GitHub Inc.Privacy statement
88 Colin P Kelly Jr StDPA
San Francisco, CA 94107SSC
USAsupport@github.com

Privacy Policy

Hosting
Our host collects the following data in so-called log files, which your browser transmits:

IP address, the address of the previously visited website (Referer request header), date and time of the request, time zone difference to Greenwich Mean Time, content of the request, HTTP status code, amount of data transferred, website from which the request comes and information about browser and operating system.

This is necessary to display our website and to ensure stability and security. This corresponds to our legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR.

There is no tracking and we do not have direct access to this data, but only receive an anonymized, statistical summary. This includes the address of the previously visited page, the frequency of the pages accessed and the number of unique visitors. We do not combine this data with other data.

We use the following host for providing our website:

GitHub Inc.
88 Colin P Kelly Jr St
San Francisco, CA 94107
United States

This is the recipient of your personal data. This corresponds to our legitimate interest within the meaning of Art. 6 para. 1 sentence 1 lit. f GDPR not to have to keep a server in our premises. The server location is USA.

Further information on objection and elimination options against GitHub can be found at: https://docs.github.com/en/free-pro-team@latest/github/site-policy/github-privacy-statement#github-pages

You have the right to object to processing. Whether the objection is successful is determined within the framework of a balancing of interests.

The data will be deleted as soon as the purpose of processing ceases.

The processing of the data specified in this section is neither legally nor contractually required. The functionality of the website is not guaranteed without processing.

GitHub has implemented compliance measures for international data transfers. These apply to all worldwide activities where GitHub processes personal data from natural persons in the EU. These measures are based on EU standard contractual clauses (SCCs). Further information can be found at: https://docs.github.com/en/free-pro-team@latest/github/site-policy/github-data-protection-addendum#attachment-1–the-standard-contractual-clauses-processors

In principle, a contract for order processing must be concluded with the host. The Bavarian State Office for Data Protection Supervision has made an exception for hosting purely static websites. In case that the website serves self-presentation, e.g. by associations or small businesses, no personal data flows to the operator and no tracking takes place, there is no order processing. Furthermore it says: “The fact that even when hosting static websites IP addresses, i.e. personal data, must inevitably be processed does not lead to the assumption of order processing. That would not be appropriate. The (short-term) storage of IP addresses is rather still attributable to TK access mediation by the website host according to TKG and serves primarily security purposes of the host.” (https://www.lda.bayern.de/media/FAQ_Hosting_keine_Auftragsverarbeitung.pdf) We assume that this exception applies to GitHub Pages.