This document is translated from English. In the event of any conflict, uncertainty, or apparent inconsistency between this version and the English version(s) of this document, the English version is the controlling version. If you have suggestions to improve our translation, please open an issue in our site-policy repository.
Versión del artículo: GitHub.com

GitHub Insights and data protection for your organization

GitHub Insights analyzes your Servidor de GitHub Enterprise data. This data could include personal data of individuals in your organization who may have the right to understand how such personal data is being used.

GitHub Insights is available with GitHub One. Para obtener más información, consulta "Productos de GitHub".

En este artículo

For more information about the terms that govern GitHub Insights, see your GitHub One subscription agreement.

For the avoidance of doubt, none of the foregoing information should be considered legal advice provided by GitHub. You are responsible for securing your own legal analysis of the information provided herein and for your compliance with privacy and data protection laws. It is up to you whether to use GitHub Insights to process your employees’ and users’ data, and if you do so, you are solely responsible for conducting such processing in compliance with applicable law.

The organization’s roles and responsibilities

When using GitHub Insights, your organization is the data controller because your organization determines whether, how, and why GitHub Insights will process any individual’s personal data. Your organization is solely responsible for ensuring that you are complying with all applicable laws in processing data with GitHub Insights.

Data privacy recommendations

You have full control over which metrics, reports, repositories, and contributors to include before beginning use of GitHub Insights. The data you process with GitHub Insights can only be pulled from your installation of Servidor de GitHub Enterprise. Consider balancing the risks versus the benefits of analyzing personal data.

  • Develop a clear analysis plan: You must understand clearly what you want to analyze and why, and then consider how GitHub Insights may help you find those answers.

  • Consider a data protection impact assessment: If your proposed use of GitHub Insights involves processing personal data, consider completing a data protection impact assessment or otherwise completing formal legal analysis of your planned use.

Decide what data to use

  • Decide which repositories to include: Before you start an analysis in GitHub Insights, consider which repositories to include. Administrators can include repositories when adding organizations and can enable and disable repositories at any time. For more information on adding organizations to GitHub Insights, see "Managing organizations." For more information on enabling and disabling repositories, see "Managing repositories."

  • Decide which metrics and reports to include: Administrators can enable and disable metrics and reports available for all users at any time. Administrators control the GitHub Insights data that users have access to in your installation of Servidor de GitHub Enterprise. For more information, see "Managing available metrics and reports."

  • Decide which contributors to include: Administrators can disable a specific contributor’s data from being processed in the metrics and reports. For more information on managing contributor data, see "Managing contributors and teams."

User rights

Under various data protection regulations, such as the General Data Protection Regulation (GDPR), users may have the right to request exclusion from processing, access, and correction, or to request deletion of their personal data. As the data controller, your organization should evaluate whether a particular user request is valid and, if appropriate, take action to fulfill the request.

  • Exclusion of processing: Users may have the right to have their personal data excluded from being processed. Administrators have the ability to remove a contributor’s data from being processed in GitHub Insights, and the resulting reports and metrics will exclude the contributor’s data accordingly. For more information, see "Managing contributors and teams."

  • Access: Users may have the right to demand to see what personal data is being processed. Each metric and report has a detailed description of what personal data is being processed. For more information, see "Metrics available with GitHub Insights." Raw data is available through the GitHub Enterprise API. Your organization is responsible for any decisions to process personal data and for fulfilling any such requests.

  • Correction and deletion: Users may have the right to rectify or delete their personal data. The data used in GitHub Insights is derived from the existing data you add to or generate from your Servidor de GitHub Enterprise installation. Correction and deletion should follow your organization's existing process to correct and delete data from Servidor de GitHub Enterprise.

  • Transparency regarding processing: Each metric and report has a detailed description of what personal data is being processed. For more information, see "Metrics available with GitHub Insights."

Pregunta a una persona

¿No puedes encontrar lo que estás buscando?

Contáctanos