Seeking more clarity on use of my private GitHub information #1315
Comments
|
Hey there! Valid concerns! TBH we used some boilerplate privacy policy and i need to gut this thing. Let me give you the quick rundown
|
jhechtf
added
documentation
|
Hi @bautistaaa: Thanks for the quick rundown! Your initial response only mentioned an email address — it sounds like the information obtained via the scope I'm looking forward to a complete explanation after the new changes are finalized. |
i’ll have to look deeper. it’s just using whatever nextauth needs and i think it’s using first name and last name fields. need to verify what exactly that scope reads but confident it likely needs it for account creation |
The current privacy policy doesn't clearly explain how you use or plan to use private information received by the GitHub API — specifically, it doesn't provide enough detail. I'd like to better understand exactly how my information will be used.
Relevant section:
Complete, static copy of Privacy Policy HTML content captured at
2023-12-12T02:55:30Z:Privacy Policy for Typehero
Typehero ("we”, “us”, or “our") provides this Privacy Policy to inform you of our policies and procedures regarding the collection, use and disclosure of personal information we may receive from users of our website (“Site”), accessible from https://typehero.dev, and any other services offered by us in connection with our site (any and all of the foregoing the "Services").
If you have additional questions or require more information about our Privacy Policy, do not hesitate to contact us at typeheroapp@gmail.com.
This Privacy Policy applies only to our online activities and is valid for visitors to our website with regards to the information that they shared and/or collect in Typehero. This policy is not applicable to any information collected offline or via channels other than this website.
Consent
By using our website, you hereby consent to our Privacy Policy and agree to its terms.
Information we collect
In the course of using the Services, we collect personally identifiable information, in the form of Persistent Identifiers, including IP Address. We collect and store this personal information solely for the purpose of providing support for the internal operations of our Services and our Site.
If you contact us directly, we may receive additional information about you such as your name, email address, phone number, the contents of the message and/or attachments you may send us, and any other information you may choose to provide.
When you register for an Account, we may ask for your contact information, including items such as name, company name, address, email address, and telephone number.
How we use your information
We use the information we collect in various ways, including to:
Log Files
Typehero follows a standard procedure of using log files. These files log visitors when they visit websites. All hosting companies do this and a part of hosting services' analytics. The information collected by log files include internet protocol (IP) addresses, browser type, Internet Service Provider (ISP), date and time stamp, referring/exit pages, and possibly the number of clicks. These are not linked to any information that is personally identifiable. The purpose of the information is for analyzing trends, administering the site, tracking users' movement on the website, and gathering demographic information.
Cookies and Web Beacons
Like any other website, Typehero uses "cookies". These cookies are used to store information including visitors' preferences, and the pages on the website that the visitor accessed or visited. The information is used to optimize the users' experience by customizing our web page content based on visitors' browser type and/or other information.
Advertising Partners Privacy Policies
You may consult this list to find the Privacy Policy for each of the advertising partners of Typehero.
Third-party ad servers or ad networks uses technologies like cookies, JavaScript, or Web Beacons that are used in their respective advertisements and links that appear on Typehero, which are sent directly to users' browser. They automatically receive your IP address when this occurs. These technologies are used to measure the effectiveness of their advertising campaigns and/or to personalize the advertising content that you see on websites that you visit.
Note that Typehero has no access to or control over these cookies that are used by third-party advertisers.
Third Party Privacy Policies
Typehero's Privacy Policy does not apply to other advertisers or websites. Thus, we are advising you to consult the respective Privacy Policies of these third-party ad servers for more detailed information. It may include their practices and instructions about how to opt-out of certain options.
You can choose to disable cookies through your individual browser options. To know more detailed information about cookie management with specific web browsers, it can be found at the browsers' respective websites.
Links to Other Sites
Our services may contain links to other websites, applications, and online services. If you choose to visit a third party service or click on another third party link, you will be directed to that third party's website, application, or online service. The fact that we link to a website, content is not an endorsement, authorization or representation of our affiliation with that third party, nor is it an endorsement of their privacy or information security policies or practices. We do not exercise control over third party websites or services.
CCPA Privacy Rights (Do Not Sell My Personal Information)
Under the CCPA, among other rights, California consumers have the right to:
Request that a business that collects a consumer's personal data disclose the categories and specific pieces of personal data that a business has collected about consumers.
Request that a business delete any personal data about the consumer that a business has collected.
Request that a business that sells a consumer's personal data, not sell the consumer's personal data.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at typeheroapp@gmail.com.
Information Sharing
WE WILL NOT SHARE, SELL, RENT, OR TRADE YOUR PERSONAL INFORMATION WITH OTHER PARTIES EXCEPT AS PROVIDED BELOW:
Personal Information: We may share personal information including IP Address, for the purpose of providing support for the internal operations of our services and our site.
"Support for the internal operations of our Services and our Site" means activities necessary for the services or site to maintain or analyze its functioning; perform network communications; authenticate users or personalize content; ensure legal or regulatory compliance; or perform other usage analytics. Through our services and site, no other personal information is collected and the persistent identifiers are not used or disclosed to contact a specific individual.
International Transfer
Your information may be transferred to - and maintained on - computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you are located outside the United States and choose to provide information to us, we may transfer the personal information to the United States and processes it there. Use of our services or site represents your consent to this Privacy Policy and your agreement to that transfer.
GDPR Data Protection Rights
We would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:
The right to access – You have the right to request copies of your personal data. We may charge you a small fee for this service.
The right to rectification – You have the right to request that we correct any information you believe is inaccurate. You also have the right to request that we complete the information you believe is incomplete.
The right to erasure – You have the right to request that we erase your personal data, under certain conditions.
The right to restrict processing – You have the right to request that we restrict the processing of your personal data, under certain conditions.
The right to object to processing – You have the right to object to our processing of your personal data, under certain conditions.
The right to data portability – You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us.
Children's Information
Another part of our priority is adding protection for children while using the internet. We encourage parents and guardians to observe, participate in, and/or monitor and guide their online activity.
Typehero does not knowingly collect any Personal Identifiable Information from children under the age of 13. If you think that your child provided this kind of information on our website, we strongly encourage you to contact us immediately and we will do our best efforts to promptly remove such information from our records.
Changes to This Privacy Policy
This Privacy Policy may be revised periodically, and this will be reflected by a 'Last modified' date below. Thus, we advise you to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page. These changes are effective immediately, after they are posted on this page.
Contact Information
Please contact us with any questions or comments about this Privacy Policy, Our Privacy Policy Toward Children, your personal information, and our third-party disclosure practices, at typeheroapp@gmail.com
Last modified: 10/15/2023
The GitHub auth login URL is in the form of:
where the decoded scopes are
read:useranduser:email. The auth dialog presents this information about the scopes:and the GitHub API docs at Scopes for OAuth apps include this information:
I'd like clarity about exactly how my information will be used. For example, precisely which fields from my "private profile information" will be used to "Provide, operate, and maintain", "Improve, personalize, and expand", "Understand and analyze", etc. and how each of those fields be used to do so?
Similarly, I'd like more concrete information about how my "private email addresses" will be used. Which kinds of emails? How often do you intend to mail my addresses? What mechanisms are available for me to opt-out prior to receiving any unwanted messages, etc.?
I hope you don't receive this negatively. Privacy is important for each of us, and better transparency is good for both parties (you and your users). Thanks!
The text was updated successfully, but these errors were encountered: