StackHub Privacy Statement

Thank you for using StackHub!

Thanks for entrusting StackHub with your packages, and your business and personal information. Holding onto your private information is a serious responsibility, and we want you to know how we're handling it.

Effective date: 1st November 2018

The short version

We only collect the information you choose to give us, and we process it with your consent, or on another legal basis; we only require the minimum amount of personal information that is necessary to fulfill the purpose of your interaction with us; we don't sell it to third parties; and we only use it as this Privacy Statement describes. If you're visiting us from the EU, we are also compliant with the General Data Protection Regulation (GDPR). No matter where you are, where you live, or what your citizenship is, we provide the same standard of privacy protection to all our users around the world, regardless of their country of origin or location.

Of course, the short version doesn't tell you everything, so read on for more exciting details!

Summary

SectionWhat's it all about?
What information StackHub collects and whyStackHub collects basic information from visitors to our website, and some personal information from our users. We only require the minimum amount of personal information necessary from you.
What information StackHub does not collectWe don’t collect information from children under 18, and we don’t collect sensitive data.
How we share the information we collectWe share information to provide the service to you, to comply with your requests, or with our vendors. We do not sell your personal information.
How you can access and control the information we collectWe provide ways for you to access, alter, or delete your profile information.
Our use of cookies and trackingWe use cookies for the overall functionality of our website, and we use a small number of tracking and analytics services on a few parts of our site.
How StackHub secures your informationWe take all measures reasonably necessary to protect the confidentiality, integrity, and availability of your personal information on StackHub and to protect the resilience of our servers as they host your information.
StackHub's global privacy practicesStackHub complies with the European General Data Protection Regulation (GDPR).
How we respond to compelled disclosureWe may share your information in response to a warrant, subpoena, or other court action, or if disclosure is necessary to otherwise protect our rights.
How we, and others, communicate with youWe communicate with you by email. You can control your notification settings and marketing email options in your account.
Resolving complaintsWe want to resolve any issues you may have with our service so please contact us and we will respond to you promptly.
Changes to our Privacy StatementWe will notify you of material changes to this Privacy Statement 30 days in advance of any such changes becoming effective.

What information StackHub collects and why

Information from website browsers

If you're just browsing the website, we collect the same basic information that most websites collect. We use common internet technologies, such as cookies and web server logs. This is stuff we collect from everybody, whether they have an account or not.

The information we collect about all visitors to our website includes the visitor’s browser type, language preference, referring site, additional websites requested, and the date and time of each visitor request. We also collect potentially personally-identifying information like Internet Protocol (IP) addresses.

Why we collect this information

We collect this information to better understand how our website visitors use StackHub, and to monitor and protect the security of the website.

Information from users with accounts

If you create an account, we require some basic information at the time of account creation. You supply your own name and password, and we will ask you for a valid email address.

"User Personal Information" is any information about one a user which could, alone or together with other information, personally identify him or her. Information such as a user name and password, an email address, a real name, and a photograph are examples of “User Personal Information.” User Personal Information includes Personal Data as defined in the General Data Protection Regulation (GDPR).

Why we collect this information

We need your User Personal Information to create your account and to provide our services to you as a StackHub user.

StackHub services are primarily aimed at organizations. When you create an organization on StackHub, we ask for the organization name and for a business contact email address. These are for the purposes of providing our marketplace and file sharing services to your organization. There are optional fields which can further aid your marketing and correspondence between your business and other StackHub organizations such as; business address and contact telephone number. We do not use this information in any other capacity.

As a registered ‘Member’ of an organization, you have the capacity to act on behalf of your organization to use our Marketplace services, package hosting and sharing or to correspond on support requests. This includes full access to the information we have collected on the organization, such as the full list of its registered Members.

All organization members have the same administration rights. This includes the ability to add or remove other Members.

Your User Personal Information is only shared with fellow organization members. It is up to you if you include any personally identifiable information in user generated content, such as on vendor pages or in package contents.

We use User Personal Information and other data to provide you with updates and notifications.

We use your User Personal Information for internal purposes, such as to maintain logs for security reasons, and for legal documentation.

We limit our use of your User Personal Information to the purposes listed in this Privacy Statement. If we need to use your User Personal Information for other purposes, we will ask your permission first.

Our legal basis for processing information

Under certain international laws (including GDPR), StackHub is required to notify you about the legal basis on which we process User Personal Information. StackHub processes User Personal Information on the following legal bases:

  • When you create a StackHub account, you provide your name and an email address. We require those data elements for you to enter into the Terms of Service agreement with us, and we process those elements on the basis of performing that contract. StackHub does not collect or process a credit card number, but our third-party payment processor does.
  • If you would like to request erasure of data we process on the basis of consent or object to our processing of personal information, please contact us.

What information StackHub does not collect

If you're a child under the age of 18, you may not have an account on StackHub. StackHub does not knowingly collect information from or direct any of our content specifically to children under 18.

We do not intentionally collect User Personal Information that is stored in your packages. Information in your packages belongs to you, and you are responsible for it, as well as for making sure that your content complies with our Terms of Service. Any personal information within a user's package is the responsibility of the owning organization.

Package contents

StackHub employees do not access private packages unless required to for security reasons, to assist the repository owner with a suppoer matter, or to maintain the integrity of the service. See our Terms of Service for details.

Once you upload a public package, anyone (including us and unaffiliated third parties) may view its contents. If you have included private or sensitive information in your public package, such as email addresses or passwords, that information may be indexed by search engines or used by third parties. In addition, while we do not generally search for content in your repositories, we may scan our servers for certain tokens or security signatures, or for known active malware.

How we share the information we collect

You may indicate, through your actions on StackHub, that you are willing to share your User Personal Information. For example, if you post in any forums we hold.

We do not share, sell, rent, or trade User Personal Information with third parties for their commercial purposes, except where you have specifically told us to (such as by buying from our Marketplace).

We do not host advertising on StackHub. Any advertisements on individual StackHub Pages or in StackHub repositories are not sponsored by, or tracked by, StackHub.

We do not disclose User Personal Information outside StackHub, except in the situations listed in this section or in the section below on Compelled Disclosure.

We do share certain aggregated, non-personally identifying information with others about how our users, collectively, use StackHub. For example, we may compile statistics on the usage of open source packages across StackHub. However, we do not sell this information to advertisers or marketers.

We may share User Personal Information if we are involved in a merger, sale, or acquisition. If any such change of ownership happens, we will ensure that it is under terms that preserve the confidentiality of User Personal Information, and we will notify you on our website or by email before any transfer of your User Personal Information. The organization receiving any User Personal Information will have to honour any promises we have made in our Privacy Statement or in our Terms of Service.

How you can access and control the information we collect

If you're already a StackHub user, you may access, update, alter, or delete your basic user profile information by editing your user profile or contacting StackHub support.

Data retention and deletion of data

Generally, StackHub will retain User Personal Information for as long as your account is active or as needed to provide you services.

We may retain certain User Personal Information indefinitely, unless you delete it or request its deletion. For example, we generally don’t automatically delete inactive user accounts, so unless you choose to delete your account, we will retain your account information indefinitely. We will fulfil account deletion requests within 90 days.

Our use of cookies and tracking

Cookies

StackHub uses cookies to make interactions with our service easy and meaningful. We use cookies (and similar technologies, like HTML5 localStorage) to keep you logged in, remember your preferences, and provide information for future development of StackHub. We also use cookies to identify a device, for security reasons. By using our website, you agree that we can place these types of cookies on your computer or device. If you disable your browser or device’s ability to accept cookies, you will not be able to log in or use StackHub services.

Tracking and analytics

We use third party analytics to help us evaluate our users' use of StackHub; compile statistical reports on activity; and improve our content and website performance.

How StackHub secures your information

StackHub takes all measures reasonably necessary to protect User Personal Information from unauthorized access, alteration, or destruction; maintain data accuracy; and help ensure the appropriate use of User Personal Information.

In the event of a data breach that affects your User Personal Information, we will act promptly to mitigate the impact of a breach and notify any affected users without undue delay.

Transmission of data on StackHub is encrypted using SSH, HTTPS, and SSL/TLS.

No method of transmission, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security.

StackHub's global privacy practices

We store and process the information that we collect in the United States in accordance with this Privacy Statement (our subprocessors may store and process data outside the United States). However, we understand that we have users from different countries and regions with different privacy expectations, and we try to meet those needs even when the United States does not have the same privacy framework as other countries'.

We provide the same standard of privacy protection — as described in this Privacy Statement — to all our users around the world, regardless of their country of origin or location.

In particular:

  • StackHub provides clear methods of unambiguous, informed consent at the time of data collection.
  • We collect only the minimum amount of personal data necessary for our purposes, unless you choose to provide more. We encourage you to only give us the amount of data you are comfortable sharing.
  • We offer you simple methods of accessing, correcting, or deleting the User Personal Information we have collected.
  • We provide our users notice, choice, accountability, security, and access, and we limit the purpose for processing.

How we respond to compelled disclosure

StackHub may disclose personally-identifying information or other information we collect about you to law enforcement in response to a valid subpoena, court order, warrant, or similar government order, or when we believe in good faith that disclosure is reasonably necessary to protect our property or rights, or those of third parties or the public at large.

In complying with court orders and similar legal processes, StackHub strives for transparency. When permitted, we will make a reasonable effort to notify users of any disclosure of their information, unless we are prohibited by law or court order from doing so, or in rare, exigent circumstances.

How we, and others, communicate with you

We will use your email address to communicate with you. StackHub may occasionally send notification emails about new features, requests for feedback, important policy changes, or offer customer support. We also send marketing emails, but only with your consent, if you opt in to our list. There's an unsubscribe link located at the bottom of each of the marketing emails we send you. Please note that you can not opt out of receiving important communications from us, such as mails from our Support team or system emails, but you can configure your notifications settings in your profile.

Resolving complaints

If you have concerns about the way StackHub is handling your User Personal Information, please let us know immediately. We want to help.

We are subject to the jurisdiction of the Federal Trade Commission.

Changes to our Privacy Statement

Although most changes are likely to be minor, we may change our Privacy Statement from time to time. We will provide notification to Users of material changes to this Privacy Statement through our Website by posting a notice on our home page or sending email to the primary email address specified in your StackHub account.