411 lines
No EOL
23 KiB
HTML
411 lines
No EOL
23 KiB
HTML
<!DOCTYPE html>
|
||
<html lang="en">
|
||
|
||
<head>
|
||
<meta charset="UTF-8">
|
||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||
<meta name="description" content="${description}">
|
||
<title>Hippoz.</title>
|
||
<link rel="stylesheet" href="style.css">
|
||
</head>
|
||
|
||
<body>
|
||
<div class="main-container">
|
||
<div class="branding-container">
|
||
<span class="branding-primary">hippoz</span>
|
||
<span class="branding-secondary">privacy policy</span>
|
||
</div>
|
||
|
||
<p>Last updated: October 19, 2022</p>
|
||
|
||
<h2>Who We Are?</h2>
|
||
|
||
<p>Hippoz</p>
|
||
|
||
<h2>What Personal Data We Collect?</h2>
|
||
|
||
<p>We collect following personal data (collectively called User Personal Information):</p>
|
||
|
||
<ol>
|
||
<li>Registration information (username, email, password, etc.)</li>
|
||
<li>Profile information for your Account (such as your full name, biography, website, gpg key, and
|
||
location.)</li>
|
||
<li>Usage information (pages you view, your IP address, referring site, session information, and request
|
||
date and time.)</li>
|
||
<li>Device information (its IP address, client application information, language preference, operating
|
||
system and application version, device type, ID, model and manufacturer.)</li>
|
||
<li>Git data that you upload to a repository</li>
|
||
<li>Cookies and Similar Technologies</li>
|
||
</ol>
|
||
|
||
<p>We may also collect User Personal Information from third-parties (vendors, partners, or affiliates). We
|
||
don't
|
||
purchase them from third-party data brokers, though.</p>
|
||
|
||
<p>However, we don't intentionally collect sensitive information (such as racial or ethnic origin, political
|
||
affiliations, religious/philosophical beliefs, biometric data, etc.)</p>
|
||
<!--If you choose to store any of such data on our servers, you are responsible for complying with any regulations regarding them.-->
|
||
|
||
<h2>How We Share Information We Collect?</h2>
|
||
|
||
<p>We may share your User Personal Information with third-parties under following circumstances:</p>
|
||
|
||
<h3>With your Consent</h3>
|
||
|
||
<p>We share your User Personal Information, if you consent, after letting you know what information will be
|
||
shared, with whom, and why. For example, if you allow third party applications to access your Account
|
||
using
|
||
<a href="https://docs.gitea.io/en-us/oauth2-provider/">OAuth2 providers</a>, we share all information
|
||
associated with your Account, including private repos and organizations. You may also direct us through
|
||
your
|
||
action on Hippoz to share your User Personal Information, such as when joining an Organization.
|
||
</p>
|
||
|
||
<h3>With Service Providers</h3>
|
||
|
||
<p>We share User Personal Information with a limited number of service providers who process it on our
|
||
behalf to
|
||
provide or improve our Service, and who have agreed to privacy restrictions similar to the ones in our
|
||
Privacy Statement by signing data protection agreements or making similar commitments. Our service
|
||
providers
|
||
perform payment processing, customer support ticketing, network data transmission, security, and other
|
||
similar services. While Hippoz processes all User Personal Information in the European
|
||
Union, our service providers may process data outside of the United States or the European Union.</p>
|
||
|
||
<h3>For Security Purposes</h3>
|
||
|
||
<p>If you are a member of an Organization, Hippoz may share your username, Usage Information, and
|
||
Device Information associated with that Organization with an owner and/or administrator of the
|
||
Organization
|
||
who has agreed to the Corporate Terms of Service or applicable customer agreements, to the extent that
|
||
such
|
||
information is provided only to investigate or respond to a security incident that affects or
|
||
compromises
|
||
the security of that particular Organization.</p>
|
||
|
||
<h3>For Legal Disclosure</h3>
|
||
|
||
<p>Hippoz strives for transparency in complying with legal process and legal obligations. Unless
|
||
prevented from doing so by law or court order, or in rare, exigent circumstances, we make a reasonable
|
||
effort to notify users of any legally compelled or required disclosure of their information. Hippoz may
|
||
disclose User Personal Information or other information we collect about you to law enforcement
|
||
if required in response to a valid subpoena, court order, search warrant, a similar government order, or
|
||
when we believe in good faith that disclosure is necessary to comply with our legal obligations, to
|
||
protect
|
||
our property or rights, or those of third parties or the public at large.</p>
|
||
|
||
<h3>Change in Control or Sale</h3>
|
||
|
||
<p>We may share User Personal Information if we are involved in a merger, sale, or acquisition of corporate
|
||
entities or business units. If any such change of ownership happens, we will ensure that it is under
|
||
terms
|
||
that preserve the confidentiality of User Personal Information, and we will notify you on our Website or
|
||
by
|
||
email before any transfer of your User Personal Information. The organization receiving any User
|
||
Personal
|
||
Information will have to honor any promises we made in our Privacy Statement or Terms of Service.</p>
|
||
|
||
<h3>Aggregate, Non-Personally Identifying Information</h3>
|
||
|
||
<p>We share certain aggregated, non-personally identifying information with others about how our users,
|
||
collectively, use Hippoz, or how our users respond to our other offerings, such as our
|
||
conferences or events. For example, we may compile statistics on the open source activity across Hippoz.
|
||
</p>
|
||
|
||
<p>We <b>don't</b> sell your User Personal Information for monetary or other consideration. </p>
|
||
|
||
<h2>How We Use Your Information?</h2>
|
||
|
||
<p>We may use your information for following purposes:</p>
|
||
|
||
<ol>
|
||
<li>We use your Registration Information to create your account, and to provide you the Service.</li>
|
||
<li>We use your User Personal Information, specifically your username, to identify you on Hippoz.</li>
|
||
<li>We use your Profile Information to fill out your Account profile and to share that profile with
|
||
other
|
||
users if you ask us to.</li>
|
||
<li>We use your email address to communicate with you, if you've said that's okay, and only for the
|
||
reasons
|
||
you’ve said that’s okay.</li>
|
||
<li>We use User Personal Information and other data to make recommendations for you, such as to suggest
|
||
projects you may want to follow or contribute to. We learn from your public behavior on Hippoz—such
|
||
as
|
||
the projects you star—to determine your coding interests, and we recommend similar
|
||
projects. These recommendations are automated decisions, but they have no legal impact on your
|
||
rights.
|
||
</li>
|
||
<li>We use Usage Information and Device Information to better understand how our Users use Hippoz and to
|
||
improve our Website and Service.</li>
|
||
<li>We may use your User Personal Information if it is necessary for security purposes or to investigate
|
||
possible fraud or attempts to harm Hippoz or our Users.</li>
|
||
<li>We may use your User Personal Information to comply with our legal obligations, protect our
|
||
intellectual
|
||
property, and enforce our Terms of Service.</li>
|
||
|
||
<li>We limit our use of your User Personal Information to the purposes listed in this Privacy Statement.
|
||
If
|
||
we need to use your User Personal Information for other purposes, we will ask your permission first.
|
||
You
|
||
can always see what information we have, how we're using it, and what permissions you have given us
|
||
in
|
||
your user profile.</li>
|
||
</ol>
|
||
|
||
<h2>How Hippoz Secures Your Information?</h2>
|
||
|
||
<p>Hippoz takes all measures reasonably necessary to protect User Personal Information from
|
||
unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate
|
||
use
|
||
of User Personal Information.</p>
|
||
|
||
<p>To the extent above, we enforce a written security information program, which:</p>
|
||
|
||
<ul>
|
||
<li>aligns with industry recognized frameworks;</li>
|
||
<li>includes security safeguards reasonably designed to protect the confidentiality, integrity,
|
||
availability, and resilience of our Users' data;</li>
|
||
<li>is appropriate to the nature, size, and complexity of Hippoz’s business operations;</li>
|
||
<li>includes incident response and data breach notification processes; and</li>
|
||
<li>complies with applicable information security-related laws and regulations in the geographic regions
|
||
where Hippoz does business.</li>
|
||
</ul>
|
||
|
||
<p>In the event of a data breach that affects your User Personal Information, we will act promptly to
|
||
mitigate
|
||
the impact of a breach and notify any affected Users without undue delay.</p>
|
||
|
||
<p>Transmission of data on Hippoz is encrypted using SSH, HTTPS (TLS), and git repository content
|
||
is encrypted at rest.</p>
|
||
|
||
<p><b>Disclaimer:</b> No method of transmission, or method of electronic storage, is 100% secure, therefore,
|
||
we
|
||
cannot guarantee absolute security.</p>
|
||
|
||
<h2>Cookies and Tracking Usage</h2>
|
||
|
||
<h3>Cookies</h3>
|
||
|
||
<p>We uses cookies to make interactions with our service easy and meaningful. Cookies are small text files
|
||
that
|
||
websites often store on computer hard drives or mobile devices of visitors. We use cookies (and similar
|
||
technologies, like HTML5 localStorage) to keep you logged in, remember your preferences, and provide
|
||
information for future development of Hippoz. For security purposes, we use cookies to identify
|
||
a device. By using our Website, you agree that we can place these types of cookies on your computer or
|
||
device. If you disable your browser or device’s ability to accept these cookies, you will not be able to
|
||
log
|
||
in or use our services.</p>
|
||
|
||
<h3>Tracking and Analytics</h3>
|
||
|
||
<p>Out of the box, Gitea doesn't use third-party analytics. In case when we opt in to their usage, we do
|
||
that to
|
||
help us evaluate our Users' use of Hippoz, compile statistical reports on activity, and improve
|
||
our content and Website performance. We only use interal analytics software on certain areas of
|
||
our Website.</p>
|
||
|
||
<h2>Repository Contents</h2>
|
||
|
||
<p>Our employees do not access private repositories unless required to for security purposes, for support,
|
||
to
|
||
maintain integrity of the Service, or to comply with our legal obligations. While we don't generally
|
||
search
|
||
for content in your repositories, we may scan our servers and your content to detect tokens or security
|
||
signatures, known malwares, or child exploitation imagery.</p>
|
||
|
||
<p>If your repository is public, anyone may view its contents. If you include private, confidential or
|
||
Sensitive
|
||
Personal Information, such as email addresses or passwords, in your public repository, that information
|
||
may
|
||
be indexed by search engines or used by third parties.</p>
|
||
|
||
<h2>Public Information</h2>
|
||
|
||
<p>Many of our services and feature are public-facing. If your content is public-facing, third parties may
|
||
access and use it in compliance with our Terms of Service, such as by viewing your profile or
|
||
repositories
|
||
or pulling data via our API. We do not sell that content; it is yours. However, we do allow third
|
||
parties,
|
||
such as research organizations or archives, to compile public-facing Hippoz information. Other
|
||
third parties, such as data brokers, have been known to scrape Hippoz and compile data as well.
|
||
</p>
|
||
|
||
<p>Your User Personal Information associated with your content could be gathered by third parties in these
|
||
compilations of Hippoz data. If you do not want your User Personal Information to appear in
|
||
third parties’ compilations of Hippoz data, please do not make your User Personal Information
|
||
publicly available and be sure to configure your email address to be private in your user profile and in
|
||
your git commit settings.</p>
|
||
|
||
<p>If you would like to compile Hippoz data, you must comply with our Terms of Service regarding
|
||
scraping and privacy, and you may only use any public-facing User Personal Information you gather for
|
||
the
|
||
purpose for which our user authorized it. For example, where a Hippoz user has made an email
|
||
address public-facing for the purpose of identification and attribution, do not use that email address
|
||
for
|
||
commercial advertising. We expect you to reasonably secure any User Personal Information you have
|
||
gathered
|
||
from Hippoz, and to respond promptly to complaints, removal requests, and "do not contact"
|
||
requests from Hippoz or Hippoz users.</p>
|
||
|
||
<p>In similar fashion, projects on Hippoz may include publicly available User Personal Information
|
||
collected as part of the collaborative events.</p>
|
||
|
||
<h2>Organizations</h2>
|
||
|
||
<p>If you collaborate on or become a member of an Organization, then its Account owners may receive your
|
||
User
|
||
Personal Information. When you accept an invitation to an Organization, you will be notified of the
|
||
types of
|
||
information owners may be able to see. If you accept an invitation to an Organization with a verified
|
||
domain, then the owners of that Organization will be able to see your full email address(es) within that
|
||
Organization's verified domain(s).</p>
|
||
|
||
<p>Please note, Hippoz may share your username, Usage Information, and Device Information with the
|
||
owner of the Organization you are a member of, to the extent that your User Personal Information is
|
||
provided
|
||
only to investigate or respond to a security incident that affects or compromises the security of that
|
||
particular Organization.</p>
|
||
|
||
<p>If you collaborate with or become a member of an Account that has agreed to a Data Protection Addendum
|
||
(DPA)
|
||
to this Privacy Policy, then that DPA governs in the event of conflicts between this Privacy Policy and
|
||
DPA
|
||
with respect to your activity in the Account.</p>
|
||
|
||
<p>Please contact the Account owners for more information about how they might process your User Personal
|
||
Information in their Organization and the ways for you to access, update, alter, or delete the User
|
||
Personal
|
||
Information stored in the Account.</p>
|
||
|
||
<h2>How You Can Access and Control the Information We Collect?</h2>
|
||
|
||
<p>If you're already a Hippoz user, you may access, update, alter, or delete your basic user
|
||
information by editing your user profile. You can control the information we collect about you by
|
||
limiting
|
||
what information is in your profile, or by keeping your information current.</p>
|
||
|
||
<p>If Hippoz processes information about you, such as information receives from third parties, and
|
||
you do not have an account, then you may, subject to applicable law, access, update, alter, delete, or
|
||
object to the processing of your personal information by contacting our support.</p>
|
||
|
||
<h3>Data Portability</h3>
|
||
|
||
<p>As a Hippoz User, you can always take your data with you. You can clone your repositories to
|
||
your computer, or you can <a href="https://docs.gitea.io/en-us/migrations-interfaces/">perform
|
||
migrations
|
||
using the provided interfaces</a>, for example.</p>
|
||
|
||
<h3>Data Retention and Deletion of Data</h3>
|
||
|
||
<p>In general, Hippoz retains User Personal Information for as long as your account is active, or
|
||
as needed to provide you service.</p>
|
||
|
||
<p>If you would like to cancel your account or delete your User Personal Information, you may do so in your
|
||
user
|
||
profile. We retain and use your information as necessary to comply with our legal obligations, resolve
|
||
disputes, and enforce our agreements, but barring legal requirements, we will delete your full profile
|
||
(within reason) within 90 days of your request. Feel free to contact our support to request erasure of
|
||
the
|
||
data we process on the bassis of consent within 30 days.</p>
|
||
|
||
<p>After an account has been deleted, certain data, such as contributions to other Users' repositories and
|
||
comments in others' issues, will remain. However, we will delete or de-identify your User Personal
|
||
Information, including your username and email address, from the author field of issues, pull requests,
|
||
and
|
||
comments by associating them with a ghost user.</p>
|
||
|
||
<p>That said, the email address you have supplied via your Git commit settings will always be associated
|
||
with
|
||
your commits in the Git system. If you choose to make your email address private, you should also update
|
||
your Git commit settings. We are unable to change or delete data in the Git commit history — the Git
|
||
software is designed to maintain a record — but we do enable you to control what information you put in
|
||
that
|
||
record.</p>
|
||
|
||
<h2>Our Global Privacy Practices</h2>
|
||
|
||
<p>We store and process the information that we collect in the European Union in
|
||
accordance with this Privacy Statement though our service providers may store and process data outside
|
||
the
|
||
European Union. However, we understand that we have Users from different countries
|
||
and regions with different privacy expectations, and we try to meet those needs even when the European
|
||
Union does not have the same privacy framework as other countries.</p>
|
||
|
||
<p>We provide a high standard of privacy protection—as described in this Privacy Statement—to all our users
|
||
around the world, regardless of their country of origin or location, and we are proud of the levels of
|
||
notice, choice, accountability, security, data integrity, access, and recourse we provide. We work hard
|
||
to
|
||
comply with the applicable data privacy laws wherever we do business. Additionally, if
|
||
our vendors or affiliates have access to User Personal Information, they must sign agreements that
|
||
require
|
||
them to comply with our privacy policies and with applicable data privacy laws.</p>
|
||
|
||
<p>In particular:</p>
|
||
|
||
<ul>
|
||
<li>Hippoz provides clear methods of unambiguous, informed, specific, and freely given consent
|
||
at the time of data collection, when we collect your User Personal Information using consent as a
|
||
basis.
|
||
</li>
|
||
<li>We collect only the minimum amount of User Personal Information necessary for our purposes, unless
|
||
you
|
||
choose to provide more. We encourage you to only give us the amount of data you are comfortable
|
||
sharing.
|
||
</li>
|
||
<li>We offer you simple methods of accessing, altering, or deleting the User Personal Information we
|
||
have
|
||
collected, where legally permitted.</li>
|
||
<li>We provide our Users notice, choice, accountability, security, and access regarding their User
|
||
Personal
|
||
Information, and we limit the purpose for processing it. We also provide our Users a method of
|
||
recourse
|
||
and enforcement. These are the Privacy Shield Principles, but they are also just good practices.
|
||
</li>
|
||
</ul>
|
||
|
||
<h2>How We Communicate with You?</h2>
|
||
|
||
<p>We use your email address to communicate with you, if you've said that's okay, and only for the reasons
|
||
you’ve said that’s okay. For example, if you contact our support with a request, we respond to you via
|
||
email. You have a lot of control over how your email address is used and shared on and through Hippoz.
|
||
You
|
||
may manage your communication preferences in your user profile.</p>
|
||
|
||
<p>By design, the Git version control system associates many actions with a User's email address, such as
|
||
commit
|
||
messages. We are not able to change many aspects of the Git system. If you would like your email address
|
||
to
|
||
remain private, even when you’re commenting on public repositories, you can create a private email
|
||
address
|
||
in your user profile. You should also update your local Git configuration to use your private email
|
||
address.
|
||
This will not change how we contact you, but it will affect how others see you.</p>
|
||
|
||
<p>Depending on your email settings, Hippoz may occasionally send notification emails about changes
|
||
in a repository you’re watching, new features, requests for feedback, important policy changes, or to
|
||
offer
|
||
customer support. Note that you can opt out of any communications with us, except the important ones
|
||
(like from our
|
||
support and system emails).</p>
|
||
|
||
<h2>Changes to this Privacy Policy</h2>
|
||
|
||
<p>Although most changes are likely to be minor, Hippoz may change our Privacy Statement from time
|
||
to time. We will provide notification to Users of material changes to this Privacy Statement through our
|
||
Website at least 30 days prior to the change taking effect by posting a notice on our home page or
|
||
sending
|
||
email to the primary email address specified in your account.</p>
|
||
|
||
<h2>Contact</h2>
|
||
|
||
<p>If you have any concerns about privacy, please contact us at <a
|
||
href="mailto:privacy@hippoz.xyz">privacy@hippoz.xyz</a>. We will respond promptly,
|
||
within 45 days.</p>
|
||
|
||
<h2>COPYING</h2>
|
||
|
||
<p>This document is licensed under CC0 Public Domain License. See <a
|
||
href="https://creativecommons.org/publicdomain/zero/1.0/legalcode">full legal code here</a>.</p>
|
||
</div>
|
||
</body>
|
||
|
||
</html> |