legal Disclosure

This Gitea Instance strives for transparency in complying with legal process and legal obligations. Unless prevented from doing so by law or court order, or in rare, exigent circumstances, we make a reasonable effort to notify users of any legally compelled or required disclosure of their information. This Gitea Instance may disclose User Personal Information or other information we collect about you to law enforcement if required in response to a valid subpoena, court order, search warrant, a similar government order, or when we believe in good faith that disclosure is necessary to comply with our legal obligations, to protect our property or rights, or those of third parties or the public at large.

Change in Control or Sale

We may share User Personal Information if we are involved in a merger, sale, or acquisition of corporate entities or business units. If any such change of ownership happens, we will ensure that it is under terms that preserve the confidentiality of User Personal Information, and we will notify you on our Website or by email before any transfer of your User Personal Information. The organization receiving any User Personal Information will have to honor any promises we made in our Privacy Statement or Terms of Service.

Aggregate, Non-Personally Identifying Information

We share certain aggregated, non-personally identifying information with others about how our users, collectively, use this Gitea Instance. For example, we may compile statistics on the open source activity across this Gitea Instance.

We don't sell your User Personal Information for monetary or other consideration.

How We Use Your Information?

We may use your information for following purposes:

  1. We use your Registration Information to create your account, and to provide you the Service.
  2. We use your User Personal Information, specifically your username, to identify you on this Gitea Instance.
  3. We use your Profile Information to fill out your Account profile and to share that profile with other users if you ask us to.
  4. We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay.
  5. We use User Personal Information and other data to make recommendations for you, such as to suggest projects you may want to follow or contribute to. We learn from your public behavior on this Gitea Instance—such as the projects you star—to determine your coding interests, and we recommend similar projects. These recommendations are automated decisions, but they have no legal impact on your rights.
  6. We use Usage Information and Device Information to better understand how our Users use this Gitea Instance and to improve our Website and Service.
  7. We may use your User Personal Information if it is necessary for security purposes or to investigate possible fraud or attempts to harm this Gitea Instance or our Users.
  8. We may use your User Personal Information to comply with our legal obligations, protect our intellectual property, and enforce our Terms of Service.
  9. We limit our use of your User Personal Information to the purposes listed in this Privacy Statement. If we need to use your User Personal Information for other purposes, we will ask your permission first. You can always see what information we have, how we're using it, and what permissions you have given us in your user profile.

How this Gitea Instance Secures Your Information?

This Gitea Instance takes all measures reasonably necessary to protect User Personal Information from unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of User Personal Information.

In the event of a data breach that affects your User Personal Information, we will act promptly to mitigate the impact of a breach and notify any affected Users without undue delay.

Transmission of data on this Gitea Instance is encrypted using HTTPS (TLS), and git repository content is encrypted at rest. We host this Gitea Instance at Linode, which they provide data centers with high level of physical and network security.

Disclaimer: No method of transmission, or method of electronic storage, is 100% secure, therefore, we cannot guarantee absolute security.

Cookies and Tracking Usage

Cookies

We uses cookies to make interactions with our service easy and meaningful. Cookies are small text files that websites often store on computer hard drives or mobile devices of visitors. We use cookies (and similar technologies, like HTML5 localStorage) to keep you logged in, remember your preferences, and provide information for future development of this Gitea Instance. For security purposes, we use cookies to identify a device. By using our Website, you agree that we can place these types of cookies on your computer or device. If you disable your browser or device’s ability to accept these cookies, you will not be able to log in or use our services.

Tracking and Analytics

Out of the box, Gitea doesn't use third-party analytics. However, Cloudflare may place analytics tools in order to track visitor behaviors. We do that to help us evaluate our Users' use of this Gitea Instance, and improve website performance and ensure the security of this Gitea Instance.

Repository Contents

We do not access private repositories unless required to for security purposes, for support, to maintain integrity of the Service, or to comply with our legal obligations. While we don't generally search for content in your repositories, we may scan our servers and your content to detect tokens or security signatures, known malwares, or child exploitation imagery.

If your repository is public, anyone may view its contents. If you include private, confidential or Sensitive Personal Information, such as email addresses or passwords, in your public repository, that information may be indexed by search engines or used by third parties.

Public Information

Many of our services and feature are public-facing. If your content is public-facing, third parties may access and use it in compliance with our Terms of Service, such as by viewing your profile or repositories or pulling data via our API. We do not sell that content; it is yours. However, we do allow third parties, such as research organizations or archives, to compile public-facing information from this Gitea Instance.

Your User Personal Information associated with your content could be gathered by third parties in these compilations of this Gitea Instance data. If you do not want your User Personal Information to appear in third parties’ compilations of this Gitea Instance data, please do not make your User Personal Information publicly available and be sure to configure your email address to be private in your user profile and in your git commit settings.

If you would like to compile this Gitea Instance data, you must comply with our Terms of Service regarding scraping and privacy, and you may only use any public-facing User Personal Information you gather for the purpose for which our user authorized it. For example, where a user on this Gitea Instance has made an email address public-facing for the purpose of identification and attribution, do not use that email address for commercial advertising. We expect you to reasonably secure any User Personal Information you have gathered from this Gitea Instance, and to respond promptly to complaints, removal requests, and "do not contact" requests from this Gitea Instance or this Gitea Instance users.

In similar fashion, projects on this Gitea Instance may include publicly available User Personal Information collected as part of the collaborative events.

How You Can Access and Control the Information We Collect?

If you're already a user on this Gitea Instance, you may access, update, alter, or delete your basic user information by editing your user profile. You can control the information we collect about you by limiting what information is in your profile, or by keeping your information current.

If this Gitea Instance processes information about you, such as information receives from third parties, and you do not have an account, then you may, subject to applicable law, access, update, alter, delete, or object to the processing of your personal information by contacting site admins.

Data Portability

As a user on this Gitea Instance, you can always take your data with you. You can clone your repositories to your computer, or you can perform migrations using the provided interfaces, for example.

Data Retention and Deletion of Data

In general, this Gitea Instance retains User Personal Information for as long as your account is active, or as needed to provide you service.

If you would like to cancel your account or delete your User Personal Information, you may do so in your user profile. We retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements, but barring legal requirements, we will delete your full profile (within reason) within 90 days of your request. Feel free to contact site admins to request erasure of the data we process on the bassis of consent within 30 days.

After an account has been deleted, certain data, such as contributions to other Users' repositories and comments in others' issues, will remain. However, we will delete or de-identify your User Personal Information, including your username and email address, from the author field of issues, pull requests, and comments by associating them with a ghost user.

That said, the email address you have supplied via your Git commit settings will always be associated with your commits in the Git system. If you choose to make your email address private, you should also update your Git commit settings. We are unable to change or delete data in the Git commit history — the Git software is designed to maintain a record — but we do enable you to control what information you put in that record.

Our Global Privacy Practices

We store and process the information that we collect in Canada in accordance with this Privacy Statement though our service providers may store and process data outside Canada. However, we understand that we have Users from different countries and regions with different privacy expectations, and we try to meet those needs even when Canada does not have the same privacy framework as other countries.

In particular:

How We Communicate with You?

We use your email address to communicate with you, if you've said that's okay, and only for the reasons you’ve said that’s okay. For example, if you contact site admins with a request, we respond to you via email. You have a lot of control over how your email address is used and shared on and through this Gitea instance. You may manage your communication preferences in your user profile.

By design, the Git version control system associates many actions with a User's email address, such as commit messages. We are not able to change many aspects of the Git system. If you would like your email address to remain private, even when you’re commenting on public repositories, you can create a private email address in your user profile. You should also update your local Git configuration to use your private email address. This will not change how we contact you, but it will affect how others see you.

Depending on your email settings, this Gitea instance may occasionally send notification emails about changes in a repository you’re watching, new features, requests for feedback, important policy changes, or to offer customer support. Note that you can opt out of any communications with us, except the important ones (like system emails).

Changes to this Privacy Policy

Although most changes are likely to be minor, this Gitea Instance may change our Privacy Statement from time to time. We will provide notification to Users of material changes to this Privacy Statement through our Website at least 30 days prior to the change taking effect by posting a notice on our home page or sending email to the primary email address specified in your account.

Contact

If you have any concerns about privacy, please contact us at [will be added soon]. We will respond promptly within 45 days.

COPYING

This document is licensed under CC0 Public Domain License. See full legal code here.