dn42 Git Privacy Policy

Last updated: April 19, 2023

Scope

This server is a gitea instance maintained by the dn42 community.
You can contact the server administrators via the dn42 mailing list: https://groups.io/g/dn42

The service hosts shared community repositories and is the primary source for the dn42 registry and wiki. Users are also able to create and manage their own git repositories.

There are two distinct cases where personal data may be used in this sevice:

  1. Data submitted to the git repositories stored on this server
  2. Data required to use and operate the gitea software

The policy with respect to these two cases is detailed separately in the sections below.

Changes to this privacy policy

Any material changes to the privacy policy will be communicated via the dn42 mailing list.

1) Data submitted to git repositories

You may voluntarily submit personal data in to the git repositories held on this server, this may include:

  1. Fields in the git commit history (e.g. name, email address, signatures)
  2. Data held in within the repository files (e.g. contact information within a registry MNTNER object)

Once submitted, any data stored in git cannot be changed or deleted

You are not required to submit any personal data in to the git repositories. Should you choose to provide personal data it will be stored within git which, by design, maintains an immutable record of all changes made.

Any data you provide cannot be kept private and will be made publically available.

Any data you submit to shared repositories will be visible to other users and all users have the ability to make copies of the repositories which may then be stored, shared or processed in arbitrary ways (e.g. users must make local copies of repositories to make changes, or they may re-distribute the data by providing services based on the data to the community).

Do not provide any personal data unless you understand and accept that it will be made public and cannot be changed.

You are in control of the data that you submit, you are not required to provide personal data to register or use dn42.

2) Data required to use and operate the gitea software

The personal data collected via gitea is used solely for the provision and operation of the service.

What data is collected?

We collect following personal data (collectively called User Personal Information):

  1. Registration information (username, email, password, etc.)
  2. Profile information for your Account (such as your full name, biography, website, gpg key, and location.)
  3. Usage information (pages you view, your IP address, referring site, session information, and request date and time.)
  4. Device information (its IP address, client application information, language preference, operating system and application version, device type, ID, model and manufacturer.)
  5. Git data that you upload to a repository
  6. Cookies and Similar Technologies

We do not collect any Personal Information from any third parties

How is any personal information shared?

Your information is shared only where necessary and to allow operation of the service, specifically:

With Service Providers

Unfortunately git spam is a thing and we implement a Cloudflare Turnstile captcha on the gitea registration page to help reduce registration spam. This will share some of your browser data with Cloudflare and you can click the links on the captcha to access their privacy policy.

The gitea service has federated avatars enabled via gravatar integration. You can access the gravatar privacy policy via their web page.

For Legal Disclosure

We may provide your personal information to appropriate law enforcement agencies if required to do so in response to a valid order or warrant, or we believe in good faith that it is necessary to protect the service or public.

Cookies

We use cookies (and similar technologies, like HTML5 localStorage) to keep you logged in and remember your preferences. For security purposes, we use cookies to identify a device. By using our Website, you agree that we can place these types of cookies on your computer or device. If you disable your browser or device’s ability to accept these cookies, you will not be able to log in or use the service.

How You Can Access and Control the Information We Collect?

If you're already a user, you may access, update, alter, or delete your basic user information by editing your user profile. You can control the information we collect about you by limiting what information is in your profile, or by keeping your information current.

Data Retention and Deletion of Gitea Account Data

In general, your gitea account Personal Information is retained for as long as your account is active, or as needed to provide you service.

If you would like to cancel your account or delete your User Personal Information, you may do so in your user profile. We retain and use your information as necessary to comply with our legal obligations or resolve disputes.

After an account has been deleted, certain data, such as contributions to other Users' repositories and comments in others' issues, will remain. However, we will delete or de-identify your User Personal Information, including your username and email address, from the author field of issues, pull requests, and comments by associating them with a ghost user.

Note: As detailed in the first secion, data held within git repositories is immutable and cannot be deleted.