How We Use Your Data
At .git, we process your data to provide a secure, high-performance developer platform. This section details the specific purposes for which we process personal and technical data, the legal bases for processing, and how that data flows through our infrastructure.
We categorize our data usage into five core areas: Service Delivery, Platform Improvement, Communication, Legal Compliance, and Analytics. Each category is detailed below.
Service Provision & Management
Core operations to host, manage, and secure your repositories, CI/CD pipelines, and deployments.
Platform Improvement & Innovation
Aggregated usage patterns and performance metrics to optimize infrastructure and develop new features.
Security & Fraud Prevention
Monitoring access patterns, authenticating users, and detecting anomalous behavior to protect your code.
Communication & Support
Sending transactional alerts, deployment notifications, and responding to support inquiries.
1. Providing and Maintaining Our Services
This is the primary purpose of our platform. We use your data to operate the .git infrastructure and deliver the developer tools you rely on.
- Repository Management: We store and serve your code repositories, including commit history, branches, tags, and diffs.
- CI/CD Pipeline Execution: We process build configurations, test results, and deployment logs to orchestrate automated workflows.
- Access Control: We use user profiles, team memberships, and role definitions to enforce permissions (Read, Write, Admin).
- Authentication: We process SSH keys, OAuth tokens, and session data to verify your identity.
// Example data processed for pipeline execution
{
"pipeline_id: "pl_8f3a9c2"
"repo: "org/my-app"
"trigger: "push"
"environment: "staging"
"artifacts: ["dist/bundle.js],
"duration_ms: 4520
}2. Improving and Developing Features
We analyze aggregated and anonymized data to understand how developers use .git, ensuring we build features that matter and maintaining industry-leading performance.
- Usage Analytics: We track feature adoption rates, workflow patterns, and common errors to prioritize development.
- Performance Monitoring: We collect latency data, cache hit rates, and resource utilization to optimize our global edge network.
- Beta Testing: With explicit consent, we may use your usage data to evaluate new experimental features.
Data Minimization
Analytics data is aggregated and pseudonymized where possible. We do not correlate individual developer behavior with marketing profiles or sell behavioral data to third parties.
3. Security, Compliance, and Fraud Prevention
Protecting the integrity of your codebase and the .git ecosystem is paramount. We process data necessary to detect, prevent, and investigate security incidents.
- Threat Detection: We monitor for suspicious login attempts, unusual API usage, and automated abuse patterns.
- IP Logging: We log IP addresses for rate limiting, geographic access restrictions, and incident response.
- Compliance Auditing: We maintain audit logs of administrative actions to satisfy SOC 2 and ISO 27001 requirements.
4. Communication
We use contact information and preference settings to keep you informed about your projects and the platform.
- Transactional Messages: Deploy status updates, webhook failures, merge request approvals, and password resets.
- Service Announcements: Maintenance windows, deprecation notices, and critical security patches.
- Marketing Communications: With opt-in consent, we send newsletters, feature updates, and event invitations.
5. Legal and Regulatory Obligations
We process data when required by law or legitimate legal interests, including:
- Responding to lawful requests from public authorities (e.g., subpoenas, court orders).
- Enforcing our Terms of Service and acceptable use policies.
- Protecting the rights, property, or safety of .git, our users, or the public.
- Preventing fraud or abuse of our platform.