# AI Stack GRC Compliance Report — 2 platforms - Generated: 2026-06-14T10:18:02.032Z - Source: AIRIN verified findings (gate-verified, verbatim-cited, SHA-256-anchored) > Automated assessment against a published rubric — not legal advice. ## Stack summary | Platform | Headline risk | Verified findings | Dealbreakers | |---|---|---|---| | GitHub Copilot | HIGH | 671 | Third-party sublicensing | | Tabnine | UNKNOWN | 187 | none detected | --- # GRC Risk Assessment — GitHub Copilot - Platform: **GitHub Copilot** (github-copilot) - Headline risk rating: **HIGH** - Website: https://github.com/features/copilot - Generated: 2026-06-14T10:18:02.032Z - Findings (verified, published): **671** > Every assertion is anchored to a verbatim quote with a SHA-256 snapshot hash and a Wayback archive URL for independent verification. Informational only; not legal advice. ## Control crosswalk (NIST AI RMF 1.0 + ISO/IEC 42001) | Surface | Risk | Confidence | NIST AI RMF | ISO/IEC 42001 | |---|---|---|---|---| | training use | high | medium | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | high | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | high | medium | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | high | low | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | high | low | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | medium | medium | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | medium | medium | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | low | medium | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | low | medium | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | low | medium | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | medium | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | ambiguous | low | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | medium | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | prompt ownership | high | high | MAP-2.3 (input data rights) | ISO 42001 A.7.2 (data acquisition) | | prompt ownership | medium | medium | MAP-2.3 (input data rights) | ISO 42001 A.7.2 (data acquisition) | | prompt ownership | unknown | high | MAP-2.3 (input data rights) | ISO 42001 A.7.2 (data acquisition) | | prompt ownership | unknown | high | MAP-2.3 (input data rights) | ISO 42001 A.7.2 (data acquisition) | | prompt ownership | unknown | high | MAP-2.3 (input data rights) | ISO 42001 A.7.2 (data acquisition) | | prompt ownership | unknown | high | MAP-2.3 (input data rights) | ISO 42001 A.7.2 (data acquisition) | | prompt ownership | unknown | high | MAP-2.3 (input data rights) | ISO 42001 A.7.2 (data acquisition) | | prompt ownership | unknown | high | MAP-2.3 (input data rights) | ISO 42001 A.7.2 (data acquisition) | | prompt ownership | unknown | high | MAP-2.3 (input data rights) | ISO 42001 A.7.2 (data acquisition) | | prompt ownership | unknown | high | MAP-2.3 (input data rights) | ISO 42001 A.7.2 (data acquisition) | | prompt ownership | unknown | high | MAP-2.3 (input data rights) | ISO 42001 A.7.2 (data acquisition) | | prompt ownership | unknown | high | MAP-2.3 (input data rights) | ISO 42001 A.7.2 (data acquisition) | | output ownership | medium | medium | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | medium | low | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | low | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | low | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | ambiguous | low | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | medium | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | medium | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | medium | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | commercial use | medium | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | ambiguous | low | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | medium | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | medium | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | medium | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | ambiguous | low | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | privacy data use | high | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | medium | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | medium | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | medium | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | medium | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | medium | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | medium | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | medium | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | medium | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | medium | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | medium | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | medium | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | medium | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | medium | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | medium | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | medium | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | medium | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | medium | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | low | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | low | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | data retention | medium | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | medium | medium | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | medium | medium | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | medium | medium | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | medium | medium | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | low | medium | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | subprocessors data sharing | high | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | high | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | high | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | high | medium | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | high | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | medium | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | medium | medium | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | medium | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | medium | medium | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | medium | medium | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | medium | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | medium | medium | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | low | medium | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | medium | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | ambiguous | low | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | audit rights dpa residency | medium | low | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | medium | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | low | medium | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | low | medium | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | ambiguous | low | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | indemnity liability | high | medium | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | high | medium | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | high | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | high | medium | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | high | medium | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | high | medium | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | high | medium | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | high | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | medium | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | medium | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | confidentiality | medium | medium | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | medium | medium | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | medium | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | medium | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | ambiguous | low | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | governing law disputes | medium | low | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | medium | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | low | medium | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | medium | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | medium | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | moderation enforcement | high | medium | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | medium | medium | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | low | medium | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | low | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | low | medium | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | medium | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | medium | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | medium | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | medium | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | medium | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | medium | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | medium | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | medium | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | tier differences | high | low | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | high | low | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | high | low | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | medium | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | medium | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | medium | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | medium | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | medium | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | medium | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | medium | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | medium | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | medium | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | low | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | low | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | low | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | low | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | low | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | low | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | low | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | low | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | low | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | low | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | medium | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | ## Evidence (verbatim, with provenance) ### training use — risk high > In addition, for Individual subscribers only: GitHub may use Copilot interaction data — including prompts (inputs), s uggestions (outputs), and code snippets generated during Copilot sessions — to train and improve AI models. This training helps improve code suggestions for all Copilot users. Individual subscribers can opt out of having their data used for AI model training at any time through https://github.com/settings/copilot/features . Opting out does not affect your access to Copilot features. - Interpretation (disclaimed): Default opt-in to training use of all interaction data including inputs and outputs is a significant risk for Individual tier users. The opt-out mechanism mitigates risk only if exercised. Paid enterprise users are fully excluded. - Tier: Free - Location: “How does GitHub use the Copilot data from Individual (Free/Pro/Pro+) Subscribers?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=In%20addition%2C%20for%20Individual,access%20to%20Copilot%20features. ### training use — risk high > The opt-out right described in this section applies solely to the use of your Inputs and Outputs as described in this section, and does not apply to the license granted in Sections D.4-D.8 or to any Content that does not constitute Input or Output (including Content stored in public repositories). - Interpretation (disclaimed): This clause severely limits the practical scope of the training opt-out. Any content outside the narrow Input/Output definition—including all public repository content—remains available to GitHub under other license grants, creating significant residual data-use risk. - Tier: All - Location: § 3 (Development and Improvement Using Your Input and Output) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=The%20opt-out%20right%20described,stored%20in%20public%20repositories). ### training use — risk high > Starting on April 24, GitHub may also use interactions from users with a Copilot Free, Copilot Pro, and Copilot Pro+ subscription - including inputs, outputs, code snippets, and associated context - to train and improve our AI models unless they have opted out. This allows us to build more intelligent, context-aware coding assistance for a more diverse set of coding tasks based on real-world development patterns. Users were notified 30 days before the change went into effect and can opt out from allowing their data to be used for training in their GitHub account settings at any time. - Interpretation (disclaimed): Opt-out-by-default training use of user content (including prompts/code) creates IP, confidentiality, and data-privacy risk for individual users who have not actively opted out. Sensitive proprietary code submitted to Copilot by Free/Pro/Pro+ users may be used to train shared models. The opt-out mechanism mitigates but does not eliminate risk if users are unaware. - Tier: Free - Location: “What data has GitHub Copilot been trained on?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=Starting%20on%20April%2024%2C,settings%20at%20any%20time. ### training use — risk high > Legitimate Interests: We process data for purposes that are in our legitimate interests, such as securing our Services, communicating with you, and developing and improving our Services, which include artificial intelligence and machine learning technologies. - Interpretation (disclaimed): This clause explicitly includes 'artificial intelligence and machine learning technologies' within the scope of 'developing and improving our Services,' meaning user data can be used for AI/ML training or improvement under the legitimate interests lawful basis. - Tier: All - Location: Privacy Policy › “Lawful Bases for Processing Personal Data (Applicable to EEA and UK End Users)” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=Legitimate%20Interests%3A%20We%20process,and%20machine%20learning%20technologies. ### training use — risk high > Product Development and Improvement: We use Personal Data to develop and improve our products, services, and technologies, including artificial intelligence and machine learning technologies. This includes improving features, developing new offerings, enhancing safety and security capabilities, and training models. We apply appropriate technical safeguards, including aggregation and de-identification techniques where feasible, to protect your privacy while enabling these improvements. - Interpretation (disclaimed): This clause grants GitHub broad rights to use collected Personal Data — including code, prompts, and AI outputs — for model training. The 'where feasible' qualifier on technical safeguards weakens the privacy protection offered. - Tier: All - Location: Privacy Policy › “Processing Purposes: How We Use Your Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=Product%20Development%20and%20Improvement%3A,while%20enabling%20these%20improvements. ### training use — risk medium > You also grant GitHub and its Affiliates a license to collect and use your Inputs and Outputs to develop, train and improve artificial intelligence and machine learning models and technologies including those that power AI Features, unless (a) you opt out through your account settings, or (b) your use of the Service is governed by a GitHub Customer Agreement or volume licensing agreement. If you opt out, GitHub will not collect or use your Inputs and Outputs for the purposes described in this paragraph from the effective date of your opt-out going forward. - Interpretation (disclaimed): Default opt-in to training use is a medium risk for individual users. The opt-out is prospective only (no retroactive deletion of already-used data). Enterprise and volume-license customers are exempt from this section entirely, highlighting a meaningful tier difference. - Tier: Free - Location: § 3 (Development and Improvement Using Your Input and Output) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=You%20also%20grant%20GitHub,your%20opt-out%20going%20forward. ### training use — risk medium > Unless you opt out, GitHub's Affiliates may use your Inputs and Outputs under this license in accordance with their applicable privacy and contractual obligations. This license does not, however, permit GitHub or its Affiliates to share your Inputs or Outputs with third-party AI model providers for their own independent model training purposes. The license in this Section J.3 is in addition to, and does not limit, the rights granted to GitHub and its Affiliates under Sections D.4 and D.8. This license does not extend to Your Content stored in repositories that are not provided as Input to an AI Feature. - Interpretation (disclaimed): The carve-out that the J.3 license is 'in addition to, and does not limit' rights under D.4 and D.8 means the opt-out provides only partial protection. Users may believe they have fully opted out of data use for AI purposes when in fact other license grants persist. - Tier: Free - Location: § 3 (Development and Improvement Using Your Input and Output) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=Unless%20you%20opt%20out%2C,to%20an%20AI%20Feature. ### training use — risk low > No. GitHub does not use either Copilot Business or Enterprise data to train its models. - Interpretation (disclaimed): Clear contractual/policy commitment that Business and Enterprise tier data is excluded from model training. Low risk for those tiers. - Tier: Enterprise - Location: “Does GitHub use Copilot Business or Enterprise data to train GitHub’s model?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=No.%20GitHub%20does%20not,to%20train%20its%20models. ### training use — risk low > Data excluded from training by default Free plan Included Pro plan Included Pro+ plan Included Max plan Included - Interpretation (disclaimed): The feature table indicates that user data is excluded from model training by default for all listed individual tiers. This mitigates training-use risk, but the operative scope and any exceptions would be governed by the full Terms of Service and Privacy Statement, which are not reproduced in this document. - Tier: All - Location: “Data excluded from training by default” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=Data%20excluded%20from%20training,Included%20Max%20plan%20Included ### training use — risk low > Does GitHub use Copilot Business or Enterprise data to train GitHub’s model? ### No. GitHub does not use either Copilot Business or Enterprise data to train its models. - Interpretation (disclaimed): GitHub explicitly commits not to use Business or Enterprise subscriber data for model training, which meaningfully lowers training-use risk for paid organizational tiers. - Tier: Paid - Location: “Does GitHub use Copilot Business or Enterprise data to train GitHub’s model?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=Does%20GitHub%20use%20Copilot,to%20train%20its%20models. ### training use — risk unknown > You grant GitHub and our Affiliates the right to store, host, archive, parse, display, and make copies of Your Content as necessary to provide, develop, and improve the Service, including by training AI Features, and for the purpose of training, developing, and improving artificial intelligence and machine learning models and technologies of our Affiliates. This license includes the right to do things like copy it to our database and make backups; show it to you and other Users; parse it into a search index or otherwise analyze it on our servers; share it with other Users; and perform it, in case Your Content is something like music or video. For the avoidance of doubt, use of Your Content to develop, train, and improve artificial intelligence and machine learning models and technologies of GitHub and our Affiliates is within the scope of this license and does not constitute a sale or other restricted transfer of Your Content. - Interpretation (disclaimed): Grants GitHub and its Affiliates an explicit right to use user content for training AI Features and developing machine learning models, including storing, hosting, parsing, and copying content to databases for these purposes. - Tier: All - Location: § 4 (License Grant to Us) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20grant%20GitHub,transfer%20of%20Your%20Content. ### training use — risk unknown > By using automated means to access, collect, or otherwise use (“Access”) any publicly accessible Content from the Service for the purpose of developing or training any commercially available artificial intelligence model, machine learning system, or similar technology (a "Commercial AI System"), you hereby waive any and all policies, terms, conditions, or contractual provisions governing products, services, websites or datasets you own or operate that would otherwise prohibit, restrict, or place conditions upon GitHub's Access to any publicly accessible data, information or content associated with your products or services, including for the purpose of developing or training any Commercial AI System. You further agree not to impose technical or other targeted measures to restrict or retaliate against such Access. - Interpretation (disclaimed): Imposes a reciprocity waiver obligation on entities that use automated means to access GitHub public content for training commercial AI systems, requiring them to waive any policies that would restrict GitHub's access to their own publicly accessible data. - Tier: All - Location: § 9 (Access Reciprocity) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20By%20using%20automated,retaliate%20against%20such%20Access. ### training use — risk unknown > This section applies to all AI Features unless a specific feature has additional terms that expressly modify them. The training and data-use provisions in Section J.3 apply only to individual licenses. If your use of the Service is governed by a GitHub Customer Agreement or volume licensing agreement, those agreements govern the use of your data in connection with AI Features and Section J.3 does not apply to you. - Interpretation (disclaimed): Defines the applicability scope of the AI Features section: Section J applies to all AI Features unless otherwise modified; the training and data-use provisions of J.3 apply only to individual licenses; users governed by a GitHub Customer Agreement or volume licensing agreement are excluded from J.3, and those agreements govern instead. - Tier: All - Location: § 1 (Applicability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20This%20section%20applies,not%20apply%20to%20you. ### training use — risk unknown > Unless you opt out, GitHub's Affiliates may use your Inputs and Outputs under this license in accordance with their applicable privacy and contractual obligations. This license does not, however, permit GitHub or its Affiliates to share your Inputs or Outputs with third-party AI model providers for their own independent model training purposes. - Interpretation (disclaimed): Permits GitHub's Affiliates to use Inputs and Outputs under the license in accordance with their privacy and contractual obligations, but expressly restricts GitHub and its Affiliates from sharing Inputs or Outputs with third-party AI model providers for those providers' independent model training purposes. - Tier: All - Location: § 3 (Development and Improvement Using Your Input and Output) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Unless%20you%20opt,independent%20model%20training%20purposes. ### training use — risk unknown > The opt-out right described in this section applies solely to the use of your Inputs and Outputs as described in this section, and does not apply to the license granted in Sections D.4-D.8 or to any Content that does not constitute Input or Output (including Content stored in public repositories). - Interpretation (disclaimed): Defines the scope of the opt-out right as limited solely to the data uses described in Section J.3, expressly excluding its application to the licenses in Sections D.4–D.8 and to Content not constituting Input or Output (including public repository content). - Tier: All - Location: § 3 (Development and Improvement Using Your Input and Output) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20The%20opt-out%20right,stored%20in%20public%20repositories). ### training use — risk unknown > By using automated means to access, collect, or otherwise use (“Access”) any publicly accessible Content from the Service for the purpose of developing or training any commercially available artificial intelligence model, machine learning system, or similar technology (a "Commercial AI System"), you hereby waive any and all policies, terms, conditions, or contractual provisions governing products, services, websites or datasets you own or operate that would otherwise prohibit, restrict, or place conditions upon GitHub's Access to any publicly accessible data, information or content associated with your products or services, including for the purpose of developing or training any Commercial AI System. You further agree not to impose technical or other targeted measures to restrict or retaliate against such Access. - Interpretation (disclaimed): Carves out exceptions to the access reciprocity waiver obligation for purely academic research purposes or for operators whose products have fewer than 700 million monthly active users, and provides an affiliate-inclusive definition of 'you' for purposes of this section. - Tier: All - Location: § 9 (Access Reciprocity) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20By%20using%20automated,retaliate%20against%20such%20Access. ### training use — risk unknown > You may choose to enable additional access to your private repositories. For example: - Interpretation (disclaimed): Establishes that when users provide private repository content as input to AI Features, GitHub may use that input to provide, develop, train, and improve the Service including AI Features, subject to the user's opt-out rights under Section J.3, and restricts GitHub from otherwise using private repository contents for service development or improvement. - Tier: All - Location: § 3 (Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20may%20choose,private%20repositories.%20For%20example%3A ### training use — risk unknown > We use your Inputs to generate Outputs and provide the AI Features. You also grant GitHub and its Affiliates a license to collect and use your Inputs and Outputs to develop, train and improve artificial intelligence and machine learning models and technologies including those that power AI Features, unless (a) you opt out through your account settings, or (b) your use of the Service is governed by a GitHub Customer Agreement or volume licensing agreement. If you opt out, GitHub will not collect or use your Inputs and Outputs for the purposes described in this paragraph from the effective date of your opt-out going forward. - Interpretation (disclaimed): Grants GitHub and its Affiliates a license to collect and use users' Inputs and Outputs to develop, train, and improve AI and machine learning models, subject to opt-out through account settings or enterprise agreement override; establishes the opt-out mechanism and its effective date. - Tier: All - Location: § 3 (Development and Improvement Using Your Input and Output) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20We%20use%20your,your%20opt-out%20going%20forward. ### training use — risk unknown > Unless you opt out, GitHub's Affiliates may use your Inputs and Outputs under this license in accordance with their applicable privacy and contractual obligations. This license does not, however, permit GitHub or its Affiliates to share your Inputs or Outputs with third-party AI model providers for their own independent model training purposes. - Interpretation (disclaimed): Permits GitHub's Affiliates to use Inputs and Outputs under the training license subject to their privacy and contractual obligations, but explicitly restricts GitHub and Affiliates from sharing Inputs or Outputs with third-party AI model providers for their own independent model training. - Tier: All - Location: § 3 (Development and Improvement Using Your Input and Output) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Unless%20you%20opt,independent%20model%20training%20purposes. ### training use — risk unknown > GitHub Copilot is trained on all languages that appear in public repositories. For each language, the quality of suggestions you receive may depend on the volume and diversity of training data for that language. For example, JavaScript is well-represented in public repositories and is one of GitHub Copilot’s best supported languages. Languages with less representation in public repositories may produce fewer or less robust suggestions. GitHub Copilot is available as an extension in Visual Studio Code, Visual Studio, Vim, Neovim, the JetBrains suite of IDEs, and Azure Data Studio. Although inline suggestion functionality is available across all these extensions, chat functionality is currently available only in Visual Studio Code, JetBrains, and Visual Studio. GitHub Copilot is also supported in terminals through GitHub CLI and as a chat integration in Windows Terminal Canary. With the GitHub Copilot Enterprise plan, GitHub Copilot is natively integrated into GitHub.com. All plans are supported in GitHub Copilot in GitHub Mobile. GitHub Mobile for Copilot Pro and Copilot Business have access to Bing and public repository code search. Copilot Enterprise in GitHub Mobile gives you additional access to your organization's knowledge. - Interpretation (disclaimed): Segment describes the training data sources for GitHub Copilot (public repositories and code), explains how suggestion quality varies by language representation, and identifies supported IDE integrations; the reference to training on public repository data is legally operative context for the training_use surface. - Tier: All - Location: “What languages, IDEs, and platforms does GitHub Copilot support?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20is,to%20your%20organization%26%23x27%3Bs%20knowledge. ### training use — risk unknown > GitHub Copilot is powered by generative AI models developed by GitHub, OpenAI, and Microsoft. It has been trained on natural language text and source code from publicly available sources, including code in public repositories on GitHub. Starting on April 24, GitHub may also use interactions from users with a Copilot Free, Copilot Pro, and Copilot Pro+ subscription - including inputs, outputs, code snippets, and associated context - to train and improve our AI models unless they have opted out. This allows us to build more intelligent, context-aware coding assistance for a more diverse set of coding tasks based on real-world development patterns. Users were notified 30 days before the change went into effect and can opt out from allowing their data to be used for training in their GitHub account settings at any time. - Interpretation (disclaimed): Segment discloses that GitHub Copilot has been trained on public repository data and specifies that starting April 24, GitHub may use interactions (inputs, outputs, code snippets, and context) from Free, Pro, and Pro+ subscribers to train and improve AI models unless users opt out, establishing a conditional data use obligation and an opt-out right that is operative for the training_use surface. - Tier: All - Location: “What data has GitHub Copilot been trained on?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20is,at%20any%20time.%20 ### training use — risk unknown > GitHub Copilot is trained on all languages that appear in public repositories. For each language, the quality of suggestions you receive may depend on the volume and diversity of training data for that language. For example, JavaScript is well-represented in public repositories and is one of GitHub Copilot’s best supported languages. Languages with less representation in public repositories may produce fewer or less robust suggestions. GitHub Copilot is available as an extension in Visual Studio Code, Visual Studio, Vim, Neovim, the JetBrains suite of IDEs, and Azure Data Studio. Although inline suggestion functionality is available across all these extensions, chat functionality is currently available only in Visual Studio Code, JetBrains, and Visual Studio. GitHub Copilot is also supported in terminals through GitHub CLI and as a chat integration in Windows Terminal Canary. With the GitHub Copilot Enterprise plan, GitHub Copilot is natively integrated into GitHub.com. All plans are supported in GitHub Copilot in GitHub Mobile. GitHub Mobile for Copilot Pro and Copilot Business have access to Bing and public repository code search. Copilot Enterprise in GitHub Mobile gives you additional access to your organization's knowledge. - Interpretation (disclaimed): Defines the training data composition of GitHub Copilot (public repositories across languages), which is directly relevant to understanding the scope of training-use practices and the basis for IP and output-quality representations. - Tier: All - Location: “What languages, IDEs, and platforms does GitHub Copilot support?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20is,to%20your%20organization%26%23x27%3Bs%20knowledge. ### training use — risk unknown > No. GitHub does not use either Copilot Business or Enterprise data to train its models. - Interpretation (disclaimed): Explicitly states that GitHub does not use Copilot Business or Enterprise data to train its models, establishing a binding restriction against training use for those tiers. - Tier: All - Location: “Does GitHub use Copilot Business or Enterprise data to train GitHub’s model?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20No.%20GitHub%20does,train%20its%20models.%20 ### training use — risk ambiguous > J. AI Features, Training, and Your Data These are the terms that apply to GitHub Copilot and other AI features, including how your data may be used for development and improvement of the artificial intelligence and machine learning models, and the controls available to you. - Interpretation (disclaimed): The summary table confirms training use of user data is addressed in Section J, which is missing from the provided excerpt. This is a material risk surface that users of Copilot and other AI features must review in Section J directly. - Tier: All - Location: Article I - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=J.%20AI%20Features%2C%20Training%2C,controls%20available%20to%20you. ### training use — risk unknown > The license in this Section J.3 is in addition to, and does not limit, the rights granted to GitHub and its Affiliates under Sections D.4 and D.8. This license does not extend to Your Content stored in repositories that are not provided as Input to an AI Feature. - Interpretation (disclaimed): States that the Section J.3 license is additive to rights granted under Sections D.4 and D.8 and does not extend to Content stored in repositories not provided as Input to an AI Feature, cross-referencing and incorporating other license provisions. - Tier: All - Location: § 3 (Development and Improvement Using Your Input and Output) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20The%20license%20in,to%20an%20AI%20Feature. ### training use — risk unknown > The opt-out right described in this section applies solely to the use of your Inputs and Outputs as described in this section, and does not apply to the license granted in Sections D.4-D.8 or to any Content that does not constitute Input or Output (including Content stored in public repositories). - Interpretation (disclaimed): Limits the scope of the opt-out right to uses described in Section J.3, clarifying it does not affect licenses granted under Sections D.4–D.8 or Content not constituting Input or Output such as content in public repositories. - Tier: All - Location: § 3 (Development and Improvement Using Your Input and Output) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20The%20opt-out%20right,stored%20in%20public%20repositories). ### training use — risk unknown > By choosing to contribute Content to a public repository, you are choosing to and directing us to make such Content accessible to everyone on the internet. Unless specifically set forth herein, these Terms do not restrict lawful access to or use of the contents of public repositories by third parties, or by GitHub or its Affiliates. - Interpretation (disclaimed): Section header for access reciprocity, serving as a structural incorporation reference for the conditional waiver terms applicable to entities using GitHub's public content for commercial AI training purposes. - Tier: All - Location: § 8 (Public Repositories and Lawful Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20By%20choosing%20to,GitHub%20or%20its%20Affiliates. ### training use — risk unknown > This section applies to all AI Features unless a specific feature has additional terms that expressly modify them. The training and data-use provisions in Section J.3 apply only to individual licenses. If your use of the Service is governed by a GitHub Customer Agreement or volume licensing agreement, those agreements govern the use of your data in connection with AI Features and Section J.3 does not apply to you. - Interpretation (disclaimed): Defines the applicability of Section J's AI training and data-use provisions, creating an exception for enterprise users governed by a GitHub Customer Agreement or volume licensing agreement, under which Section J.3 does not apply and those agreements control data use. - Tier: All - Location: § 1 (Applicability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20This%20section%20applies,not%20apply%20to%20you. ### training use — risk unknown > "AI Feature" means any feature of GitHub or our Affiliates that uses machine learning or artificial intelligence to generate Output, including GitHub Copilot, Copilot Autofix, and any other feature identified as using machine learning or artificial intelligence in our documentation. - Interpretation (disclaimed): Defines 'AI Feature' as any GitHub or Affiliate feature using machine learning or artificial intelligence to generate Output, including named products like GitHub Copilot; this definition scopes which features are subject to AI-specific training and data use terms. - Tier: All - Location: § A (Definitions) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20%22AI%20Feature%22%20means,intelligence%20in%20our%20documentation. ### training use — risk unknown > J. AI Features, Training, and Your Data These are the terms that apply to GitHub Copilot and other AI features, including how your data may be used for development and improvement of the artificial intelligence and machine learning models, and the controls available to you. - Interpretation (disclaimed): Summary entry describing AI Features, Training, and Your Data section; explicitly incorporates by reference the terms governing GitHub Copilot and other AI features including how user data may be used for AI/ML model development and improvement, and user controls available. - Tier: All - Location: Article I - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20J.%20AI%20Features%2C,available%20to%20you.%20 ### training use — risk unknown > You grant GitHub and our Affiliates the right to store, host, archive, parse, display, and make copies of Your Content as necessary to provide, develop, and improve the Service, including by training AI Features, and for the purpose of training, developing, and improving artificial intelligence and machine learning models and technologies of our Affiliates. This license includes the right to do things like copy it to our database and make backups; show it to you and other Users; parse it into a search index or otherwise analyze it on our servers; share it with other Users; and perform it, in case Your Content is something like music or video. For the avoidance of doubt, use of Your Content to develop, train, and improve artificial intelligence and machine learning models and technologies of GitHub and our Affiliates is within the scope of this license and does not constitute a sale or other restricted transfer of Your Content. - Interpretation (disclaimed): Grants GitHub and its Affiliates an explicit license to store, host, archive, parse, display, copy, and use user content for providing and improving the Service, including specifically for training AI features and developing AI/ML models, constituting a broad permission for training use of user content. - Tier: All - Location: § 4 (License Grant to Us) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20grant%20GitHub,transfer%20of%20Your%20Content. ### training use — risk unknown > This Section D.9 does not apply to Access solely for the purpose of academic research or if, on the date you Access the Content, the number of monthly active users of the products or services made available by you is less than 700 million in the preceding calendar month. For the purposes of this Section, "you" shall refer to you and any entity that directly or indirectly controls, is controlled by, or is under common control with you (affiliates). - Interpretation (disclaimed): Carves out exceptions to the access reciprocity obligation for academic research and for operators whose products have fewer than 700 million monthly active users, and defines 'you' to include affiliates under common control. - Tier: All - Location: § 9 (Access Reciprocity) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20This%20Section%20D.9,control%20with%20you%20(affiliates). ### training use — risk unknown > J. AI Features, Training, and Your Data These are the terms that apply to GitHub Copilot and other AI features, including how your data may be used for development and improvement of the artificial intelligence and machine learning models, and the controls available to you. - Interpretation (disclaimed): Summary entry for Section J explicitly describes terms governing AI features and training use of user data, including how data may be used for development and improvement of AI/ML models and available controls; cross-reference incorporating training-use and privacy-data-use obligations. - Tier: All - Location: Article I - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20J.%20AI%20Features%2C,available%20to%20you.%20 ### training use — risk unknown > "AI Feature" means any feature of GitHub or our Affiliates that uses machine learning or artificial intelligence to generate Output, including GitHub Copilot, Copilot Autofix, and any other feature identified as using machine learning or artificial intelligence in our documentation. - Interpretation (disclaimed): Defines 'AI Feature' as any GitHub or Affiliate feature using machine learning or artificial intelligence to generate Output, including GitHub Copilot; this definition scopes which features are subject to AI-related data-use and training-use provisions throughout the agreement. - Tier: All - Location: § A (Definitions) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20%22AI%20Feature%22%20means,intelligence%20in%20our%20documentation. ### training use — risk unknown > The license in this Section J.3 is in addition to, and does not limit, the rights granted to GitHub and its Affiliates under Sections D.4 and D.8. This license does not extend to Your Content stored in repositories that are not provided as Input to an AI Feature. - Interpretation (disclaimed): States that the Section J.3 license is in addition to rights in Sections D.4 and D.8 and does not limit them; also clarifies that the license does not extend to Content stored in repositories not provided as Input, thereby defining the boundaries of the training license. - Tier: All - Location: § 3 (Development and Improvement Using Your Input and Output) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20The%20license%20in,to%20an%20AI%20Feature. ### training use — risk unknown > If you provide your private repository content as Input to AI Features, we may use that Input to provide, develop, train, and improve the Service, including AI Features. Your ability to opt out under Section J.3 applies to this use of private repository content. We will not otherwise use your private repository contents to develop or improve the Service. - Interpretation (disclaimed): Permits GitHub to use private repository content submitted as input to AI Features for training and improving the Service and AI Features, subject to the user's opt-out right under Section J.3, and restricts other uses of private repository content for service improvement. - Tier: All - Location: § 3 (Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20If%20you%20provide,or%20improve%20the%20Service. ### training use — risk unknown > We use your Inputs to generate Outputs and provide the AI Features. You also grant GitHub and its Affiliates a license to collect and use your Inputs and Outputs to develop, train and improve artificial intelligence and machine learning models and technologies including those that power AI Features, unless (a) you opt out through your account settings, or (b) your use of the Service is governed by a GitHub Customer Agreement or volume licensing agreement. If you opt out, GitHub will not collect or use your Inputs and Outputs for the purposes described in this paragraph from the effective date of your opt-out going forward. - Interpretation (disclaimed): Grants GitHub and its Affiliates a license to collect and use user Inputs and Outputs to develop, train, and improve AI and ML models, subject to opt-out through account settings or exclusion under a Customer Agreement or volume licensing agreement; specifies that the opt-out is effective from the date it is exercised. - Tier: All - Location: § 3 (Development and Improvement Using Your Input and Output) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20We%20use%20your,your%20opt-out%20going%20forward. ### training use — risk unknown > GitHub uses the Copilot data from Individual subscribers for all the operational purposes described above for Business/Enterprise subscribers. In addition, for Individual subscribers only: GitHub may use Copilot interaction data — including prompts (inputs), s uggestions (outputs), and code snippets generated during Copilot sessions — to train and improve AI models. This training helps improve code suggestions for all Copilot users. Individual subscribers can opt out of having their data used for AI model training at any time through https://github.com/settings/copilot/features . Opting out does not affect your access to Copilot features. For details on GitHub's data processing activities as a controller, particularly for Copilot Free, Copilot Pro, and Copilot Pro customers, refer to the GitHub Terms of Service and the GitHub Privacy Statement. - Interpretation (disclaimed): This segment grants GitHub permission to use Individual subscribers' Copilot interaction data—including prompts, suggestions, and code snippets—for AI model training, and specifies that Individual subscribers may opt out of this training use at any time, distinguishing Individual from Business/Enterprise treatment. - Tier: All - Location: “How does GitHub use the Copilot data from Individual (Free/Pro/Pro+) Subscribers?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20uses%20the,GitHub%20Privacy%20Statement.%20 ### training use — risk unknown > Feedback Data: This comprises real-time user feedback, including reactions (e.g., thumbs up/down) and optional comments, along with feedback from support tickets. - Interpretation (disclaimed): Section header introducing the question of whether GitHub uses Copilot Business or Enterprise data to train its models, framing the restriction confirmed in the next segment. - Tier: All - Location: “What personal data does GitHub Copilot process?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Feedback%20Data%3A%20This,feedback%20from%20support%20tickets. ### training use — risk unknown > GitHub uses the Copilot data from Individual subscribers for all the operational purposes described above for Business/Enterprise subscribers. In addition, for Individual subscribers only: GitHub may use Copilot interaction data — including prompts (inputs), s uggestions (outputs), and code snippets generated during Copilot sessions — to train and improve AI models. This training helps improve code suggestions for all Copilot users. Individual subscribers can opt out of having their data used for AI model training at any time through https://github.com/settings/copilot/features . Opting out does not affect your access to Copilot features. For details on GitHub's data processing activities as a controller, particularly for Copilot Free, Copilot Pro, and Copilot Pro customers, refer to the GitHub Terms of Service and the GitHub Privacy Statement. - Interpretation (disclaimed): This segment grants GitHub permission to use Copilot interaction data — including prompts, suggestions, and code snippets — from Individual subscribers to train and improve AI models, while also establishing a right for users to opt out of such training use, and distinguishing this practice as exclusive to Individual subscribers versus Business/Enterprise tiers. - Tier: All - Location: “How does GitHub use the Copilot data from Individual (Free/Pro/Pro+) Subscribers?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20uses%20the,GitHub%20Privacy%20Statement.%20 ### training use — risk unknown > GitHub Copilot is powered by generative AI models developed by GitHub, OpenAI, and Microsoft. It has been trained on natural language text and source code from publicly available sources, including code in public repositories on GitHub. Starting on April 24, GitHub may also use interactions from users with a Copilot Free, Copilot Pro, and Copilot Pro+ subscription - including inputs, outputs, code snippets, and associated context - to train and improve our AI models unless they have opted out. This allows us to build more intelligent, context-aware coding assistance for a more diverse set of coding tasks based on real-world development patterns. Users were notified 30 days before the change went into effect and can opt out from allowing their data to be used for training in their GitHub account settings at any time. - Interpretation (disclaimed): Discloses that GitHub may use interactions (inputs, outputs, code snippets, context) from Free, Pro, and Pro+ subscribers to train and improve AI models unless users opt out, establishing the opt-out mechanism and the scope of training-use data collection as a conditional obligation on GitHub. - Tier: All - Location: “What data has GitHub Copilot been trained on?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20is,at%20any%20time.%20 ### training use — risk unknown > Product Development and Improvement: We use Personal Data to develop and improve our products, services, and technologies, including artificial intelligence and machine learning technologies. This includes improving features, developing new offerings, enhancing safety and security capabilities, and training models. We apply appropriate technical safeguards, including aggregation and de-identification techniques where feasible, to protect your privacy while enabling these improvements. - Interpretation (disclaimed): This segment explicitly permits GitHub to use personal data for product development and improvement including training AI and machine learning models, with a noted procedural safeguard of aggregation and de-identification where feasible, making it an operative permission for AI training use of user data. - Tier: All - Location: Privacy Policy › “Processing Purposes: How We Use Your Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Product%20Development%20and,while%20enabling%20these%20improvements. ### prompt ownership — risk high > If you choose to give us any ideas, know-how, algorithms, code contributions, suggestions, enhancement requests, recommendations or any other feedback for our products or services (collectively, “Feedback”), you acknowledge and agree that GitHub will have a royalty-free, fully paid-up, worldwide, transferable, sub-licensable, irrevocable and perpetual license to implement, use, modify, commercially exploit and/or incorporate the Feedback into our products, services, and documentation. - Interpretation (disclaimed): The license grant for Feedback is among the broadest possible: irrevocable, perpetual, worldwide, transferable, sublicensable, and allows commercial exploitation. Users who share proprietary ideas or code as feedback permanently surrender meaningful control over that material. - Tier: All - Location: § 3 (Feedback) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=If%20you%20choose%20to,products%2C%20services%2C%20and%20documentation. ### prompt ownership — risk medium > D. User-Generated Content You own the content you post on GitHub. However, you have some responsibilities regarding it, and we ask you to grant us some rights so we can provide services to you. - Interpretation (disclaimed): The summary table is binding only in so far as it points to Section D. The acknowledgment that GitHub asks users to 'grant us some rights' signals a license-back on user-generated content. The full operative clause is in the truncated Section D body. - Tier: All - Location: Article D - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=D.%20User-Generated%20Content%20You,provide%20services%20to%20you. ### prompt ownership — risk unknown > “Input” means any content or context provided to an AI Feature, including prompts, attachments, code in your workspace, and conversation history. - Interpretation (disclaimed): Defines 'Input' as any content or context provided to an AI Feature, including prompts, attachments, code in workspace, and conversation history; this is an operative definition that scopes what user-provided material is subject to AI feature data-use, training-use, and ownership provisions. - Tier: All - Location: § A (Definitions) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20%E2%80%9CInput%E2%80%9D%20means%20any,workspace%2C%20and%20conversation%20history. ### prompt ownership — risk unknown > Users. Subject to these Terms, you retain ultimate administrative control over your Personal Account and the Content within it. - Interpretation (disclaimed): Grants users ultimate administrative control over their Personal Account and the Content within it, subject to the Terms, establishing the user's retained control right over their content. - Tier: All - Location: § 1 (Account Controls) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Users.%20Subject%20to,the%20Content%20within%20it. ### prompt ownership — risk unknown > This Agreement is licensed under this Creative Commons Zero license . For details, see our site-policy repository . - Interpretation (disclaimed): Incorporates a Creative Commons Zero license as the governing license for the Agreement text itself, and cross-references the site-policy repository for further details, establishing the legal basis for reuse of policy content. - Tier: All - Location: § 3 (License to GitHub Policies) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20This%20Agreement%20is,our%20site-policy%20repository%20. ### prompt ownership — risk unknown > “Input” means any content or context provided to an AI Feature, including prompts, attachments, code in your workspace, and conversation history. - Interpretation (disclaimed): Defines 'Input' as any content or context provided to an AI Feature, including prompts, attachments, workspace code, and conversation history; this definition scopes what user-provided material is subject to AI-related data use and ownership provisions. - Tier: All - Location: § A (Definitions) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20%E2%80%9CInput%E2%80%9D%20means%20any,workspace%2C%20and%20conversation%20history. ### prompt ownership — risk unknown > "Your Content" means User-Generated Content that you upload, submit, or create, including your modifications to Content you have forked or cloned. It does not include the underlying Content created by others. - Interpretation (disclaimed): Defines 'Your Content' as a subset of User-Generated Content created or modified by the specific user, excluding content created by others, directly scoping ownership and license obligations applied to the user's own contributions. - Tier: All - Location: § A (Definitions) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20%22Your%20Content%22%20means,Content%20created%20by%20others. ### prompt ownership — risk unknown > You agree that you will not under any circumstances violate our Acceptable Use Policies or Community Guidelines . - Interpretation (disclaimed): Summary statement of the User-Generated Content section, previewing that users own their content but grant GitHub certain limited rights to display and share it, and that GitHub retains removal and account-closure rights — directly characterizing the ownership and license framework. - Tier: All - Location: Article C (Acceptable Use) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20agree%20that,or%20Community%20Guidelines%20. ### prompt ownership — risk unknown > We will terminate the Accounts of repeat infringers of this policy. - Interpretation (disclaimed): Short-version summary asserting GitHub's ownership of the Service and its content, granting users only limited, conditioned rights to use GitHub's content, and restricting use to permitted manners only, establishing the foundational IP ownership and use restriction framework. - Tier: All - Location: § F (Copyright Infringement and DMCA Policy) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20We%20will%20terminate,infringers%20of%20this%20policy. ### prompt ownership — risk unknown > We’re always trying to improve our products and services, and your feedback as a Beta Preview user will help us do that. If you choose to give us any ideas, know-how, algorithms, code contributions, suggestions, enhancement requests, recommendations or any other feedback for our products or services (collectively, “Feedback”), you acknowledge and agree that GitHub will have a royalty-free, fully paid-up, worldwide, transferable, sub-licensable, irrevocable and perpetual license to implement, use, modify, commercially exploit and/or incorporate the Feedback into our products, services, and documentation. - Interpretation (disclaimed): This clause grants GitHub a royalty-free, fully paid-up, worldwide, transferable, sub-licensable, irrevocable, and perpetual license to implement, use, modify, commercially exploit, and incorporate user-submitted Feedback into its products and services, effectively transferring broad IP rights over user-provided Feedback to GitHub. - Tier: All - Location: § 3 (Feedback) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20We%E2%80%99re%20always%20trying,products%2C%20services%2C%20and%20documentation. ### prompt ownership — risk unknown > "User-Generated Content" means Content that you or other users upload, submit, or create through the Service. - Interpretation (disclaimed): Defines 'User-Generated Content' as content uploaded, submitted, or created by users through the Service, which is foundational to subsequent ownership and license grant clauses. - Tier: All - Location: § A (Definitions) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20%22User-Generated%20Content%22%20means,create%20through%20the%20Service. ### prompt ownership — risk unknown > If you believe that content on our website violates your copyright, please contact us in accordance with our Digital Millennium Copyright Act Policy . If you are a copyright owner and you believe that content on GitHub violates your rights, please contact us via our convenient DMCA form or by emailing copyright@github.com . There may be legal consequences for sending a false or frivolous takedown notice. Before sending a takedown request, you must consider legal uses such as fair use and licensed uses. - Interpretation (disclaimed): Section header for intellectual property notice, serving as a structural incorporation reference for the terms establishing GitHub's ownership of the Service and content and the limited rights granted to users for use of that content. - Tier: All - Location: § F (Copyright Infringement and DMCA Policy) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20If%20you%20believe,use%20and%20licensed%20uses. ### output ownership — risk medium > GitHub does not claim ownership of your Input or Output. Output may contain material that resembles code or content in the model's training data or that is subject to third-party copyrights or open source license terms. You are responsible for determining whether your use of Output requires a third-party license and for complying with any such license. - Interpretation (disclaimed): While the ownership disclaimer is user-favorable, the downstream IP risk is shifted entirely to the user. Users must independently audit outputs for third-party copyright or open-source license encumbrances, creating material legal exposure especially for commercial or product use. - Tier: All - Location: § 2 (Ownership) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=GitHub%20does%20not%20claim,with%20any%20such%20license. ### output ownership — risk medium > What are the intellectual property considerations when using GitHub Copilot? ### The primary IP considerations for GitHub Copilot relate to copyright. The model that powers Copilot is trained on a broad collection of publicly accessible code, which may include copyrighted code, and Copilot’s suggestions (in rare instances) may resemble the code its model was trained on. - Interpretation (disclaimed): GitHub discloses that AI-generated suggestions may match copyrighted code, and frames the infringement risk as the user's responsibility to evaluate ('it is ultimately up to the user to determine whether to use the suggestion'). This effectively transfers IP risk to the user for any matching suggestions adopted. - Tier: All - Location: “What are the intellectual property considerations when using GitHub Copilot?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=What%20are%20the%20intellectual,model%20was%20trained%20on. ### output ownership — risk low > We don’t determine whether a suggestion is capable of being owned, but we are clear that GitHub does not claim ownership of a suggestion. Whether a suggestion generated by an AI model can be owned depends on many factors (e.g. the intellectual property law in the relevant country, the length of the suggestion, the extent that suggestion is considered ‘functional’ instead of expressive, etc). If a suggestion is capable of being owned, our terms are clear: GitHub does not claim ownership. GitHub does not claim ownership of any suggestion. - Interpretation (disclaimed): GitHub's disclaimer of ownership is user-favorable. However, the caveat that ownership 'depends on many factors' and the lack of an affirmative grant of ownership to the user leaves legal uncertainty about whether outputs are actually owned by anyone, creating downstream IP risk for users. - Tier: All - Location: “Who owns the suggestions provided by GitHub Copilot?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=We%20don%E2%80%99t%20determine%20whether,ownership%20of%20any%20suggestion. ### output ownership — risk low > GitHub does not claim ownership of a suggestion. Whether a suggestion generated by an AI model can be owned depends on many factors (e.g. the intellectual property law in the relevant country, the length of the suggestion, the extent that suggestion is considered ‘functional’ instead of expressive, etc). If a suggestion is capable of being owned, our terms are clear: GitHub does not claim ownership. GitHub does not claim ownership of any suggestion. - Interpretation (disclaimed): GitHub waives any ownership claim over generated outputs/suggestions. This is favorable to users, but the hedging language about whether suggestions are 'capable of being owned' under applicable IP law may leave users without clear IP protection in all jurisdictions. - Tier: All - Location: “Who owns the suggestions provided by GitHub Copilot?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=GitHub%20does%20not%20claim,ownership%20of%20any%20suggestion. ### output ownership — risk ambiguous > "Output" means responses and suggestions, including code or other material, generated by an AI Feature. - Interpretation (disclaimed): The definition of Output establishes scope but the actual ownership allocation and any license-back are in the missing Section J. Risk cannot be fully assessed from this excerpt alone. - Tier: All - Location: § A (Definitions) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%22Output%22%20means%20responses%20and,by%20an%20AI%20Feature. ### output ownership — risk unknown > D. User-Generated Content You own the content you post on GitHub. However, you have some responsibilities regarding it, and we ask you to grant us some rights so we can provide services to you. - Interpretation (disclaimed): Summary entry for Section D describes that users own their posted content but must grant GitHub certain rights to provide services; this is a cross-reference that incorporates the ownership and license grant provisions applicable to user-generated content. - Tier: All - Location: Article D - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20D.%20User-Generated%20Content,services%20to%20you.%20 ### output ownership — risk unknown > "User-Generated Content" means Content that you or other users upload, submit, or create through the Service. - Interpretation (disclaimed): Defines 'User-Generated Content' as content uploaded, submitted, or created by users through the Service, establishing the scope of content subject to ownership and license provisions. - Tier: All - Location: § A (Definitions) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20%22User-Generated%20Content%22%20means,create%20through%20the%20Service. ### output ownership — risk unknown > "Your Content" means User-Generated Content that you upload, submit, or create, including your modifications to Content you have forked or cloned. It does not include the underlying Content created by others. - Interpretation (disclaimed): Defines 'Your Content' as a subset of User-Generated Content created or modified by the user, explicitly excluding content created by others, thereby scoping the user's ownership and license obligations. - Tier: All - Location: § A (Definitions) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20%22Your%20Content%22%20means,Content%20created%20by%20others. ### output ownership — risk unknown > You are responsible for Your Content and any harm resulting from it. This includes Content you post, upload, or make available through the Service. We are not responsible for any public display or misuse of Your Content. - Interpretation (disclaimed): Imposes responsibility on the user for their Content and any resulting harm, including content posted, uploaded, or made available through the Service, and disclaims GitHub's responsibility for public display or misuse of that Content. - Tier: All - Location: § 1 (Responsibility for User-Generated Content) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20are%20responsible,misuse%20of%20Your%20Content. ### output ownership — risk unknown > Isn't this just how it works already? Yep. This is widely accepted as the norm in the open-source community; it's commonly referred to by the shorthand "inbound=outbound". We're just making it explicit. - Interpretation (disclaimed): Explanatory note clarifying that the inbound-equals-outbound norm is standard in open-source communities, serving as an interpretive definition of the licensing mechanism described in the preceding segment. - Tier: All - Location: § 6 (Contributions Under Repository License) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Isn't%20this%20just,just%20making%20it%20explicit. ### output ownership — risk unknown > To the extent this agreement is not enforceable by applicable law, you grant GitHub the rights we need to use Your Content without attribution and to make reasonable adaptations of Your Content as necessary to render the Website and provide the Service. - Interpretation (disclaimed): Provides a fallback permission granting GitHub rights to use content without attribution and to make adaptations where the moral rights waiver is unenforceable under applicable law. - Tier: All - Location: § 7 (Moral Rights) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20To%20the%20extent,and%20provide%20the%20Service. ### output ownership — risk unknown > Short version: We own the service and all of our content. In order for you to use our content, we give you certain rights to it, but you may only use our content in the way we have allowed. - Interpretation (disclaimed): Short-version summary defining the ownership of the GitHub service and content as belonging to GitHub, and characterizing user content rights as limited permissions granted by GitHub, setting the interpretive framework for the section. - Tier: All - Location: § G (Intellectual Property Notice) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20We,we%20have%20allowed.%20 ### output ownership — risk unknown > Output may contain material that resembles code or content in the model's training data or that is subject to third-party copyrights or open source license terms. You are responsible for determining whether your use of Output requires a third-party license and for complying with any such license. - Interpretation (disclaimed): Places responsibility on the user to determine whether Output requires a third-party or open source license and to comply with any such license, given that Output may resemble training data or third-party copyrighted material. - Tier: All - Location: § 2 (Ownership) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Output%20may%20contain,with%20any%20such%20license. ### output ownership — risk unknown > You are responsible for reviewing, testing, and validating any Output before use. - Interpretation (disclaimed): Imposes an obligation on the user to review, test, and validate any Output before use, placing responsibility for quality assurance on the user rather than GitHub. - Tier: All - Location: § 4 (Disclaimers) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20are%20responsible,any%20Output%20before%20use. ### output ownership — risk unknown > We’re always trying to improve our products and services, and your feedback as a Beta Preview user will help us do that. If you choose to give us any ideas, know-how, algorithms, code contributions, suggestions, enhancement requests, recommendations or any other feedback for our products or services (collectively, “Feedback”), you acknowledge and agree that GitHub will have a royalty-free, fully paid-up, worldwide, transferable, sub-licensable, irrevocable and perpetual license to implement, use, modify, commercially exploit and/or incorporate the Feedback into our products, services, and documentation. - Interpretation (disclaimed): Grants GitHub a royalty-free, fully paid-up, worldwide, transferable, sub-licensable, irrevocable, and perpetual license to implement, use, modify, commercially exploit, and incorporate user-submitted Feedback into GitHub products and services, establishing the ownership and use rights over user contributions. - Tier: All - Location: § 3 (Feedback) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20We%E2%80%99re%20always%20trying,products%2C%20services%2C%20and%20documentation. ### output ownership — risk unknown > the use, disclosure, or display of your User-Generated Content; - Interpretation (disclaimed): Specifies that liability exclusion applies to damages arising from the use, disclosure, or display of User-Generated Content, limiting GitHub's liability in connection with user content. - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20the%20use%2C%20disclosure%2C,of%20your%20User-Generated%20Content%3B ### output ownership — risk unknown > D. User-Generated Content You own the content you post on GitHub. However, you have some responsibilities regarding it, and we ask you to grant us some rights so we can provide services to you. - Interpretation (disclaimed): Summary entry describing User-Generated Content section; states that users own posted content but must grant GitHub certain rights to provide services, incorporating ownership and license obligations by reference. - Tier: All - Location: Article D - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20D.%20User-Generated%20Content,services%20to%20you.%20 ### output ownership — risk unknown > "Output" means responses and suggestions, including code or other material, generated by an AI Feature. - Interpretation (disclaimed): Defines 'Output' as responses and suggestions, including code or other material, generated by an AI Feature; this definition scopes what AI-generated material is subject to ownership and use rights under the agreement. - Tier: All - Location: § A (Definitions) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20%22Output%22%20means%20responses,by%20an%20AI%20Feature. ### output ownership — risk unknown > You grant us and other Users the licenses in Sections D.4–D.8. These licenses apply to Your Content. If Your Content already includes a license granting us the permissions we need, no additional license is required. You will not receive payment for these rights. These licenses end when you remove Your Content, unless other Users have forked it. - Interpretation (disclaimed): Defines the scope of licenses granted by users to GitHub and other users, establishes that no payment is owed for these rights, and specifies that the licenses terminate upon content removal unless forked, creating binding obligations and conditions on content licensing. - Tier: All - Location: § 3 (Ownership and License Grants) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20grant%20us,Users%20have%20forked%20it. ### output ownership — risk unknown > Your Content that you post publicly, including issues, comments, and contributions to other Users' repositories, may be viewed by others. By setting your repositories to be viewed publicly, you agree to allow others to view and "fork" your repositories (this means that others may make their own copies within the Service in repositories they control). - Interpretation (disclaimed): Establishes that by setting repositories public, users agree to allow others to view and fork their content, creating a binding commitment to permit third-party access and reproduction through the Service's fork functionality. - Tier: All - Location: § 5 (License Grant to Other Users) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Your%20Content%20that,in%20repositories%20they%20control). ### output ownership — risk unknown > GitHub does not claim ownership of your Input or Output. - Interpretation (disclaimed): GitHub expressly disclaims any ownership claim over users' Input or Output generated through AI Features, preserving user ownership of both submitted content and generated results. - Tier: All - Location: § 2 (Ownership) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20GitHub%20does%20not,your%20Input%20or%20Output. ### output ownership — risk unknown > Isn't this just how it works already? Yep. This is widely accepted as the norm in the open-source community; it's commonly referred to by the shorthand "inbound=outbound". We're just making it explicit. - Interpretation (disclaimed): Explanatory note clarifying the inbound=outbound open-source licensing norm referenced in Section D.6, functioning as a definitional context for the legal obligation established in the preceding segment. - Tier: All - Location: § 6 (Contributions Under Repository License) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Isn't%20this%20just,just%20making%20it%20explicit. ### output ownership — risk unknown > You retain all moral rights to Your Content that you upload, publish, or submit to any part of the Service, including the rights of integrity and attribution. However, you waive these rights and agree not to assert them against us or our Affiliates, to enable GitHub and our Affiliates to reasonably exercise the rights granted in Section D.4, but not otherwise. - Interpretation (disclaimed): Provides a fallback permission grant to GitHub to use content without attribution and to make reasonable adaptations where the moral rights waiver in Section D.7 is unenforceable under applicable law, ensuring the license remains operative regardless of jurisdiction. - Tier: All - Location: § 7 (Moral Rights) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20retain%20all,D.4%2C%20but%20not%20otherwise. ### output ownership — risk unknown > GitHub and our licensors, vendors, agents, and/or our content providers retain ownership of all intellectual property rights of any kind related to the Website and Service. We reserve all rights that are not expressly granted to you under this Agreement or by law. The look and feel of the Website and Service is copyright © GitHub, Inc. All rights reserved. You may not duplicate, copy, or reuse any portion of the HTML/CSS, JavaScript, or visual design elements or concepts without express written permission from GitHub. - Interpretation (disclaimed): Affirms GitHub and licensors retain all IP rights in the Website and Service, reserves all rights not expressly granted, and restricts users from duplicating or reusing HTML/CSS, JavaScript, or visual design elements without express written permission. - Tier: All - Location: § 1 (GitHub's Rights to Content) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20GitHub%20and%20our,written%20permission%20from%20GitHub. ### output ownership — risk unknown > Prompts: These are inputs for chat or code, along with context, sent to Copilot's AI to generate suggestions. - Interpretation (disclaimed): Defines suggestions as AI-generated code lines or chat responses provided to users based on their prompts, establishing the nature of Copilot outputs which is directly relevant to output ownership and licensing analysis. - Tier: All - Location: “What personal data does GitHub Copilot process?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Prompts%3A%20These%20are,to%20generate%20suggestions.%20 ### output ownership — risk unknown > GitHub does not claim ownership of any suggestion. In certain cases, it is possible for Copilot to produce similar suggestions to different users. For example, two unrelated users both starting new files to code the quicksort algorithm in Java will likely get the same suggestion. The possibility of providing similar suggestions to multiple users is a common part of generative AI systems. - Interpretation (disclaimed): This segment reaffirms that GitHub does not claim ownership of any suggestion, and discloses that multiple users may receive identical suggestions as a normal characteristic of generative AI systems, limiting any exclusivity expectations users might have regarding output ownership. - Tier: All - Location: “Who owns the suggestions provided by GitHub Copilot?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20does%20not,of%20generative%20AI%20systems. ### output ownership — risk unknown > No, GitHub Copilot generates suggestions using probabilistic determination. When thinking about intellectual property and open source issues, it is critical to understand how GitHub Copilot really works. The AI models that create GitHub Copilot’s suggestions may be trained on public code, but do not contain any code. When they generate a suggestion, they are not “copying and pasting” from any codebase. - Interpretation (disclaimed): Disclaims that Copilot outputs are probabilistically generated and not copied from any codebase, which is material to IP ownership and indemnity analysis by asserting no direct reproduction of source code occurs. - Tier: All - Location: “Does GitHub Copilot “copy/paste”?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20No%2C%20GitHub%20Copilot,pasting%E2%80%9D%20from%20any%20codebase. ### output ownership — risk unknown > The primary IP considerations for GitHub Copilot relate to copyright. The model that powers Copilot is trained on a broad collection of publicly accessible code, which may include copyrighted code, and Copilot’s suggestions (in rare instances) may resemble the code its model was trained on. Here’s some basic information you should know about these considerations: Copyright law permits the use of copyrighted works to train AI models:  Countries around the world have provisions in their copyright laws that enable machines to learn, understand, extract patterns, and facts from copyrighted materials, including software code. For example, the European Union, Japan, and Singapore, have express provisions permitting machine learning to develop AI models. Other countries including Canada, India, and the United States also permit such training under their fair use/fair dealing provisions. GitHub Copilot’s AI model was trained with the use of code from GitHub’s public repositories—which are publicly accessible and within the scope of permissible copyright use. What about copyright risk in suggestions? In rare instances (less than 1% based on GitHub’s research), suggestions from GitHub may match examples of code used to train GitHub’s AI model. Again, Copilot does not “look up” or “copy and paste” code, but is instead using context from a user’s workspace to synthesize and generate a suggestion. Our experience shows that matching suggestions are most likely to occur in two situations: (i) when there is little or no context in the code editor for Copilot’s model to synthesize, or (ii) when a matching suggestion represents a common approach or method. - Interpretation (disclaimed): This segment explains that Copilot's underlying model was trained on publicly accessible code potentially including copyrighted works, and that copyright law in various jurisdictions permits such training use, contextualizing the IP risk framework applicable to Copilot outputs. - Tier: All - Location: “What are the intellectual property considerations when using GitHub Copilot?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20The%20primary%20IP,approach%20or%20method.%20 ### output ownership — risk unknown > If a code suggestion matches existing code, there is risk that using that suggestion could trigger claims of copyright infringement, which would depend on the amount and nature of code used, and the context of how the code is used. In many ways, this is the same risk that arises when using any code that a developer does not originate, such as copying code from an online source, or reusing code from a library. That is why responsible organizations and developers recommend that users employ code scanning policies to identify and evaluate potential matching code. In Copilot, you can opt whether to allow Copilot to suggest code completions that match publicly available code on GitHub.com. For more information, see " Configuring GitHub Copilot settings on GitHub.com ". If you have allowed suggestions that match public code, GitHub Copilot can provide you with details about the matching code when you accept such suggestions. Matching code does not necessarily mean copyright infringement, so it is ultimately up to the user to determine whether to use the suggestion, and what and who to attribute (along with other license compliance) in appropriate circumstances. - Interpretation (disclaimed): This segment warns that code suggestions matching existing code carry copyright infringement risk analogous to reusing third-party code, and recommends users employ code scanning policies to evaluate matching suggestions, thereby limiting GitHub's liability for such outcomes. - Tier: All - Location: “What are the intellectual property considerations when using GitHub Copilot?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=If%20a%20code%20suggestion,compliance)%20in%20appropriate%20circumstances. ### output ownership — risk unknown > Yes, GitHub Copilot is previewing a code referencing feature as an additional tool to assist users to find and review potentially relevant open source licenses. Code referencing is currently available in Visual Studio Code. This feature searches across public GitHub repositories for code that matches a Copilot suggestion. If there’s a match, users will find its information displayed in the Copilot console log, including where the match occurred, any applicable licenses, and a deep link to learn more. The deep link will take users to a navigable page on GitHub.com to browse examples of the code match and their repository licenses, and see how many repositories—including ones without licenses—that code appears in, as well as links to those repositories. Copilot users can review this information to determine whether the applicable suggestions are suitable for use, and whether additional measures may be necessary to use them. - Interpretation (disclaimed): This segment describes the code referencing feature in preview that helps users find and review potentially relevant open source licenses for Copilot suggestions, specifying what license information is surfaced to the user and how, providing a permission-based tool to manage IP compliance. - Tier: All - Location: “Does GitHub Copilot include features to make it easier for users to identify potentially relevant open source licenses for matching suggestions?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Yes%2C%20GitHub%20Copilot,necessary%20to%20use%20them. ### output ownership — risk unknown > To the extent this agreement is not enforceable by applicable law, you grant GitHub the rights we need to use Your Content without attribution and to make reasonable adaptations of Your Content as necessary to render the Website and provide the Service. - Interpretation (disclaimed): Section header for public repositories and lawful access, serving as a structural incorporation reference for the terms governing third-party and GitHub access to public repository contents. - Tier: All - Location: § 7 (Moral Rights) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20To%20the%20extent,and%20provide%20the%20Service. ### output ownership — risk unknown > Users. Subject to these Terms, you retain ultimate administrative control over your Personal Account and the Content within it. - Interpretation (disclaimed): Grants users ultimate administrative control over their Personal Account and the Content within it, subject to the Terms, affirming a user right of control over their account-hosted content. - Tier: All - Location: § 1 (Account Controls) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Users.%20Subject%20to,the%20Content%20within%20it. ### output ownership — risk unknown > By making a repository public, you grant other Users a nonexclusive, worldwide license to use, display, perform and reproduce (by forking) Your Content through the Service as permitted by GitHub's functionality. You may grant additional rights by adopting a license . If you post Content you did not create or own, you are responsible for ensuring it is licensed under terms that permit these uses. - Interpretation (disclaimed): Grants other users a nonexclusive, worldwide license to use, display, perform, and reproduce publicly posted content through the Service, and places responsibility on the posting user to ensure third-party content is appropriately licensed for such uses. - Tier: All - Location: § 5 (License Grant to Other Users) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20By%20making%20a,that%20permit%20these%20uses. ### output ownership — risk unknown > the use, disclosure, or display of your User-Generated Content; - Interpretation (disclaimed): Excludes liability for damages arising from the use, disclosure, or display of user-generated content, limiting GitHub's responsibility for harms connected to UGC. - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20the%20use%2C%20disclosure%2C,of%20your%20User-Generated%20Content%3B ### output ownership — risk unknown > Whenever you add Content to a repository containing notice of a license, you license that Content under the same terms, and you agree that you have the right to license that Content under those terms. If you have a separate agreement to license that Content under different terms, such as a contributor license agreement, that agreement will supersede. - Interpretation (disclaimed): Establishes that content added to a licensed repository is automatically licensed under the same repository license terms, obligating contributors to license their contributions accordingly, with a specified exception where a separate contributor license agreement supersedes. - Tier: All - Location: § 6 (Contributions Under Repository License) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Whenever%20you%20add,that%20agreement%20will%20supersede. ### output ownership — risk unknown > Output may contain material that resembles code or content in the model's training data or that is subject to third-party copyrights or open source license terms. You are responsible for determining whether your use of Output requires a third-party license and for complying with any such license. - Interpretation (disclaimed): Places responsibility on users to determine whether Output requires a third-party license (due to resemblance to training data or third-party copyrighted material) and to comply with any such license, creating a compliance obligation. - Tier: All - Location: § 2 (Ownership) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Output%20may%20contain,with%20any%20such%20license. ### output ownership — risk unknown > Short version: You own content you create, but you allow us certain rights to it, so that we can display and share the content you post. You still have control over your content, and responsibility for it, and the rights you grant us are limited to those we need to provide the service. We have the right to remove content or close Accounts if we need to. - Interpretation (disclaimed): Short-version summary clarifying that users own content they create but grant GitHub limited rights to display and share it, and that GitHub may remove content or close Accounts, previewing the operative ownership and license provisions. - Tier: All - Location: Article D (User-Generated Content) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20You,we%20need%20to.%20 ### output ownership — risk unknown > GitHub and our licensors, vendors, agents, and/or our content providers retain ownership of all intellectual property rights of any kind related to the Website and Service. We reserve all rights that are not expressly granted to you under this Agreement or by law. The look and feel of the Website and Service is copyright © GitHub, Inc. All rights reserved. You may not duplicate, copy, or reuse any portion of the HTML/CSS, JavaScript, or visual design elements or concepts without express written permission from GitHub. - Interpretation (disclaimed): Affirms that GitHub and its licensors retain all intellectual property rights in the Website and Service, reserves all rights not expressly granted, and restricts users from duplicating HTML/CSS, JavaScript, or visual design elements without express written permission. - Tier: All - Location: § 1 (GitHub's Rights to Content) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20GitHub%20and%20our,written%20permission%20from%20GitHub. ### output ownership — risk unknown > GitHub does not claim ownership of your Input or Output. - Interpretation (disclaimed): Expressly disclaims any ownership claim by GitHub over users' Input or Output, establishing that title to such content remains with the user. - Tier: All - Location: § 2 (Ownership) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20GitHub%20does%20not,your%20Input%20or%20Output. ### output ownership — risk unknown > You grant us and other Users the licenses in Sections D.4–D.8. These licenses apply to Your Content. If Your Content already includes a license granting us the permissions we need, no additional license is required. You will not receive payment for these rights. These licenses end when you remove Your Content, unless other Users have forked it. - Interpretation (disclaimed): Defines the scope and duration of licenses granted by users to GitHub and other users for their content, establishing that licenses end upon content removal unless forked, and that no payment is owed for these rights. - Tier: All - Location: § 3 (Ownership and License Grants) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20grant%20us,Users%20have%20forked%20it. ### output ownership — risk unknown > You retain all moral rights to Your Content that you upload, publish, or submit to any part of the Service, including the rights of integrity and attribution. However, you waive these rights and agree not to assert them against us or our Affiliates, to enable GitHub and our Affiliates to reasonably exercise the rights granted in Section D.4, but not otherwise. - Interpretation (disclaimed): Users retain moral rights but waive and agree not to assert them against GitHub or its Affiliates to the extent necessary for GitHub to exercise the license granted in Section D.4, limiting user recourse regarding attribution and integrity claims. - Tier: All - Location: § 7 (Moral Rights) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20retain%20all,D.4%2C%20but%20not%20otherwise. ### output ownership — risk unknown > Your Content that you post publicly, including issues, comments, and contributions to other Users' repositories, may be viewed by others. By setting your repositories to be viewed publicly, you agree to allow others to view and "fork" your repositories (this means that others may make their own copies within the Service in repositories they control). - Interpretation (disclaimed): Establishes that publicly posted content may be viewed and forked by others, and that setting a repository to public constitutes agreement to allow such access and reproduction. - Tier: All - Location: § 5 (License Grant to Other Users) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Your%20Content%20that,in%20repositories%20they%20control). ### output ownership — risk unknown > Output is provided "as-is" and subject to the disclaimers in Section O. Without limiting Section O: Output may be inaccurate, incomplete, or non-functional. Output may resemble third-party code, including code under open source licenses. We do not guarantee that Output is free of errors, vulnerabilities, or intellectual property claims. - Interpretation (disclaimed): Disclaims warranties for AI Output by providing it 'as-is,' warning that it may be inaccurate, incomplete, non-functional, or resemble third-party or open-source code, and stating GitHub does not guarantee Output is free of errors, vulnerabilities, or IP claims. - Tier: All - Location: § 4 (Disclaimers) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Output%20is%20provided,or%20intellectual%20property%20claims. ### output ownership — risk unknown > By making a repository public, you grant other Users a nonexclusive, worldwide license to use, display, perform and reproduce (by forking) Your Content through the Service as permitted by GitHub's functionality. You may grant additional rights by adopting a license . If you post Content you did not create or own, you are responsible for ensuring it is licensed under terms that permit these uses. - Interpretation (disclaimed): Grants other users a nonexclusive worldwide license to use, display, perform, and reproduce public content through the Service, and places responsibility on the poster to ensure third-party content is properly licensed. - Tier: All - Location: § 5 (License Grant to Other Users) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20By%20making%20a,that%20permit%20these%20uses. ### output ownership — risk unknown > "Output" means responses and suggestions, including code or other material, generated by an AI Feature. - Interpretation (disclaimed): Defines 'Output' as responses and suggestions, including code or other material, generated by an AI Feature; operative definition scoping what AI-generated material is subject to ownership, license, and use provisions throughout the agreement. - Tier: All - Location: § A (Definitions) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20%22Output%22%20means%20responses,by%20an%20AI%20Feature. ### output ownership — risk unknown > Whenever you add Content to a repository containing notice of a license, you license that Content under the same terms, and you agree that you have the right to license that Content under those terms. If you have a separate agreement to license that Content under different terms, such as a contributor license agreement, that agreement will supersede. - Interpretation (disclaimed): Establishes that content added to a licensed repository is automatically licensed under the same terms, and that a pre-existing contributor license agreement will supersede these terms if applicable. - Tier: All - Location: § 6 (Contributions Under Repository License) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Whenever%20you%20add,that%20agreement%20will%20supersede. ### output ownership — risk unknown > The primary IP considerations for GitHub Copilot relate to copyright. The model that powers Copilot is trained on a broad collection of publicly accessible code, which may include copyrighted code, and Copilot’s suggestions (in rare instances) may resemble the code its model was trained on. Here’s some basic information you should know about these considerations: Copyright law permits the use of copyrighted works to train AI models:  Countries around the world have provisions in their copyright laws that enable machines to learn, understand, extract patterns, and facts from copyrighted materials, including software code. For example, the European Union, Japan, and Singapore, have express provisions permitting machine learning to develop AI models. Other countries including Canada, India, and the United States also permit such training under their fair use/fair dealing provisions. GitHub Copilot’s AI model was trained with the use of code from GitHub’s public repositories—which are publicly accessible and within the scope of permissible copyright use. What about copyright risk in suggestions? In rare instances (less than 1% based on GitHub’s research), suggestions from GitHub may match examples of code used to train GitHub’s AI model. Again, Copilot does not “look up” or “copy and paste” code, but is instead using context from a user’s workspace to synthesize and generate a suggestion. Our experience shows that matching suggestions are most likely to occur in two situations: (i) when there is little or no context in the code editor for Copilot’s model to synthesize, or (ii) when a matching suggestion represents a common approach or method. - Interpretation (disclaimed): This segment disclaims liability by noting that copyright law in many jurisdictions permits use of copyrighted works to train AI models, and acknowledges that Copilot suggestions may resemble copyrighted training code, thereby framing the legal risk landscape and limiting GitHub's representation of copyright clearance. - Tier: All - Location: “What are the intellectual property considerations when using GitHub Copilot?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20The%20primary%20IP,approach%20or%20method.%20 ### output ownership — risk unknown > GitHub does not claim ownership of any suggestion. In certain cases, it is possible for Copilot to produce similar suggestions to different users. For example, two unrelated users both starting new files to code the quicksort algorithm in Java will likely get the same suggestion. The possibility of providing similar suggestions to multiple users is a common part of generative AI systems. - Interpretation (disclaimed): This segment reaffirms that GitHub does not claim ownership of any suggestion and explains that similar suggestions may be provided to different users, noting this is a common characteristic of generative AI systems, further reinforcing the no-ownership disclaimer. - Tier: All - Location: “Who owns the suggestions provided by GitHub Copilot?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20does%20not,of%20generative%20AI%20systems. ### output ownership — risk unknown > We don’t determine whether a suggestion is capable of being owned, but we are clear that GitHub does not claim ownership of a suggestion. Whether a suggestion generated by an AI model can be owned depends on many factors (e.g. the intellectual property law in the relevant country, the length of the suggestion, the extent that suggestion is considered ‘functional’ instead of expressive, etc). If a suggestion is capable of being owned, our terms are clear: GitHub does not claim ownership. - Interpretation (disclaimed): This segment explicitly disclaims GitHub's ownership of any Copilot suggestion and acknowledges that ownership depends on jurisdiction-specific IP law and other factors, clarifying GitHub's legal position that it asserts no proprietary claim over generated outputs. - Tier: All - Location: “Who owns the suggestions provided by GitHub Copilot?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20We%20don%E2%80%99t%20determine,does%20not%20claim%20ownership. ### output ownership — risk unknown > No, GitHub Copilot generates suggestions using probabilistic determination. When thinking about intellectual property and open source issues, it is critical to understand how GitHub Copilot really works. The AI models that create GitHub Copilot’s suggestions may be trained on public code, but do not contain any code. When they generate a suggestion, they are not “copying and pasting” from any codebase. - Interpretation (disclaimed): Segment disclaims that GitHub Copilot does not copy-paste from any codebase and that AI models do not contain any code, which functions as a disclaimer regarding intellectual property and open source concerns related to generated outputs, relevant to output ownership and IP indemnity considerations. - Tier: All - Location: “Does GitHub Copilot “copy/paste”?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20No%2C%20GitHub%20Copilot,pasting%E2%80%9D%20from%20any%20codebase. ### output ownership — risk unknown > We don’t determine whether a suggestion is capable of being owned, but we are clear that GitHub does not claim ownership of a suggestion. Whether a suggestion generated by an AI model can be owned depends on many factors (e.g. the intellectual property law in the relevant country, the length of the suggestion, the extent that suggestion is considered ‘functional’ instead of expressive, etc). If a suggestion is capable of being owned, our terms are clear: GitHub does not claim ownership. - Interpretation (disclaimed): This segment disclaims any ownership claim by GitHub over Copilot suggestions, explains that ownership depends on applicable IP law and suggestion characteristics, and makes clear that if a suggestion can be owned, GitHub does not assert that ownership, thereby defining the scope of GitHub's IP rights in outputs. - Tier: All - Location: “Who owns the suggestions provided by GitHub Copilot?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20We%20don%E2%80%99t%20determine,does%20not%20claim%20ownership. ### commercial use — risk medium > Matching code does not necessarily mean copyright infringement, so it is ultimately up to the user to determine whether to use the suggestion, and what and who to attribute (along with other license compliance) in appropriate circumstances. - Interpretation (disclaimed): By stating that license compliance and attribution are the user's responsibility, GitHub disclaims accountability for downstream commercial use of outputs that may match open-source-licensed code. Commercial users must implement their own scanning and attribution workflows. - Tier: All - Location: “What are the intellectual property considerations when using GitHub Copilot?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=Matching%20code%20does%20not,compliance)%20in%20appropriate%20circumstances. ### commercial use — risk ambiguous > It is your responsibility to assess what is appropriate for the situation and implement appropriate safeguards. - Interpretation (disclaimed): The document does not contain an explicit commercial use clause. The general language placing responsibility on users to assess suitability is the closest relevant statement. Absence of explicit permission or restriction creates ambiguity for commercial deployments. - Tier: All - Location: “Can GitHub Copilot users simply use suggestions without concern?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=It%20is%20your%20responsibility,and%20implement%20appropriate%20safeguards. ### commercial use — risk unknown > All use of the GitHub API is subject to these Terms of Service and the GitHub Privacy Statement . - Interpretation (disclaimed): Subjects all GitHub API use to the Terms of Service and the GitHub Privacy Statement, incorporating both instruments as governing terms for API activity. - Tier: All - Location: § H (API Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20All%20use%20of,GitHub%20Privacy%20Statement%20. ### commercial use — risk unknown > Short version: You agree to these Terms of Service, plus this Section H, when using any of GitHub's APIs (Application Programming Interface), including use of the API through a third party product that accesses GitHub. - Interpretation (disclaimed): Incorporates the Terms of Service into API usage and extends them to third-party products accessing GitHub via API, establishing the contractual scope for all API use. - Tier: All - Location: § H (API Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20You,that%20accesses%20GitHub.%20 ### commercial use — risk unknown > Some Service features may be subject to additional terms specific to that feature or product as set forth in the GitHub Additional Product Terms. By accessing or using the Services, you also agree to the GitHub Additional Product Terms . - Interpretation (disclaimed): Specifies that accessing or using Services constitutes agreement to the GitHub Additional Product Terms, making those terms operative through continued use and cross-referencing them as binding. - Tier: All - Location: Article I (GitHub Additional Product Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Some%20Service%20features,Additional%20Product%20Terms%20. ### commercial use — risk unknown > We will immediately bill you when you upgrade from the free plan to any paying plan. - Interpretation (disclaimed): Imposes an immediate billing obligation on GitHub when a user upgrades from a free plan to a paid plan, defining the timing of the payment obligation. - Tier: All - Location: § 2 (Upgrades, Downgrades, and Changes) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20We%20will%20immediately,to%20any%20paying%20plan. ### commercial use — risk unknown > If you change from a monthly billing plan to a yearly billing plan, GitHub will bill you for a full year at the next monthly billing date. - Interpretation (disclaimed): Specifies that switching from a monthly to a yearly billing plan triggers billing for a full year at the next monthly billing date, defining the financial consequence of that plan change. - Tier: All - Location: § 2 (Upgrades, Downgrades, and Changes) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20If%20you%20change,next%20monthly%20billing%20date. ### commercial use — risk unknown > By agreeing to these Terms, you are giving us permission to charge your on-file credit card, PayPal account, or other approved methods of payment for fees that you authorize for GitHub. - Interpretation (disclaimed): Grants GitHub explicit permission to charge the user's payment method on file for authorized fees, establishing the authorization basis for billing. - Tier: All - Location: § 4 (Authorization) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20By%20agreeing%20to,you%20authorize%20for%20GitHub. ### commercial use — risk unknown > You are responsible for all fees, including taxes, associated with your use of the Service. By using the Service, you agree to pay GitHub any charge incurred in connection with your use of the Service. If you dispute the matter, contact us through the GitHub Support portal . You are responsible for providing us with a valid means of payment for paid Accounts. Free Accounts are not required to provide payment information. - Interpretation (disclaimed): Establishes that the user is responsible for all fees and taxes, agrees to pay all charges incurred, and must maintain a valid payment method for paid accounts, imposing payment obligations on the user. - Tier: All - Location: § 5 (Responsibility for Payment) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20are%20responsible,to%20provide%20payment%20information. ### commercial use — risk unknown > A new Copilot code review policy ( ‘Allow members without a Copilot license to use Copilot code review in github.com’ ) must also be enabled. - Interpretation (disclaimed): Encourages admins to configure spending budgets to control costs on metered products and directs them to the billing dashboard to monitor premium request usage, describing a recommended cost-control procedure with tracking obligations. - Tier: All - Location: “Is Copilot code review usage from users without a Copilot license enabled by default? How do I control the cost?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20A%20new%20Copilot,must%20also%20be%20enabled. ### commercial use — risk unknown > When you've used your monthly allowance, you have a few options: Wait for your next cycle. Your included allowance resets every month. - Interpretation (disclaimed): Grants users the permission to set a dollar budget for additional paid usage beyond the monthly allowance, enabling continued Copilot service at $0.01 per credit without interruption. - Tier: All - Location: “What happens when I hit my usage limit?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20When%20you%26%23x27%3Bve%20used,resets%20every%20month.%20 ### commercial use — risk unknown > Yes, GitHub Copilot is previewing a code referencing feature as an additional tool to assist users to find and review potentially relevant open source licenses. Code referencing is currently available in Visual Studio Code. This feature searches across public GitHub repositories for code that matches a Copilot suggestion. If there’s a match, users will find its information displayed in the Copilot console log, including where the match occurred, any applicable licenses, and a deep link to learn more. The deep link will take users to a navigable page on GitHub.com to browse examples of the code match and their repository licenses, and see how many repositories—including ones without licenses—that code appears in, as well as links to those repositories. Copilot users can review this information to determine whether the applicable suggestions are suitable for use, and whether additional measures may be necessary to use them. - Interpretation (disclaimed): This segment describes the code referencing feature that helps users identify potentially applicable open source licenses for matching suggestions, granting users a tool to manage license compliance obligations arising from use of Copilot suggestions in commercial or open source contexts. - Tier: All - Location: “Does GitHub Copilot include features to make it easier for users to identify potentially relevant open source licenses for matching suggestions?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Yes%2C%20GitHub%20Copilot,necessary%20to%20use%20them. ### commercial use — risk unknown > The business or commercial purpose of sharing personal information is to assist us with marketing, advertising, and audience measurement. - Interpretation (disclaimed): Discloses that the purpose of sharing personal information with third parties is to assist with marketing, advertising, and audience measurement, meeting California's requirement to state the business purpose of sharing. - Tier: All - Location: Privacy Policy › “Mandatory Disclosures” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20The%20business%20or,advertising%2C%20and%20audience%20measurement. ### commercial use — risk unknown > Some Service features may be subject to additional terms specific to that feature or product as set forth in the GitHub Additional Product Terms. By accessing or using the Services, you also agree to the GitHub Additional Product Terms . - Interpretation (disclaimed): Binds users to GitHub Additional Product Terms upon accessing or using the Services, incorporating feature-specific supplemental conditions into the contractual relationship. - Tier: All - Location: Article I (GitHub Additional Product Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Some%20Service%20features,Additional%20Product%20Terms%20. ### commercial use — risk unknown > Short version: You agree to these Terms of Service, plus this Section H, when using any of GitHub's APIs (Application Programming Interface), including use of the API through a third party product that accesses GitHub. - Interpretation (disclaimed): States that use of GitHub APIs through any means, including third-party products, subjects the user to these Terms of Service plus Section H, incorporating the API terms into the broader agreement. - Tier: All - Location: § H (API Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20You,that%20accesses%20GitHub.%20 ### commercial use — risk unknown > H. API Terms These are the rules for using GitHub's APIs, whether you are using the API for development or data collection. - Interpretation (disclaimed): Summary entry for Section H describing rules for using GitHub's APIs for development or data collection; cross-reference incorporating API use restrictions and permissions. - Tier: All - Location: Article D - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20H.%20API%20Terms,or%20data%20collection.%20 ### commercial use — risk unknown > Payment Based on Usage Some Service features are billed based on your usage. A limited quantity of these Service features may be included in your plan for a limited term without additional charge. If you choose to use paid Service features beyond the quantity included in your plan, you pay for those Service features based on your actual usage in the preceding month. Monthly payment for these purchases will be charged on a periodic basis in arrears. See GitHub Additional Product Terms for Details . - Interpretation (disclaimed): Describes the billing procedure for usage-based service features, including the included free quantity, the obligation to pay for excess usage based on actual preceding-month usage, and the periodic arrears billing cycle. - Tier: All - Location: § 3 (Billing Schedule; No Refunds) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Payment%20Based%20on,Terms%20for%20Details%20. ### commercial use — risk unknown > If you upgrade to a higher level of service, we will bill you for the upgraded plan immediately. - Interpretation (disclaimed): States that upgrading to a higher service level results in immediate billing for the upgraded plan, establishing the timing of the payment obligation upon upgrade. - Tier: All - Location: § 2 (Upgrades, Downgrades, and Changes) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20If%20you%20upgrade,the%20upgraded%20plan%20immediately. ### commercial use — risk unknown > Our pricing and payment terms are available at github.com/pricing . If you agree to a subscription price, that will remain your price for the duration of the payment term; however, prices are subject to change at the end of a payment term. - Interpretation (disclaimed): Specifies the procedure and conditions under which subscription pricing is locked for a payment term and subject to change at term end, governing the commercial relationship between the user and GitHub. - Tier: All - Location: § 1 (Pricing) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Our%20pricing%20and,of%20a%20payment%20term. ### commercial use — risk unknown > Short version: You need to follow certain specific terms and conditions for GitHub's various features and products, and you agree to the Supplemental Terms and Conditions when you agree to this Agreement. - Interpretation (disclaimed): Incorporates the GitHub Additional Product Terms as binding supplemental conditions upon agreement to the main Agreement, obligating users to comply with feature- or product-specific terms. - Tier: All - Location: Article I (GitHub Additional Product Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20You,to%20this%20Agreement.%20 ### commercial use — risk unknown > Invoicing For invoiced Users, User agrees to pay the fees in full, up front without deduction or setoff of any kind, in U.S. Dollars. User must pay the fees within thirty (30) days of the GitHub invoice date. Amounts payable under this Agreement are non-refundable, except as otherwise provided in this Agreement. If User fails to pay any fees on time, GitHub reserves the right, in addition to taking any other action at law or equity, to (i) charge interest on past due amounts at 1.0% per month or the highest interest rate allowed by law, whichever is less, and to charge all expenses of recovery, and (ii) terminate the applicable order form. User is solely responsible for all taxes, fees, duties and governmental assessments (except for taxes based on GitHub's net income) that are imposed or become due in connection with this Agreement. - Interpretation (disclaimed): Imposes obligations on invoiced users to pay fees in full within 30 days without deduction, establishes non-refundability, and grants GitHub the right to charge interest on past-due amounts and recover costs, including potential suspension for non-payment. - Tier: All - Location: § 3 (Billing Schedule; No Refunds) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Invoicing%20For%20invoiced,connection%20with%20this%20Agreement. ### commercial use — risk unknown > Payment Based on Plan For monthly or yearly payment plans, the Service is billed in advance on a monthly or yearly basis respectively and is non-refundable. There will be no refunds or credits for partial months of service, downgrade refunds, or refunds for months unused with an open Account; however, the service will remain active for the length of the paid billing period. In order to treat everyone equally, no exceptions will be made. - Interpretation (disclaimed): Establishes that subscription payments are non-refundable, with no credits or refunds for partial months, downgrade refunds, or unused months, and states no exceptions will be made, restricting users' ability to obtain refunds. - Tier: All - Location: § 3 (Billing Schedule; No Refunds) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Payment%20Based%20on,exceptions%20will%20be%20made. ### commercial use — risk unknown > Keep working with paid usage. Set a dollar budget for additional usage and Copilot continues without interruption. Credits draw down at $0.01 each, so a $10 budget covers 1,000 credits. - Interpretation (disclaimed): Grants users the option to switch to a less expensive model to reduce credit consumption and extend their remaining allowance, providing a permissible cost-reduction strategy within the metered usage framework. - Tier: All - Location: “What happens when I hit my usage limit?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Keep%20working%20with,covers%201%2C000%20credits.%20 ### commercial use — risk unknown > No. This capability is off by default and gives the enterprise admin control to enable or disable. An admin must explicitly enable two separate policies to activate: - Interpretation (disclaimed): Requires that the 'GitHub AI Credits paid usage' policy be enabled before enterprises can be charged for GitHub AI Credits exceeding their included allowance, establishing a prerequisite obligation for incurring additional costs. - Tier: All - Location: “Is Copilot code review usage from users without a Copilot license enabled by default? How do I control the cost?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20No.%20This%20capability,policies%20to%20activate%3A%20 ### commercial use — risk ambiguous > GitHub Copilot users should align their use of Copilot with their respective risk tolerances. As noted above, GitHub Copilot is not intended to replace developers, or their individual skill and judgment, and is not intended to fully automate the process of code development. The same risks that apply to the use of any third-party code apply to the use of Copilot’s suggestions. Depending on your particular use case, you should consider implementing the protections discussed above. It is your responsibility to assess what is appropriate for the situation and implement appropriate safeguards. - Interpretation (disclaimed): While GitHub does not expressly restrict commercial use of suggestions, the document shifts risk-assessment and safeguard obligations entirely onto users. This creates ambiguity about GitHub's liability posture when suggestions are used in commercial products, particularly since the indemnity clause is conditioned on specific behaviors. - Tier: All - Location: “Can GitHub Copilot users simply use suggestions without concern?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=GitHub%20Copilot%20users%20should,and%20implement%20appropriate%20safeguards. ### privacy data use — risk high > GitHub and third parties use social media cookies to show you ads and content based on your social media profiles and activity on GitHub’s websites. This ensures that the ads and content you see on our websites and on social media will better reflect your interests. This also enables third parties to develop and improve their products, which they may use on websites that are not owned or operated by GitHub. - Interpretation (disclaimed): Permitting third parties to leverage GitHub user behavioral data for their own product development on third-party websites significantly expands the scope of data use beyond what users would reasonably expect, potentially violating purpose limitation principles under GDPR Art. 5(1)(b). - Tier: All - Location: Privacy Policy › “Purpose Description” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=GitHub%20and%20third%20parties,or%20operated%20by%20GitHub. ### privacy data use — risk medium > Personalization: We use Personal Data to customize the Service to your preferences, to evaluate the effectiveness of enterprise business ads and promotional communications, and to ensure a seamless and consistent user experience. - Interpretation (disclaimed): Using Personal Data to evaluate advertising effectiveness goes beyond core service delivery and may implicate additional data processing activities including profiling. - Tier: All - Location: Privacy Policy › “Processing Purposes: How We Use Your Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=Personalization%3A%20We%20use%20Personal,and%20consistent%20user%20experience. ### privacy data use — risk medium > Inference: We generate new information from other data we collect to derive likely preferences or other characteristics. For instance, we infer your general geographic location based on your IP address. - Interpretation (disclaimed): Derived/inferred data can constitute Personal Data under GDPR and similar frameworks. The broad framing ('likely preferences or other characteristics') allows significant profiling beyond the illustrative geographic example. - Tier: All - Location: Privacy Policy › “Processing Purposes: How We Use Your Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=Inference%3A%20We%20generate%20new,on%20your%20IP%20address. ### privacy data use — risk medium > We use cookies and similar technologies, such as web beacons, local storage, and mobile analytics, to operate and provide our Services. When visiting Enterprise Marketing Pages, like resources.github.com, these and additional cookies, like advertising IDs, may be used for sales and marketing purposes. - Interpretation (disclaimed): The use of advertising IDs for sales and marketing purposes on enterprise marketing pages goes beyond core service delivery and raises questions about data minimization obligations under GDPR and similar frameworks. - Tier: Enterprise - Location: Privacy Policy › “What are cookies and similar technologies?” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=We%20use%20cookies%20and,sales%20and%20marketing%20purposes. ### privacy data use — risk medium > We collect this information for various purposes. This includes identifying accessibility gaps and offering targeted support, fostering diversity and representation, providing services, troubleshooting, conducting business operations such as billing and security, improving products and supporting research, communicating important information, ensuring personalized experiences, and promoting safety and security. - Interpretation (disclaimed): Enumeration of purposes including 'improving products' and 'supporting research' as standalone categories creates broad scope for secondary processing. Under GDPR, each purpose must have a lawful basis; under CCPA, secondary purposes must be reasonably expected by users. - Tier: All - Location: Privacy Policy › “Notice of Collection of Personal Information” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=We%20collect%20this%20information,promoting%20safety%20and%20security. ### privacy data use — risk medium > GitHub Copilot processes personal data based on how Copilot is accessed and used: whether via GitHub.com, mobile app, extensions, or one of various IDE extensions, or through features like suggestions for the command line interface (CLI), IDE code completions, or personalized chat on GitHub.com. The types of personal data processed may include: User Engagement Data: This includes pseudonymous identifiers captured on user interactions with Copilot, such as accepted or dismissed completions, error messages, system logs, and product usage metrics.  Prompts: These are inputs for chat or code, along with context, sent to Copilot's AI to generate suggestions.  Suggestions: These are the AI-generated code lines or chat responses provided to users based on their prompts.  Feedback Data: This comprises real-time user feedback, including reactions (e.g., thumbs up/down) and optional comments, along with feedback from support tickets. - Interpretation (disclaimed): The enumerated personal data categories include prompts (user inputs) and suggestions (outputs), both of which may contain sensitive or proprietary information. Collection of pseudonymous identifiers and system logs is standard, but the breadth of data types creates privacy and confidentiality exposure, particularly where users submit proprietary code. - Tier: All - Location: “What personal data does GitHub Copilot process?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=GitHub%20Copilot%20processes%20personal,from%20support%20tickets.%20 ### privacy data use — risk medium > GitHub generally uses personal data to: Deliver, maintain, and update the services as per the customer's configuration and usage, to ensure personalized experiences and recommendations Troubleshoot, which involves preventing, detecting, resolving, and mitigating issues, including security incidents and product-related problems, by fixing software bugs and maintaining the online services' functionality and up-to-dateness Enhance user productivity, reliability, effectiveness, quality, privacy, accessibility, and security by keeping the service current and operational - Interpretation (disclaimed): The enumerated purposes are broadly worded, particularly 'personalized experiences and recommendations' and 'enhance user productivity,' which could justify wide data processing activities beyond strict service delivery. - Tier: All - Location: “How does GitHub use the Copilot data from Business and Enterprise Subscribers?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=GitHub%20generally%20uses%20personal,service%20current%20and%20operational ### privacy data use — risk medium > To generate a suggestion for chat on GitHub.com, such as providing an answer to a question from your chat prompt, GitHub Copilot creates a contextual prompt by combining your prompt with additional context including previous prompts, the open pages on GitHub.com as well as retrieved context from your codebase or Bing search. That information is sent to GitHub Copilot’s model, to make a probabilistic determination of what is likely to come next and generate suggestions. - Interpretation (disclaimed): The clause describes broad collection and transmission of user data including prompts, prior prompts, codebase content, and browsing context on GitHub.com. This creates privacy and confidentiality risks for users working with sensitive or proprietary code, as all of this context is sent to GitHub's (and potentially third-party) AI model infrastructure. - Tier: All - Location: “Does GitHub Copilot “copy/paste”?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=To%20generate%20a%20suggestion,next%20and%20generate%20suggestions. ### privacy data use — risk medium > GitHub also uses certain personal data with customer authorization under the DPA, for the following purposes: Billing and account management To comply with and resolve legal obligations For abuse detection, prevention, and protection, virus scanning, and scanning to detect violations of terms of service To generate summary reports for calculating employee commissions and partner incentives To produce aggregated reports for internal use and strategic planning, covering areas like forecasting, revenue analysis, capacity planning, and product strategy. - Interpretation (disclaimed): Use of customer data (even aggregated) for GitHub's own internal strategic and business planning purposes may conflict with enterprise data minimization expectations. Requires DPA authorization. - Tier: Enterprise - Location: “How does GitHub use the Copilot data from Business and Enterprise Subscribers?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=GitHub%20also%20uses%20certain,planning%2C%20and%20product%20strategy. ### privacy data use — risk medium > User Content and Files: When you use our Services, we collect Personal Data included as part of the information you provide such as code, inputs, AI outputs, text, documents, images, or feedback. - Interpretation (disclaimed): By categorizing 'inputs' and 'AI outputs' as collected Personal Data, GitHub reserves the right to process this content for all stated purposes including product improvement, personalization, and sharing with affiliates. - Tier: All - Location: Privacy Policy › “From You” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=User%20Content%20and%20Files%3A,documents%2C%20images%2C%20or%20feedback. ### privacy data use — risk medium > Vendors, Partners, and Affiliates: We may receive information about you from third parties, like vendors, resellers, partners, or affiliates for the purposes outlined in this statement. - Interpretation (disclaimed): Inbound data flows from third parties can significantly expand GitHub's personal data profile of users without direct user knowledge or consent, raising transparency concerns under GDPR and similar frameworks. - Tier: All - Location: Privacy Policy › “From Third Parties” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=Vendors%2C%20Partners%2C%20and%20Affiliates%3A,outlined%20in%20this%20statement. ### privacy data use — risk medium > Non-essential Cookies: Depending on your jurisdiction, we may use online analytics products that use cookies to help us analyze how de-identified users use our Services and to enhance your experience when you use the Services. We may also employ third-party Cookies to gather data for interest-based advertising. In some jurisdictions, we only use non-essential cookies after obtaining your consent. See this section for more details and control options. - Interpretation (disclaimed): Interest-based advertising cookies involve third-party data sharing and profiling. The jurisdiction-dependent consent model means GDPR/ePrivacy protections apply in the EU but users elsewhere may have weaker protections. - Tier: All - Location: Privacy Policy › “Automatically” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=Non-essential%20Cookies%3A%20Depending%20on,details%20and%20control%20options. ### privacy data use — risk medium > We may collect various categories of personal information about our website visitors and users of "Services" which includes GitHub applications, software, products, or services. That information includes identifiers/contact information, demographic information, payment information, commercial information, internet or electronic network activity information, geolocation data, audio, electronic, visual, or similar information, and inferences drawn from such information. - Interpretation (disclaimed): Collection of audio, visual, geolocation, and inferred data is extensive and triggers heightened obligations under CCPA (sensitive personal information category), GDPR, and various US state biometric/privacy laws depending on context. - Tier: All - Location: Privacy Policy › “Notice of Collection of Personal Information” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=We%20may%20collect%20various,drawn%20from%20such%20information. ### privacy data use — risk medium > Depending on your account settings, we may share Personal Data with other users of the Services and the public. You control what information is made public. To adjust your settings, visit User Settings in your profile. Please be aware that any information you share in a collaborative context may become publicly accessible. - Interpretation (disclaimed): GitHub reserves the right to share personal data with other users and the public depending on account settings, placing the burden on users to proactively restrict sharing. - Tier: All - Location: Privacy Policy › “Sharing of Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=Depending%20on%20your%20account,may%20become%20publicly%20accessible. ### privacy data use — risk medium > For Enterprise Marketing Pages, we may also use non-essential cookies to (i) gather information about enterprise users’ interests and online activities to personalize their experiences, including by making the ads, content, recommendations, and marketing seen or received more relevant and (ii) serve and measure the effectiveness of targeted advertising and other marketing efforts. - Interpretation (disclaimed): Non-essential cookies used for targeted advertising and behavioral profiling on enterprise marketing pages go beyond core service delivery. Under GDPR, this would typically require explicit consent, and the disclosure here may not satisfy that requirement. - Tier: Enterprise - Location: Privacy Policy › “Cookies and tracking technologies” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=For%20Enterprise%20Marketing%20Pages%2C,and%20other%20marketing%20efforts. ### privacy data use — risk medium > In addition, GitHub and third parties use advertising cookies to show you new ads based on ads you've already seen. Cookies also track which ads you click or purchases you make after clicking an ad. This is done both for payment purposes and to show you ads that are more relevant to you. For example, cookies are used to detect when you click an ad and to show you ads based on your social media interests and website browsing history. - Interpretation (disclaimed): Tracking ad clicks and purchases creates a behavioral and commercial profile of users. Under GDPR this requires valid consent; under CCPA this may constitute 'sharing' for cross-context behavioral advertising purposes. - Tier: All - Location: Privacy Policy › “Purpose Description” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=In%20addition%2C%20GitHub%20and,and%20website%20browsing%20history. ### privacy data use — risk medium > Legitimate Interests: We process data for purposes that are in our legitimate interests, such as securing our Services, communicating with you, and developing and improving our Services, which include artificial intelligence and machine learning technologies. This is done only when these interests are not overridden by your data protection rights or your fundamental rights and freedoms. - Interpretation (disclaimed): Relying on 'legitimate interests' for AI/ML development is a broad legal basis that does not require user consent. Users may not be aware their data contributes to model improvement, and the balancing test outcome is determined unilaterally by GitHub. - Tier: All - Location: Privacy Policy › “Lawful Bases for Processing Personal Data (Applicable to EEA and UK End Users)” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=Legitimate%20Interests%3A%20We%20process,fundamental%20rights%20and%20freedoms. ### privacy data use — risk medium > Safety and Security: To promote safety, integrity, and security across our Services, we process Personal Data, using both automated and, at times, manual techniques for abuse detection, prevention, and violations of terms of service. - Interpretation (disclaimed): The explicit mention of 'manual techniques' for ToS violation detection means GitHub staff may review user content. This is relevant to confidentiality expectations around code, prompts, and AI outputs. - Tier: All - Location: Privacy Policy › “Processing Purposes: How We Use Your Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=Safety%20and%20Security%3A%20To,of%20terms%20of%20service. ### privacy data use — risk low > GitHub uses cookies to provide, secure and improve our Service or to develop new features and functionality of our Service. For example, we use them to (i) keep you logged in, (ii) remember your preferences, (iii) identify your device for security and fraud purposes, including as needed to maintain the integrity of our Service, (iv) compile statistical reports, and (v) provide information and insight for future development of GitHub. - Interpretation (disclaimed): GitHub uses cookies beyond strictly necessary functionality, including for statistical analysis and development insights. While disclosed, users may not appreciate the extent of behavioral tracking involved. - Tier: All - Location: Privacy Policy › “Cookies and tracking technologies” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=GitHub%20uses%20cookies%20to,future%20development%20of%20GitHub. ### privacy data use — risk low > Our emails to users may contain a pixel tag, which is a small, clear image that can tell us whether or not you have opened an email and what your IP address is. We use this pixel tag to make our email communications more effective and to make sure we are not sending you unwanted email. - Interpretation (disclaimed): Email pixel tracking collects behavioral data (open rates) and IP addresses passively. While disclosed, no opt-out is mentioned here, which may raise concerns under privacy regulations requiring transparency and control over such tracking. - Tier: All - Location: Privacy Policy › “Cookies and tracking technologies” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=Our%20emails%20to%20users,sending%20you%20unwanted%20email. ### privacy data use — risk unknown > E. Private Repositories This section talks about how GitHub will treat content you post in private repositories. - Interpretation (disclaimed): Summary entry for Section E describes how GitHub treats content in private repositories; cross-reference incorporating privacy and data-handling obligations for private repository content. - Tier: All - Location: Article D - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20E.%20Private%20Repositories,in%20private%20repositories.%20 ### privacy data use — risk unknown > E. Private Repositories This section talks about how GitHub will treat content you post in private repositories. - Interpretation (disclaimed): Summary entry describing the Private Repositories section; incorporates by reference how GitHub treats content posted in private repositories, implicating privacy and confidentiality obligations. - Tier: All - Location: Article D - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20E.%20Private%20Repositories,in%20private%20repositories.%20 ### privacy data use — risk unknown > You may not use the API to download data or Content from GitHub for spamming purposes, including for the purposes of selling GitHub users' personal information, such as to recruiters, headhunters, and job boards. - Interpretation (disclaimed): Restricts use of the API to download GitHub data or Content for spamming purposes, explicitly prohibiting sale of GitHub users' personal information to recruiters, headhunters, or job boards. - Tier: All - Location: § H (API Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20may%20not,headhunters%2C%20and%20job%20boards. ### privacy data use — risk unknown > On GitHub Copilot Business and GitHub Copilot Enterprise, admins set usage limits and decide whether additional paid usage is allowed. If it isn't, Copilot pauses until the next cycle. You can track your usage and reset date in your Copilot settings, with alerts at 75%, 90%, and 100% of any configured budget. - Interpretation (disclaimed): Section header introducing the privacy topic for GitHub Copilot data processing, framing the definitions and disclosures about personal data that follow. - Tier: All - Location: “What happens when I hit my usage limit?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20On%20GitHub%20Copilot,any%20configured%20budget.%20 ### privacy data use — risk unknown > Suggestions: These are the AI-generated code lines or chat responses provided to users based on their prompts. - Interpretation (disclaimed): Defines Feedback Data as real-time user reactions, optional comments, and support ticket feedback, completing the enumeration of personal data categories processed by Copilot and relevant to privacy data-use analysis. - Tier: All - Location: “What personal data does GitHub Copilot process?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Suggestions%3A%20These%20are,on%20their%20prompts.%20 ### privacy data use — risk unknown > No. GitHub does not use either Copilot Business or Enterprise data to train its models. - Interpretation (disclaimed): Section header introducing how GitHub uses Copilot data from Business and Enterprise subscribers, framing the permitted uses and purposes described in the following segments. - Tier: All - Location: “Does GitHub use Copilot Business or Enterprise data to train GitHub’s model?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20No.%20GitHub%20does,train%20its%20models.%20 ### privacy data use — risk unknown > Troubleshoot, which involves preventing, detecting, resolving, and mitigating issues, including security incidents and product-related problems, by fixing software bugs and maintaining the online services' functionality and up-to-dateness - Interpretation (disclaimed): Permits GitHub to use personal data to enhance user productivity, reliability, effectiveness, quality, privacy, accessibility, and security by keeping the service current and operational, establishing a third permitted purpose for processing subscriber data. - Tier: All - Location: “How does GitHub use the Copilot data from Business and Enterprise Subscribers?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Troubleshoot%2C%20which%20involves,functionality%20and%20up-to-dateness%20 ### privacy data use — risk unknown > To generate summary reports for calculating employee commissions and partner incentives - Interpretation (disclaimed): This segment identifies generation of summary reports for calculating employee commissions and partner incentives as a permitted internal use of personal data under the DPA authorization. - Tier: All - Location: “To comply with and resolve legal obligations” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20To%20generate%20summary,and%20partner%20incentives%20 ### privacy data use — risk unknown > To produce aggregated reports for internal use and strategic planning, covering areas like forecasting, revenue analysis, capacity planning, and product strategy. - Interpretation (disclaimed): This segment permits GitHub to use personal data to produce aggregated internal reports for forecasting, revenue analysis, capacity planning, and product strategy, establishing an authorized internal analytics purpose under the DPA. - Tier: All - Location: “To comply with and resolve legal obligations” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20To%20produce%20aggregated,planning%2C%20and%20product%20strategy. ### privacy data use — risk unknown > While we've designed GitHub Copilot with privacy in mind, the expansive definition of personal data under legislation like the EU’s General Data Protection Regulation (GDPR) means we can't guarantee it will never output such data. The Large Language Model (LLM) powering GitHub Copilot was trained on public code and there were instances in our tests where the tool made suggestions resembling personal data. These suggestions were typically synthesized and not tied to real individuals. - Interpretation (disclaimed): This segment disclaims any guarantee that Copilot outputs will never contain personal data, noting that the LLM was trained on public code and may produce suggestions resembling personal data, thereby limiting GitHub's liability and responsibility for inadvertent personal data outputs. - Tier: All - Location: “Does GitHub Copilot ever output personal data?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20While%20we%26%23x27%3Bve%20designed,to%20real%20individuals.%20 ### privacy data use — risk unknown > Suggestions: These are the AI-generated code lines or chat responses provided to users based on their prompts. - Interpretation (disclaimed): Defines 'Suggestions' as a category of personal data — AI-generated code or chat responses provided to users — establishing this as a data type subject to processing disclosures. - Tier: All - Location: “What personal data does GitHub Copilot process?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Suggestions%3A%20These%20are,on%20their%20prompts.%20 ### privacy data use — risk unknown > Feedback Data: This comprises real-time user feedback, including reactions (e.g., thumbs up/down) and optional comments, along with feedback from support tickets. - Interpretation (disclaimed): Defines 'Feedback Data' as a category of personal data comprising real-time user reactions and support ticket feedback, establishing its scope within Copilot data processing. - Tier: All - Location: “What personal data does GitHub Copilot process?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Feedback%20Data%3A%20This,feedback%20from%20support%20tickets. ### privacy data use — risk unknown > Enhance user productivity, reliability, effectiveness, quality, privacy, accessibility, and security by keeping the service current and operational - Interpretation (disclaimed): Permits GitHub to use personal data to enhance user productivity, reliability, quality, privacy, accessibility, and security, establishing these as authorized data processing purposes. - Tier: All - Location: “How does GitHub use the Copilot data from Business and Enterprise Subscribers?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Enhance%20user%20productivity%2C,current%20and%20operational%20 ### privacy data use — risk unknown > To generate summary reports for calculating employee commissions and partner incentives - Interpretation (disclaimed): Authorizes GitHub to use personal data to generate summary reports for calculating employee commissions and partner incentives, establishing this as a permitted internal processing purpose under the DPA. - Tier: All - Location: “To comply with and resolve legal obligations” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20To%20generate%20summary,and%20partner%20incentives%20 ### privacy data use — risk unknown > To produce aggregated reports for internal use and strategic planning, covering areas like forecasting, revenue analysis, capacity planning, and product strategy. - Interpretation (disclaimed): Authorizes GitHub to produce aggregated internal reports for forecasting, revenue analysis, capacity planning, and product strategy, establishing these as permitted data processing purposes under the DPA. - Tier: All - Location: “To comply with and resolve legal obligations” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20To%20produce%20aggregated,planning%2C%20and%20product%20strategy. ### privacy data use — risk unknown > While we've designed GitHub Copilot with privacy in mind, the expansive definition of personal data under legislation like the EU’s General Data Protection Regulation (GDPR) means we can't guarantee it will never output such data. The Large Language Model (LLM) powering GitHub Copilot was trained on public code and there were instances in our tests where the tool made suggestions resembling personal data. These suggestions were typically synthesized and not tied to real individuals. - Interpretation (disclaimed): This segment disclaims any guarantee that Copilot will never output personal data, explaining that the broad GDPR definition of personal data and the LLM's training on public code mean suggestions may occasionally resemble personal data, though typically synthesized rather than tied to real individuals. - Tier: All - Location: “Does GitHub Copilot ever output personal data?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20While%20we%26%23x27%3Bve%20designed,to%20real%20individuals.%20 ### privacy data use — risk unknown > Welcome to the GitHub Privacy Statement. This is where we describe how we handle your “Personal Data”, which is information that is directly linked or can be linked to you. It applies to the Personal Data that GitHub, Inc. or GitHub B.V., processes as the “Data Controller” when you interact with websites, applications, and services that display this Statement (collectively, “Services”). This Statement does not apply to services or products that do not display this Statement, such as Previews, where relevant. - Interpretation (disclaimed): This segment defines key terms including 'Personal Data,' 'Data Controller,' and 'Services,' and delineates the scope of the privacy statement by identifying which entities (GitHub, Inc. and GitHub B.V.) process data and under what circumstances the statement applies or does not apply (e.g., excluding Previews). - Tier: All - Location: Privacy Policy › “Effective date: April 27, 2026” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Welcome%20to%20the,as%20Previews%2C%20where%20relevant. ### privacy data use — risk unknown > Access and utilize your Personal Data, which includes details on how you use the Services, as well as your content and files. - Interpretation (disclaimed): This segment grants the organization-as-Data-Controller the permission to access and utilize the user's Personal Data, including service usage details and content/files, flowing from their controller role. - Tier: All - Location: Privacy Policy › “End User Notice: Organization-Provided GitHub Accounts” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Access%20and%20utilize,your%20content%20and%20files. ### privacy data use — risk unknown > Account Data: We collect certain information when you open an account such as your GitHub handle, name, email address, password, payment information and transaction information. - Interpretation (disclaimed): This segment defines 'User Content and Files' as a category of Personal Data that includes code, AI inputs and outputs, text, documents, images, and feedback submitted through the Services, which is directly relevant to training use and output ownership considerations. - Tier: All - Location: Privacy Policy › “From You” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Account%20Data%3A%20We,information%20and%20transaction%20information. ### privacy data use — risk unknown > User Content and Files: When you use our Services, we collect Personal Data included as part of the information you provide such as code, inputs, AI outputs, text, documents, images, or feedback. - Interpretation (disclaimed): This segment defines demographic information (ethnicity, gender, similar details) as a category of Personal Data that users may voluntarily provide, establishing the scope of sensitive data GitHub may process. - Tier: All - Location: Privacy Policy › “From You” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20User%20Content%20and,documents%2C%20images%2C%20or%20feedback. ### privacy data use — risk unknown > Payment Information: For paid subscriptions, we collect details like name, billing address, and payment specifics. - Interpretation (disclaimed): This segment defines 'Profile Information' as a category of Personal Data collected to create a user profile, enumerating possible elements such as photo, email addresses, job title, and biography. - Tier: All - Location: Privacy Policy › “From You” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Payment%20Information%3A%20For,address%2C%20and%20payment%20specifics. ### privacy data use — risk unknown > Profile Information: We collect information to create a user profile, which may include a photo, additional email addresses, job title, or biography. - Interpretation (disclaimed): This segment defines 'Sales and Marketing Data' as a category of Personal Data including name, email, and company name collected for promotional communications, establishing the scope of data used for commercial marketing purposes. - Tier: All - Location: Privacy Policy › “From You” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Profile%20Information%3A%20We,job%20title%2C%20or%20biography. ### privacy data use — risk unknown > Sales and Marketing Data: This includes information provided for promotional communications, such as name, email address, and company name. - Interpretation (disclaimed): This segment defines 'Support Data' as a category of Personal Data including code, text, and multimedia files collected when users seek customer support, establishing the scope of data processed in that context. - Tier: All - Location: Privacy Policy › “From You” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Sales%20and%20Marketing,address%2C%20and%20company%20name. ### privacy data use — risk unknown > Essential Cookies and Similar Tracking Technologies: We use cookies and similar technologies to provide essential functionality like storing settings and recognizing you while using our Services. - Interpretation (disclaimed): This segment defines GitHub's use of non-essential cookies, including analytics and interest-based advertising cookies, conditioned on user consent in applicable jurisdictions, establishing the scope and conditions of this data collection practice. - Tier: All - Location: Privacy Policy › “Automatically” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Essential%20Cookies%20and,while%20using%20our%20Services. ### privacy data use — risk unknown > Non-essential Cookies: Depending on your jurisdiction, we may use online analytics products that use cookies to help us analyze how de-identified users use our Services and to enhance your experience when you use the Services. We may also employ third-party Cookies to gather data for interest-based advertising. In some jurisdictions, we only use non-essential cookies after obtaining your consent. See this section for more details and control options. - Interpretation (disclaimed): This segment defines 'Email Marketing Interactions' as a category of automatically collected data via web beacons embedded in emails, specifying what information is gathered (device type, email client, opens, link clicks). - Tier: All - Location: Privacy Policy › “Automatically” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Non-essential%20Cookies%3A%20Depending,details%20and%20control%20options. ### privacy data use — risk unknown > Email Marketing Interactions: Our emails may have web beacons that offer information on your device type, email client, email reception, opens, and link clicks. - Interpretation (disclaimed): This segment defines the collection of regional geolocation data as dependent on service functionality, establishing this as a category of automatically collected Personal Data. - Tier: All - Location: Privacy Policy › “Automatically” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Email%20Marketing%20Interactions%3A,opens%2C%20and%20link%20clicks. ### privacy data use — risk unknown > Service Usage Information: We collect data about your interactions with the Services, such as IP address, device information, session details, date and time of requests, device type and ID, operating system and application version, information related to your contributions to repositories, and performance of specific features or Services. - Interpretation (disclaimed): This segment defines 'Website Usage Data' as a category of automatically logged Personal Data including referring site, visit timestamps, pages viewed, and links clicked, establishing the scope of passive website interaction tracking. - Tier: All - Location: Privacy Policy › “Automatically” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Service%20Usage%20Information%3A,specific%20features%20or%20Services. ### privacy data use — risk unknown > Vendors, Partners, and Affiliates: We may receive information about you from third parties, like vendors, resellers, partners, or affiliates for the purposes outlined in this statement. - Interpretation (disclaimed): This segment is the section heading 'Processing Purposes: How We Use Your Personal Data,' introducing the disclosure of GitHub's legal bases and purposes for processing personal data, which is a foundational definitional and structural element of the privacy statement. - Tier: All - Location: Privacy Policy › “From Third Parties” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Vendors%2C%20Partners%2C%20and,outlined%20in%20this%20statement. ### privacy data use — risk unknown > The Personal Data we process depends on your interaction and access methods with our Services, including the interfaces (web, desktop, mobile apps), features used (pull requests, Codespaces, GitHub Copilot), and your preferred access tools (like your IDE). This section details all the potential ways GitHub may process your Personal Data: - Interpretation (disclaimed): This segment defines the scope of personal data processing by enumerating interaction methods, interfaces, features, and access tools that determine what personal data GitHub may process, establishing the definitional framework for subsequent processing disclosures. - Tier: All - Location: Privacy Policy › “Processing Purposes: How We Use Your Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20The%20Personal%20Data,process%20your%20Personal%20Data%3A ### privacy data use — risk unknown > Business Operations: We use Personal Data for activities like billing, accounting, and compensation. This includes creating aggregated statistical data for internal reporting, financial reporting, revenue planning, capacity planning, and forecast modeling (including product strategy). - Interpretation (disclaimed): This segment describes GitHub's use of personal data for business operations including billing, accounting, compensation, and internal reporting, establishing an operative permission and obligation for these specific processing activities. - Tier: All - Location: Privacy Policy › “Processing Purposes: How We Use Your Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Business%20Operations%3A%20We,modeling%20(including%20product%20strategy). ### privacy data use — risk unknown > Personalization: We use Personal Data to customize the Service to your preferences, to evaluate the effectiveness of enterprise business ads and promotional communications, and to ensure a seamless and consistent user experience. - Interpretation (disclaimed): This segment permits GitHub to use personal data for personalization of services, evaluation of advertising effectiveness, and ensuring a consistent user experience, defining the scope of that processing right. - Tier: All - Location: Privacy Policy › “Processing Purposes: How We Use Your Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Personalization%3A%20We%20use,and%20consistent%20user%20experience. ### privacy data use — risk unknown > Ongoing Service Performance: Personal Data helps us keep the Services up to date and performant, and meet user productivity, reliability, efficacy, quality, privacy, accessibility and security needs. - Interpretation (disclaimed): This segment permits GitHub to use personal data to maintain service performance, reliability, quality, privacy, and security, establishing ongoing performance optimization as a permissible data processing purpose. - Tier: All - Location: Privacy Policy › “Processing Purposes: How We Use Your Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Ongoing%20Service%20Performance%3A,accessibility%20and%20security%20needs. ### privacy data use — risk unknown > Complying with and resolving legal obligations: including responding to Data Subject Requests for Personal Data processed by GitHub as Controller (for example website data), tax requirements, agreements and disputes. - Interpretation (disclaimed): This segment establishes GitHub's obligation to process personal data to comply with and resolve legal obligations including responding to data subject requests, tax requirements, agreements, and disputes. - Tier: All - Location: Privacy Policy › “Processing Purposes: How We Use Your Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Complying%20with%20and,requirements%2C%20agreements%20and%20disputes. ### privacy data use — risk unknown > When carrying out these activities, GitHub practices data minimization and uses the minimum amount of Personal Information required. - Interpretation (disclaimed): This segment imposes an obligation on GitHub to practice data minimization and use the minimum amount of personal information required when carrying out the enumerated processing activities, creating a binding data minimization duty. - Tier: All - Location: Privacy Policy › “Processing Purposes: How We Use Your Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20When%20carrying%20out,of%20Personal%20Information%20required. ### privacy data use — risk unknown > Visual Studio Code (GitHub Codespaces): GitHub Codespaces and github.dev offer Visual Studio Code in a web browser, where some telemetry is collected by default. Details on telemetry collection are on the VS Code website . To opt out, go to File > Preferences > Settings in the top left menu of VS Code. Opting out will sync this preference across all future web sessions in GitHub Codespaces and github.dev. - Interpretation (disclaimed): This segment describes telemetry data collection by Visual Studio Code within GitHub Codespaces and github.dev by default, and provides a procedure for users to opt out of such telemetry collection via application settings, affecting how personal data is gathered in those environments. - Tier: All - Location: Privacy Policy › “Sharing of Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Visual%20Studio%20Code,GitHub%20Codespaces%20and%20github.dev. ### privacy data use — risk unknown > Contractual Necessity: Processing is required to fulfill our contractual duties to you, in accordance with the GitHub Terms of Service. - Interpretation (disclaimed): This segment defines contractual necessity as a lawful basis for processing personal data required to fulfill GitHub's obligations under the Terms of Service, establishing the legal foundation for contract-based processing. - Tier: All - Location: Privacy Policy › “Lawful Bases for Processing Personal Data (Applicable to EEA and UK End Users)” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Contractual%20Necessity%3A%20Processing,GitHub%20Terms%20of%20Service. ### privacy data use — risk unknown > Legitimate Interests: We process data for purposes that are in our legitimate interests, such as securing our Services, communicating with you, and developing and improving our Services, which include artificial intelligence and machine learning technologies. This is done only when these interests are not overridden by your data protection rights or your fundamental rights and freedoms. - Interpretation (disclaimed): This segment defines legitimate interests as a lawful basis for processing personal data for security, communication, and service improvement including AI/ML development, conditioned on those interests not being overridden by user data protection rights. - Tier: All - Location: Privacy Policy › “Lawful Bases for Processing Personal Data (Applicable to EEA and UK End Users)” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Legitimate%20Interests%3A%20We,fundamental%20rights%20and%20freedoms. ### privacy data use — risk unknown > Consent: We process data when you have explicitly consented to such processing. When we rely on consent as the legal basis, you have the right to withdraw your consent for data processing at any time. The procedures for withdrawal are detailed in this Statement and available on our website. - Interpretation (disclaimed): This segment defines consent as a lawful processing basis and establishes the user's right to withdraw consent at any time, with a reference to available withdrawal procedures, creating an operative individual right with procedural backing. - Tier: All - Location: Privacy Policy › “Lawful Bases for Processing Personal Data (Applicable to EEA and UK End Users)” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Consent%3A%20We%20process,available%20on%20our%20website. ### privacy data use — risk unknown > The right to object to the processing of your Personal Data, as allowed by applicable law - Interpretation (disclaimed): Grants data subjects the right to object to processing of their Personal Data where permitted by applicable law, creating an enforceable individual right against the platform. - Tier: All - Location: Privacy Policy › “The right to access the data collected about you” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20The%20right%20to,allowed%20by%20applicable%20law ### privacy data use — risk unknown > The right to withdraw consent, where processing is based on your consent - Interpretation (disclaimed): Grants data subjects the right to withdraw consent at any time where processing is consent-based, establishing a procedural right that limits the platform's ability to continue processing. - Tier: All - Location: Privacy Policy › “The right to access the data collected about you” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20The%20right%20to,based%20on%20your%20consent ### privacy data use — risk unknown > The right to receive your collected Personal Data in a structured, commonly used, and machine-readable format to facilitate its transfer to another company, where technically feasible - Interpretation (disclaimed): Grants data subjects the right to data portability — to receive their collected Personal Data in a structured, machine-readable format for transfer to another controller, subject to technical feasibility. - Tier: All - Location: Privacy Policy › “The right to access the data collected about you” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20The%20right%20to,company%2C%20where%20technically%20feasible ### privacy data use — risk unknown > GitHub uses administrative, technical, and physical security controls where appropriate to protect your Personal Data. - Interpretation (disclaimed): Commits GitHub to implementing administrative, technical, and physical security controls where appropriate to protect Personal Data, creating a baseline security obligation. - Tier: All - Location: Privacy Policy › “Security” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20GitHub%20uses%20administrative%2C,protect%20your%20Personal%20Data. ### privacy data use — risk unknown > Some users will also be able to manage non-essential cookies via a cookie consent banner, including the options to accept, manage, and reject all non-essential cookies. - Interpretation (disclaimed): This segment describes the procedure whereby some users can manage non-essential cookies through a consent banner with options to accept, manage, or reject all non-essential cookies. - Tier: All - Location: Privacy Policy › “Specifically on GitHub Enterprise Marketing Pages” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Some%20users%20will,reject%20all%20non-essential%20cookies. ### privacy data use — risk unknown > We use cookies and similar technologies, such as web beacons, local storage, and mobile analytics, to operate and provide our Services. When visiting Enterprise Marketing Pages, like resources.github.com, these and additional cookies, like advertising IDs, may be used for sales and marketing purposes. - Interpretation (disclaimed): This segment grants GitHub and partners permission to use cookies, web beacons, local storage, mobile analytics, and advertising IDs across its Services and Enterprise Marketing Pages for operational and marketing purposes. - Tier: All - Location: Privacy Policy › “What are cookies and similar technologies?” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20We%20use%20cookies,sales%20and%20marketing%20purposes. ### privacy data use — risk unknown > We may also use so-called “flash cookies” (also known as “Local Shared Objects” or “LSOs”) to collect and store information about your use of our Services. Flash cookies are commonly used for advertisements and videos. - Interpretation (disclaimed): This segment grants GitHub permission to use Flash cookies (Local Shared Objects) to collect and store information about users' use of GitHub Services, particularly for advertisements and videos. - Tier: All - Location: Privacy Policy › “What are cookies and similar technologies?” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20We%20may%20also,for%20advertisements%20and%20videos. ### privacy data use — risk unknown > You have several options to disable non-essential cookies: - Interpretation (disclaimed): This segment establishes users' right to disable non-essential cookies by presenting several available options, granting users control over non-essential cookie deployment. - Tier: All - Location: Privacy Policy › “What are your cookie choices and controls?” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20You%20have%20several,to%20disable%20non-essential%20cookies%3A ### privacy data use — risk unknown > If your browser sends a Do Not Track (DNT) signal, GitHub will not set non-essential cookies and will not load third party resources which set non-essential cookies. - Interpretation (disclaimed): This segment creates an obligation on GitHub to refrain from setting non-essential cookies and loading third-party non-essential cookie resources when a Do Not Track signal is detected from a user's browser. - Tier: All - Location: Privacy Policy › “Generally for all websites” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20If%20your%20browser,which%20set%20non-essential%20cookies. ### privacy data use — risk unknown > If you enable a browser extension designed to block tracking, such as Privacy Badger , non-essential cookies set by a website or third parties may be disabled. - Interpretation (disclaimed): This segment informs users of their right to use browser extensions such as Privacy Badger to disable non-essential cookies set by websites or third parties. - Tier: All - Location: Privacy Policy › “Generally for all websites” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20If%20you%20enable,parties%20may%20be%20disabled. ### privacy data use — risk unknown > You may use the Global Privacy Control (GPC) to communicate your privacy preferences. If GitHub detects the GPC signal from your device, GitHub will not share your data (we do not sell your data). To learn more, visit Global Privacy Control — Take Control Of Your Privacy - Interpretation (disclaimed): This segment creates an obligation on GitHub to refrain from sharing user data when a Global Privacy Control signal is detected, and clarifies that GitHub does not sell user data, combining a restriction with a user right to communicate privacy preferences. - Tier: All - Location: Privacy Policy › “Generally for all websites” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20You%20may%20use,Of%20Your%20Privacy%20 ### privacy data use — risk unknown > These choices are specific to the browser you are using. If you access our Services from other devices or browsers, take these actions from those systems to ensure your choices apply to the data collected when you use those systems. - Interpretation (disclaimed): This segment creates an obligation on users to apply cookie and advertising choices separately per browser and device, clarifying the scope and limitation of any opt-out exercise to specific systems used. - Tier: All - Location: Privacy Policy › “Europe: European Digital Advertising Alliance” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20These%20choices%20are,you%20use%20those%20systems. ### privacy data use — risk unknown > This section provides extra information specifically for residents of certain US states that have distinct data privacy laws and regulations. These laws may grant specific rights to residents of these states when the laws come into effect. This section uses the term “personal information” as an equivalent to the term “Personal Data.” - Interpretation (disclaimed): This segment defines the scope and purpose of the US State Specific Information section, specifying that it addresses state privacy laws, grants rights upon their effective dates, and equates 'personal information' with 'Personal Data' as used elsewhere in the document. - Tier: All - Location: Privacy Policy › “US State Specific Information” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20This%20section%20provides,the%20term%20%E2%80%9CPersonal%20Data.%E2%80%9D ### privacy data use — risk unknown > These rights are common to the US State privacy laws: - Interpretation (disclaimed): This segment introduces the list of rights common across US state privacy laws, framing the legal basis and commonality of the rights described in subsequent segments. - Tier: All - Location: Privacy Policy › “Privacy Rights” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20These%20rights%20are,US%20State%20privacy%20laws%3A ### privacy data use — risk unknown > We may collect various categories of personal information about our website visitors and users of "Services" which includes GitHub applications, software, products, or services. That information includes identifiers/contact information, demographic information, payment information, commercial information, internet or electronic network activity information, geolocation data, audio, electronic, visual, or similar information, and inferences drawn from such information. - Interpretation (disclaimed): Defines the categories of personal information collected from website visitors and users of Services, enumerating identifiers, demographic, payment, commercial, activity, geolocation, and inferred data. - Tier: All - Location: Privacy Policy › “Notice of Collection of Personal Information” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20We%20may%20collect,drawn%20from%20such%20information. ### privacy data use — risk unknown > We collect this information for various purposes. This includes identifying accessibility gaps and offering targeted support, fostering diversity and representation, providing services, troubleshooting, conducting business operations such as billing and security, improving products and supporting research, communicating important information, ensuring personalized experiences, and promoting safety and security. - Interpretation (disclaimed): Discloses and describes the business and commercial purposes for which personal information is collected, creating a notice obligation consistent with applicable privacy law requirements. - Tier: All - Location: Privacy Policy › “Notice of Collection of Personal Information” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20We%20collect%20this,promoting%20safety%20and%20security. ### privacy data use — risk unknown > We collected the following categories of personal information in the last 12 months: identifiers/contact information, demographic information (such as gender), payment card information associated with you, commercial information, Internet or other electronic network activity information, geolocation data, audio, electronic, visual or similar information, and inferences drawn from the above. - Interpretation (disclaimed): Discloses the categories of personal information collected in the last 12 months as required by California privacy law, including identifiers, demographic, payment, commercial, activity, geolocation, and inferred data. - Tier: All - Location: Privacy Policy › “Mandatory Disclosures” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20We%20collected%20the,drawn%20from%20the%20above. ### privacy data use — risk unknown > The business or commercial purposes of collecting personal information are as summarized above and in our Privacy Statement under Processing Purposes. - Interpretation (disclaimed): Incorporates by reference the business and commercial purposes of collecting personal information as summarized in the Privacy Statement's Processing Purposes section, satisfying California disclosure requirements. - Tier: All - Location: Privacy Policy › “Mandatory Disclosures” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20The%20business%20or,Statement%20under%20Processing%20Purposes. ### privacy data use — risk unknown > We value the trust you place in us and are committed to handling your personal information with care and respect. If you have any questions or concerns about our privacy practices, please email our Data Protection Officer at dpo[at]github[dot]com. - Interpretation (disclaimed): Identifies the Data Protection Officer contact and affirms the platform's commitment to handling personal information with care, providing a point of contact for privacy questions as required under applicable data protection frameworks. - Tier: All - Location: Privacy Policy › “Removal of Content” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20We%20value%20the,Protection%20Officer%20at%20dpo%5Bat%5Dgithub%5Bdot%5Dcom. ### privacy data use — risk unknown > If we deny your rights request, you have the right to appeal that decision. We will provide you with the necessary information to submit an appeal at that time. - Interpretation (disclaimed): Grants Colorado, Connecticut, and Virginia residents the right to appeal a denial of a privacy rights request, and obligates the platform to provide information necessary to submit such an appeal. - Tier: All - Location: Privacy Policy › “Colorado/Connecticut/Virginia” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20If%20we%20deny,appeal%20at%20that%20time. ### privacy data use — risk unknown > unauthorized access to or alterations of your transmissions or data; - Interpretation (disclaimed): Excludes liability for damages arising from unauthorized access to or alteration of user transmissions or data, limiting GitHub's responsibility for third-party security breaches affecting user data. - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20unauthorized%20access%20to,your%20transmissions%20or%20data%3B ### privacy data use — risk unknown > You may not use the API to download data or Content from GitHub for spamming purposes, including for the purposes of selling GitHub users' personal information, such as to recruiters, headhunters, and job boards. - Interpretation (disclaimed): Prohibits use of the GitHub API to download data or Content for spamming purposes, specifically including the sale of GitHub users' personal information to recruiters, headhunters, and job boards. - Tier: All - Location: § H (API Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20may%20not,headhunters%2C%20and%20job%20boards. ### privacy data use — risk unknown > To generate a suggestion for chat in the code editor, the GitHub Copilot extension creates a contextual prompt by combining your prompt with additional context including the code file open in your active document, your code selection, and general workspace information, such as frameworks, languages, and dependencies. That information is sent to GitHub Copilot’s model, to make a probabilistic determination of what is likely to come next and generate suggestions. - Interpretation (disclaimed): Describes the procedure for constructing chat prompts in the IDE by combining user input with contextual data (open file, code selection, workspace information) and transmitting it to the model, establishing how user data is processed for chat suggestions. - Tier: All - Location: “Does GitHub Copilot “copy/paste”?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20To%20generate%20a,next%20and%20generate%20suggestions. ### privacy data use — risk unknown > To generate a suggestion for chat in the code editor, the GitHub Copilot extension creates a contextual prompt by combining your prompt with additional context including the code file open in your active document, your code selection, and general workspace information, such as frameworks, languages, and dependencies. That information is sent to GitHub Copilot’s model, to make a probabilistic determination of what is likely to come next and generate suggestions. - Interpretation (disclaimed): Segment describes the procedure by which GitHub Copilot collects prompt data, open code files, code selections, and workspace information to construct a contextual prompt for chat in the IDE and transmits it to the model, establishing how user data is processed for chat features. - Tier: All - Location: “Does GitHub Copilot “copy/paste”?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20To%20generate%20a,next%20and%20generate%20suggestions. ### privacy data use — risk unknown > To generate a code suggestion, the GitHub Copilot extension begins by examining the code in your editor—focusing on the lines just before and after your cursor, but also information including other files open in your editor and the URLs of repositories or file paths to identify relevant context. That information is sent to GitHub Copilot’s model, to make a probabilistic determination of what is likely to come next and generate suggestions. - Interpretation (disclaimed): Segment describes the technical procedure by which GitHub Copilot collects and processes user code and contextual information (files open in editor, repository URLs, file paths) and transmits that data to the model to generate suggestions, establishing how user data is used in the product pipeline. - Tier: All - Location: “Does GitHub Copilot “copy/paste”?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20To%20generate%20a,next%20and%20generate%20suggestions. ### privacy data use — risk unknown > How GitHub uses Copilot data depends on how the user accesses Copilot and for what purpose. Users can access GitHub Copilot through the web, extensions, mobile apps, computer terminal, and various IDEs (Integrated Development Environments). GitHub generally uses personal data to: Deliver, maintain, and update the services as per the customer's configuration and usage, to ensure personalized experiences and recommendations - Interpretation (disclaimed): Permits GitHub to use personal data for troubleshooting purposes including preventing, detecting, resolving, and mitigating security incidents and product issues, fixing bugs, and maintaining service functionality, establishing a permitted secondary purpose for data processing. - Tier: All - Location: “How does GitHub use the Copilot data from Business and Enterprise Subscribers?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20How%20GitHub%20uses,experiences%20and%20recommendations%20 ### privacy data use — risk unknown > To generate a suggestion for chat on GitHub.com, such as providing an answer to a question from your chat prompt, GitHub Copilot creates a contextual prompt by combining your prompt with additional context including previous prompts, the open pages on GitHub.com as well as retrieved context from your codebase or Bing search. That information is sent to GitHub Copilot’s model, to make a probabilistic determination of what is likely to come next and generate suggestions. - Interpretation (disclaimed): Describes the procedure for generating GitHub.com chat suggestions by combining user prompts with prior prompts, open pages, codebase context, and Bing search results, establishing the data inputs and transmission process relevant to privacy and subprocessor considerations. - Tier: All - Location: “Does GitHub Copilot “copy/paste”?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20To%20generate%20a,and%20generate%20suggestions.%20 ### privacy data use — risk unknown > GitHub Copilot processes personal data based on how Copilot is accessed and used: whether via GitHub.com, mobile app, extensions, or one of various IDE extensions, or through features like suggestions for the command line interface (CLI), IDE code completions, or personalized chat on GitHub.com. The types of personal data processed may include: User Engagement Data: This includes pseudonymous identifiers captured on user interactions with Copilot, such as accepted or dismissed completions, error messages, system logs, and product usage metrics. - Interpretation (disclaimed): Defines the categories of personal data processed by GitHub Copilot — including User Engagement Data with pseudonymous identifiers — across various access modes, establishing what constitutes personal data in the context of the service. - Tier: All - Location: “What personal data does GitHub Copilot process?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20processes,product%20usage%20metrics.%20 ### privacy data use — risk unknown > How GitHub uses Copilot data depends on how the user accesses Copilot and for what purpose. Users can access GitHub Copilot through the web, extensions, mobile apps, computer terminal, and various IDEs (Integrated Development Environments). GitHub generally uses personal data to: Deliver, maintain, and update the services as per the customer's configuration and usage, to ensure personalized experiences and recommendations - Interpretation (disclaimed): Enumerates the general purposes for which GitHub uses personal data from Business and Enterprise subscribers — delivering, maintaining, and updating services per customer configuration — establishing the legal basis and scope of permitted data use. - Tier: All - Location: “How does GitHub use the Copilot data from Business and Enterprise Subscribers?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20How%20GitHub%20uses,experiences%20and%20recommendations%20 ### privacy data use — risk unknown > To generate a suggestion for chat on GitHub.com, such as providing an answer to a question from your chat prompt, GitHub Copilot creates a contextual prompt by combining your prompt with additional context including previous prompts, the open pages on GitHub.com as well as retrieved context from your codebase or Bing search. That information is sent to GitHub Copilot’s model, to make a probabilistic determination of what is likely to come next and generate suggestions. - Interpretation (disclaimed): Segment describes the procedure by which GitHub Copilot on GitHub.com collects prompt data, previous prompts, open page context, codebase context, and Bing search results to generate chat suggestions, establishing how user data and third-party data are combined and processed. - Tier: All - Location: “Does GitHub Copilot “copy/paste”?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20To%20generate%20a,and%20generate%20suggestions.%20 ### privacy data use — risk unknown > GitHub Copilot processes personal data based on how Copilot is accessed and used: whether via GitHub.com, mobile app, extensions, or one of various IDE extensions, or through features like suggestions for the command line interface (CLI), IDE code completions, or personalized chat on GitHub.com. The types of personal data processed may include: User Engagement Data: This includes pseudonymous identifiers captured on user interactions with Copilot, such as accepted or dismissed completions, error messages, system logs, and product usage metrics. - Interpretation (disclaimed): Defines prompts as inputs for chat or code along with context sent to Copilot's AI to generate suggestions, establishing the scope of what constitutes prompt data for privacy and data-use purposes. - Tier: All - Location: “What personal data does GitHub Copilot process?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20processes,product%20usage%20metrics.%20 ### privacy data use — risk unknown > To generate a code suggestion, the GitHub Copilot extension begins by examining the code in your editor—focusing on the lines just before and after your cursor, but also information including other files open in your editor and the URLs of repositories or file paths to identify relevant context. That information is sent to GitHub Copilot’s model, to make a probabilistic determination of what is likely to come next and generate suggestions. - Interpretation (disclaimed): Describes the technical procedure by which user code context (editor content, open files, repository URLs) is collected and transmitted to GitHub Copilot's model to generate inline suggestions, establishing the data flow relevant to privacy and data-use obligations. - Tier: All - Location: “Does GitHub Copilot “copy/paste”?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20To%20generate%20a,next%20and%20generate%20suggestions. ### privacy data use — risk unknown > These actions are available to Copilot users as described in the GitHub Privacy Statement . - Interpretation (disclaimed): This segment incorporates by reference the GitHub Privacy Statement as the governing document describing the procedures by which Copilot users may exercise their data subject rights (access, alteration, deletion). - Tier: All - Location: “How does Copilot allow users to access, alter or delete personal data?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20These%20actions%20are,GitHub%20Privacy%20Statement%20. ### privacy data use — risk unknown > These actions are available to Copilot users as described in the GitHub Privacy Statement . - Interpretation (disclaimed): This segment incorporates by reference the GitHub Privacy Statement as the instrument governing user rights to access, alter, or delete personal data, making those provisions operative through cross-reference. - Tier: All - Location: “How does Copilot allow users to access, alter or delete personal data?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20These%20actions%20are,GitHub%20Privacy%20Statement%20. ### privacy data use — risk unknown > For abuse detection, prevention, and protection, virus scanning, and scanning to detect violations of terms of service - Interpretation (disclaimed): Authorizes GitHub to use personal data for abuse detection, prevention, virus scanning, and terms of service violation detection, establishing these as permitted processing purposes under the DPA. - Tier: All - Location: “To comply with and resolve legal obligations” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20For%20abuse%20detection%2C,terms%20of%20service%20 ### privacy data use — risk unknown > Prompts: These are inputs for chat or code, along with context, sent to Copilot's AI to generate suggestions. - Interpretation (disclaimed): Defines 'Prompts' as a category of personal data processed by Copilot, specifically inputs for chat or code sent to generate suggestions, establishing its role in data processing. - Tier: All - Location: “What personal data does GitHub Copilot process?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Prompts%3A%20These%20are,to%20generate%20suggestions.%20 ### privacy data use — risk unknown > Troubleshoot, which involves preventing, detecting, resolving, and mitigating issues, including security incidents and product-related problems, by fixing software bugs and maintaining the online services' functionality and up-to-dateness - Interpretation (disclaimed): Permits GitHub to use personal data for troubleshooting purposes including detecting, preventing, and resolving security incidents and product issues, defining this as an authorized data processing activity. - Tier: All - Location: “How does GitHub use the Copilot data from Business and Enterprise Subscribers?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Troubleshoot%2C%20which%20involves,functionality%20and%20up-to-dateness%20 ### privacy data use — risk unknown > Other Users and the Public: Depending on your account settings, we may share Personal Data with other users of the Services and the public. You control what information is made public. To adjust your settings, visit User Settings in your profile. Please be aware that any information you share in a collaborative context may become publicly accessible. - Interpretation (disclaimed): This segment permits sharing of personal data with other users and the public depending on account settings, grants users control over public information through profile settings, and warns that collaboratively shared information may become publicly accessible. - Tier: All - Location: Privacy Policy › “Sharing of Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Other%20Users%20and,may%20become%20publicly%20accessible. ### privacy data use — risk unknown > You can control the cookies you encounter on the web using a variety of widely-available tools. For example: - Interpretation (disclaimed): This segment establishes users' right to control cookies across the web using various tools, introducing the enumerated methods that follow. - Tier: All - Location: Privacy Policy › “Generally for all websites” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=You%20can%20control%20the,widely-available%20tools.%20For%20example%3A ### privacy data use — risk unknown > Personal Data is collected from you directly, automatically from your device, and also from third parties. The Personal Data GitHub processes when you use the Services depends on variables like how you interact with our Services (such as through web interfaces, desktop or mobile applications), the features you use (such as pull requests, Codespaces, or GitHub Copilot) and your method of accessing the Services (your preferred IDE). Below, we detail the information we collect through each of these channels: - Interpretation (disclaimed): This segment is the subsection heading 'From You,' introducing the category of Personal Data collected directly from users, which serves as a structural and definitional label for the enumerated data types that follow. - Tier: All - Location: Privacy Policy › “Personal Data We Collect” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Personal%20Data%20is,each%20of%20these%20channels%3A ### privacy data use — risk unknown > Advertising controls. Our advertising partners may participate in associations that provide simple ways to opt out of ad targeting, which you can access at: - Interpretation (disclaimed): This segment informs users of their right to opt out of targeted advertising through industry association tools provided by GitHub's advertising partners, directing users to external opt-out mechanisms. - Tier: All - Location: Privacy Policy › “Generally for all websites” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Advertising%20controls.%20Our,you%20can%20access%20at%3A ### privacy data use — risk unknown > Support Data: When you seek customer support, we collect details like code, text, or multimedia files. - Interpretation (disclaimed): This segment is the subsection heading 'Automatically,' introducing the category of Personal Data collected automatically from user devices, serving as a structural and definitional label for the enumerated automatic collection methods that follow. - Tier: All - Location: Privacy Policy › “From You” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Support%20Data%3A%20When,text%2C%20or%20multimedia%20files. ### privacy data use — risk unknown > Right to Knowledge and Correction: You have the right to request details on the specific personal information we’ve collected about you and the right to correct inaccurate information. You can exercise this right by contacting us. You can also access and edit basic account information in your settings. - Interpretation (disclaimed): This segment grants users the right to request details on collected personal information and to correct inaccurate information, and specifies the procedure for exercising these rights via contact or account settings. - Tier: All - Location: Privacy Policy › “Privacy Rights” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Right%20to%20Knowledge,information%20in%20your%20settings. ### privacy data use — risk unknown > Cookies are small text files stored by your browser on your device. A cookie can later be read when your browser connects to a web server in the same domain that placed the cookie. The text in a cookie contains a string of numbers and letters that may uniquely identify your device and can contain other information as well. This allows the web server to recognize your browser over time, each time it connects to that web server. - Interpretation (disclaimed): This segment defines cookies as small text files stored by browsers that allow web servers to recognize browsers over time, providing the technical definition necessary to understand the scope of cookie-related obligations and permissions. - Tier: All - Location: Privacy Policy › “What are cookies and similar technologies?” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Cookies%20are%20small,to%20that%20web%20server. ### privacy data use — risk unknown > Any GitHub page that serves non-essential cookies will have a link in the page’s footer to cookie settings. You can express your preferences at any time by clicking on that link and updating your settings. - Interpretation (disclaimed): This segment describes the procedure by which users can exercise their cookie preference rights on GitHub Enterprise Marketing Pages by accessing cookie settings via a footer link. - Tier: All - Location: Privacy Policy › “Specifically on GitHub Enterprise Marketing Pages” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Any%20GitHub%20page,and%20updating%20your%20settings. ### privacy data use — risk unknown > We do not “sell” or “share” the personal information of known minors under 16 years of age. - Interpretation (disclaimed): Restricts the platform from selling or sharing personal information of known minors under 16 years of age, creating a categorical prohibition aligned with California privacy law. - Tier: All - Location: Privacy Policy › “Mandatory Disclosures” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20We%20do%20not,16%20years%20of%20age. ### privacy data use — risk unknown > Website Usage Data: We automatically log data about your Website interactions, including the referring site, date and time of visit, pages viewed, and links clicked. - Interpretation (disclaimed): This segment is the subsection heading 'From Third Parties,' introducing the category of Personal Data GitHub receives from external sources, serving as a structural and definitional label for the enumerated third-party collection methods that follow. - Tier: All - Location: Privacy Policy › “Automatically” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Website%20Usage%20Data%3A,viewed%2C%20and%20links%20clicked. ### privacy data use — risk unknown > Legal Obligation: We process data when it's necessary to comply with applicable laws or to protect the rights, safety, and property of GitHub, our affiliates, users, or third parties. - Interpretation (disclaimed): This segment defines legal obligation as a lawful basis for processing personal data when required by applicable law or to protect the rights, safety, and property of GitHub, affiliates, users, or third parties. - Tier: All - Location: Privacy Policy › “Lawful Bases for Processing Personal Data (Applicable to EEA and UK End Users)” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Legal%20Obligation%3A%20We,users%2C%20or%20third%20parties. ### privacy data use — risk unknown > For Enterprise Marketing Pages, we may also use non-essential cookies to (i) gather information about enterprise users’ interests and online activities to personalize their experiences, including by making the ads, content, recommendations, and marketing seen or received more relevant and (ii) serve and measure the effectiveness of targeted advertising and other marketing efforts. If you disable the non-essential cookies on the Enterprise Marketing Pages, the ads, content, and marketing you see may be less relevant. - Interpretation (disclaimed): This segment grants GitHub permission to use non-essential cookies on Enterprise Marketing Pages for interest-based personalization and targeted advertising measurement, and discloses the effect of disabling those cookies on user experience. - Tier: All - Location: Privacy Policy › “Cookies and tracking technologies” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20For%20Enterprise%20Marketing,may%20be%20less%20relevant. ### privacy data use — risk unknown > Inference: We generate new information from other data we collect to derive likely preferences or other characteristics. For instance, we infer your general geographic location based on your IP address. - Interpretation (disclaimed): This segment permits GitHub to generate inferred information (such as geographic location from IP address) from collected data to derive user preferences or characteristics, establishing a permissible processing activity. - Tier: All - Location: Privacy Policy › “Processing Purposes: How We Use Your Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Inference%3A%20We%20generate,on%20your%20IP%20address. ### privacy data use — risk unknown > If you enable a browser extension designed to block unwanted content, such as uBlock Origin , non-essential cookies will be disabled to the extent that content that sets non-essential cookies will be blocked. - Interpretation (disclaimed): This segment informs users of their right to use content-blocking browser extensions such as uBlock Origin to disable non-essential cookies by blocking cookie-setting content. - Tier: All - Location: Privacy Policy › “Generally for all websites” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20If%20you%20enable,cookies%20will%20be%20blocked. ### privacy data use — risk unknown > Troubleshooting: We use Personal Data to identify and resolve technical issues. - Interpretation (disclaimed): This segment permits GitHub to use personal data to identify and resolve technical issues, establishing troubleshooting as a permissible processing purpose. - Tier: All - Location: Privacy Policy › “Processing Purposes: How We Use Your Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Troubleshooting%3A%20We%20use,and%20resolve%20technical%20issues. ### privacy data use — risk unknown > Buttons, Tools, and Content from Other Companies: Our Services may contain links or buttons that lead to third-party services like Twitter or LinkedIn. Use of these features may result in data collection. Engaging with these buttons, tools, or content may automatically send certain browser information to these companies. Please review the privacy statements of these companies for more information. - Interpretation (disclaimed): This segment defines GitHub's use of essential cookies and similar tracking technologies to provide core service functionality (storing settings, user recognition), establishing the lawful basis and purpose for this category of automatic data collection. - Tier: All - Location: Privacy Policy › “Automatically” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Buttons%2C%20Tools%2C%20and,companies%20for%20more%20information. ### privacy data use — risk unknown > GitHub may periodically revise this Privacy Statement. If there are material changes to the statement, we will provide at least 30 days prior notice by updating our website or sending an email to your primary email address associated with your GitHub account. - Interpretation (disclaimed): Commits GitHub to providing at least 30 days prior notice of material changes to the Privacy Statement via website update or email, establishing a procedural notification obligation upon amendment. - Tier: All - Location: Privacy Policy › “Changes to Our Privacy Statement” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20GitHub%20may%20periodically,with%20your%20GitHub%20account. ### privacy data use — risk unknown > Depending on your residence location, you may have specific legal rights regarding your Personal Data: - Interpretation (disclaimed): This segment introduces the conditional applicability of specific legal privacy rights based on the user's residence location, providing a definitional framing for the jurisdiction-dependent rights that follow. - Tier: All - Location: Privacy Policy › “Your Privacy Rights” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Depending%20on%20your,regarding%20your%20Personal%20Data%3A ### privacy data use — risk unknown > Required Cookies GitHub uses required cookies to perform essential website functions and to provide the services. For example, cookies are used to log you in, save your language preferences, provide a shopping cart experience, improve performance, route traffic between web servers, detect the size of your screen, determine page load times, improve user experience, and for audience measurement. These cookies are necessary for our websites to work. Analytics We allow third parties to use analytics cookies to understand how you use our websites so we can make them better. For example, cookies are used to gather information about the pages you visit and how many clicks you need to accomplish a task. We also use some analytics cookies to provide personalized advertising. Social Media GitHub and third parties use social media cookies to show you ads and content based on your social media profiles and activity on GitHub’s websites. This ensures that the ads and content you see on our websites and on social media will better reflect your interests. This also enables third parties to develop and improve their products, which they may use on websites that are not owned or operated by GitHub. Advertising In addition, GitHub and third parties use advertising cookies to show you new ads based on ads you've already seen. Cookies also track which ads you click or purchases you make after clicking an ad. This is done both for payment purposes and to show you ads that are more relevant to you. For example, cookies are used to detect when you click an ad and to show you ads based on your social media interests and website browsing history. - Interpretation (disclaimed): This segment grants GitHub permission to use required cookies for essential website functions such as login, language preferences, shopping cart, performance routing, and audience measurement, and permits third-party analytics cookies to be used on GitHub websites. - Tier: All - Location: Privacy Policy › “Purpose Description” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Required%20Cookies%20GitHub,website%20browsing%20history.%20 ### privacy data use — risk unknown > Communication: We use Personal Data to inform you about new Services, features, offers, promotions, and other pertinent information. This also includes sending confirmations, invoices, technical notices, updates, security alerts, and administrative messages. - Interpretation (disclaimed): This segment grants GitHub permission to use personal data for communications including new service announcements, confirmations, invoices, security alerts, and administrative messages, defining the lawful scope of such use. - Tier: All - Location: Privacy Policy › “Processing Purposes: How We Use Your Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Communication%3A%20We%20use,alerts%2C%20and%20administrative%20messages. ### privacy data use — risk unknown > Our emails to users may contain a pixel tag, which is a small, clear image that can tell us whether or not you have opened an email and what your IP address is. We use this pixel tag to make our email communications more effective and to make sure we are not sending you unwanted email. - Interpretation (disclaimed): This segment grants GitHub permission to use pixel tags in emails to track open rates and IP addresses for the purpose of improving email communication effectiveness and managing unwanted email. - Tier: All - Location: Privacy Policy › “Cookies and tracking technologies” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Our%20emails%20to,sending%20you%20unwanted%20email. ### privacy data use — risk unknown > Should you access a GitHub Service through an account provided by an organization, such as your employer or school, the organization becomes the Data Controller, and this Privacy Statement's direct applicability to you changes. Even so, GitHub remains dedicated to preserving your privacy rights. In such circumstances, GitHub functions as a Data Processor, adhering to the Data Controller's instructions regarding your Personal Data's processing. A Data Protection Agreement governs the relationship between GitHub and the Data Controller. For further details regarding their privacy practices, please refer to the privacy statement of the organization providing your account. - Interpretation (disclaimed): This segment defines the shift in Data Controller identity to the organization when a user accesses GitHub through an employer- or school-provided account, clarifies that GitHub becomes a Data Processor in that context, establishes that a Data Protection Agreement governs the GitHub–controller relationship, and directs users to the organization for privacy practice details. - Tier: All - Location: Privacy Policy › “End User Notice: Organization-Provided GitHub Accounts” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Should%20you%20access,organization%20providing%20your%20account. ### privacy data use — risk unknown > Contact us via our contact form or by emailing our Data Protection Officer at dpo[at]github[dot]com. Our addresses are: - Interpretation (disclaimed): Provides contact channels (form and DPO email) for users to reach GitHub regarding privacy matters, supporting procedural exercise of data subject rights. - Tier: All - Location: Privacy Policy › “Contact Us” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Contact%20us%20via,dpo%5Bat%5Dgithub%5Bdot%5Dcom.%20Our%20addresses%20are%3A ### privacy data use — risk unknown > Demographic information: In some cases, you provide us with ethnicity, gender, or similar demographic details. - Interpretation (disclaimed): This segment defines 'Feedback Data' as a category of Personal Data consisting of information submitted through surveys, reviews, or interactive features, establishing what GitHub collects under this category. - Tier: All - Location: Privacy Policy › “From You” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Demographic%20information%3A%20In,or%20similar%20demographic%20details. ### privacy data use — risk unknown > When a school or employer supplies your GitHub account, they assume the role of Data Controller for most Personal Data used in our Services. This enables them to: - Interpretation (disclaimed): This segment defines the role of a school or employer as Data Controller when they supply a GitHub account, establishing the legal framework under which the organization assumes primary responsibility for most Personal Data processing decisions. - Tier: All - Location: Privacy Policy › “End User Notice: Organization-Provided GitHub Accounts” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20When%20a%20school,This%20enables%20them%20to%3A ### privacy data use — risk unknown > Improving Professional Services: Enhancing delivery, efficacy, quality, and security of Professional Services and the underlying product(s) based on issues identified while providing Professional Services, including fixing software defects, and otherwise keeping the Professional Services up to date and performant. - Interpretation (disclaimed): This segment permits GitHub to use personal data identified during professional services delivery to improve those services and underlying products, including fixing software defects, establishing an operative processing permission tied to service improvement. - Tier: All - Location: Privacy Policy › “Processing Purposes: How We Use Your Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Improving%20Professional%20Services%3A,to%20date%20and%20performant. ### privacy data use — risk unknown > GitHub processes Personal Data in compliance with the GDPR, ensuring a lawful basis for each processing activity. The basis varies depending on the data type and the context, including how you access the services. Our processing activities typically fall under these lawful bases: - Interpretation (disclaimed): This segment imposes an obligation on GitHub to process personal data in compliance with GDPR and to ensure a lawful basis exists for each processing activity, establishing a binding legal compliance duty. - Tier: All - Location: Privacy Policy › “Lawful Bases for Processing Personal Data (Applicable to EEA and UK End Users)” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20GitHub%20processes%20Personal,under%20these%20lawful%20bases%3A ### privacy data use — risk unknown > Feedback Data: This consists of information you submit through surveys, reviews, or interactive features. - Interpretation (disclaimed): This segment defines 'Payment Information' as a category of Personal Data collected for paid subscriptions, specifying the data elements (name, billing address, payment specifics), which is relevant to commercial use and data collection obligations. - Tier: All - Location: Privacy Policy › “From You” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Feedback%20Data%3A%20This,reviews%2C%20or%20interactive%20features. ### privacy data use — risk unknown > Non-Discrimination: We will not hold it against you when you exercise any of your rights. On the contrary, we encourage you to review your privacy settings closely and contact us with any questions. - Interpretation (disclaimed): Imposes a non-discrimination obligation on the platform, prohibiting it from penalizing users for exercising their privacy rights, and encourages users to review privacy settings. - Tier: All - Location: Privacy Policy › “Privacy Rights” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Non-Discrimination%3A%20We%20will,us%20with%20any%20questions. ### privacy data use — risk unknown > Delivering Professional Services: We use Personal Data to deliver training, consulting or implementation (“Professional Services”). This includes providing technical support, professional planning, advice, guidance, data migration, deployment, and solution/software development services. - Interpretation (disclaimed): This segment permits GitHub to use personal data to deliver professional services including technical support, consulting, data migration, and software development, defining the scope of processing for service delivery. - Tier: All - Location: Privacy Policy › “Processing Purposes: How We Use Your Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Delivering%20Professional%20Services%3A,and%20solution%2Fsoftware%20development%20services. ### privacy data use — risk unknown > You have the right to opt out of profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer. GitHub does not engage in such profiling as defined by Colorado law, so there’s no need to opt out. - Interpretation (disclaimed): Discloses that the platform does not engage in profiling that produces legal or similarly significant effects as defined under Colorado law, effectively disclaiming the need for users to opt out of such profiling. - Tier: All - Location: Privacy Policy › “Colorado/Connecticut/Virginia” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20You%20have%20the,need%20to%20opt%20out. ### privacy data use — risk unknown > Manage and administer your GitHub account, including adjusting privacy settings. - Interpretation (disclaimed): This segment grants the organization-as-Data-Controller the permission to manage and administer a user's GitHub account, including adjusting privacy settings, as a direct consequence of the controller role assumed under the organization-provided account arrangement. - Tier: All - Location: Privacy Policy › “End User Notice: Organization-Provided GitHub Accounts” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Manage%20and%20administer,including%20adjusting%20privacy%20settings. ### privacy data use — risk unknown > To opt out of the sharing of your personal information, you can click on the "Do Not Share My Personal Information" link on the footer of our Websites or use the Global Privacy Control ("GPC") if available. Authorized agents can also submit opt-out requests on your behalf. - Interpretation (disclaimed): Describes the procedure for opting out of personal information sharing via a website link or Global Privacy Control, and permits authorized agents to submit opt-out requests on behalf of users. - Tier: All - Location: Privacy Policy › “Exercising your Privacy Rights” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20To%20opt%20out,requests%20on%20your%20behalf. ### privacy data use — risk unknown > Our Services are not intended for individuals under the age of 13. We do not intentionally gather Personal Data from such individuals. If you become aware that a minor has provided us with Personal Data, please notify us . - Interpretation (disclaimed): Restricts use of GitHub's services to individuals 13 and older, prohibits intentional collection of Personal Data from minors under 13, and establishes a notification procedure for inadvertent collection, creating a compliance obligation under children's privacy laws. - Tier: All - Location: Privacy Policy › “Information for Minors” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Our%20Services%20are,please%20notify%20us%20. ### privacy data use — risk unknown > To make an access, deletion, correction, or opt-out request, please send an email to privacy[at]github[dot]com and follow the instructions provided. We may need to verify your identity before processing your request. If you choose to use an authorized agent to submit a request on your behalf, please ensure they have your signed permission or power of attorney as required. - Interpretation (disclaimed): Establishes the procedure for submitting access, deletion, correction, or opt-out requests via email, including identity verification requirements and authorized agent submission rules. - Tier: All - Location: Privacy Policy › “Exercising your Privacy Rights” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20To%20make%20an,of%20attorney%20as%20required. ### privacy data use — risk unknown > Safety and Security: To promote safety, integrity, and security across our Services, we process Personal Data, using both automated and, at times, manual techniques for abuse detection, prevention, and violations of terms of service. - Interpretation (disclaimed): This segment permits GitHub to process personal data using automated and manual techniques for abuse detection, security enforcement, and terms of service violation prevention, granting an operative right to conduct such processing. - Tier: All - Location: Privacy Policy › “Processing Purposes: How We Use Your Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Safety%20and%20Security%3A,of%20terms%20of%20service. ### privacy data use — risk unknown > The sources of personal information from whom we collected are: directly from you, automatically or from third parties. - Interpretation (disclaimed): Discloses the sources from which personal information was collected — directly from the user, automatically, or from third parties — as required by California privacy law. - Tier: All - Location: Privacy Policy › “Mandatory Disclosures” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20The%20sources%20of,or%20from%20third%20parties. ### privacy data use — risk unknown > The table below provides additional information about how we use different types of cookies: - Interpretation (disclaimed): This segment incorporates by reference a table providing additional detail on how different types of cookies are used, directing readers to further operative content. - Tier: All - Location: Privacy Policy › “How do we and our partners use cookies and similar technologies?” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20The%20table%20below,different%20types%20of%20cookies%3A ### privacy data use — risk unknown > Many browsers provide cookie controls which may limit the types of cookies you encounter online. Check out the documentation for your browser to learn more. - Interpretation (disclaimed): This segment advises users of their right to use browser-level cookie controls to limit the types of cookies they encounter, directing them to browser documentation. - Tier: All - Location: Privacy Policy › “Generally for all websites” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Many%20browsers%20provide,browser%20to%20learn%20more. ### privacy data use — risk unknown > Geolocation Information: Depending on the Service's functionality, we collect regional geolocation data. - Interpretation (disclaimed): This segment defines 'Service Usage Information' as a category of automatically collected Personal Data, enumerating specific data elements such as IP address, device information, session details, timestamps, OS/app version, repository contribution data, and feature performance metrics. - Tier: All - Location: Privacy Policy › “Automatically” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Geolocation%20Information%3A%20Depending,collect%20regional%20geolocation%20data. ### privacy data use — risk unknown > When you use third-party extensions, integrations, or follow references and links within our Services, the privacy policies of these third parties apply to any Personal Data you provide or consent to share with them. Their privacy statements will govern how this data is processed. - Interpretation (disclaimed): This segment is the section heading 'Personal Data We Collect,' introducing the disclosure of what categories of personal data GitHub collects and the variables affecting what is collected, serving as a definitional foundation for the data collection obligations that follow. - Tier: All - Location: Privacy Policy › “Third Party Access and Data Protection” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20When%20you%20use,this%20data%20is%20processed. ### privacy data use — risk unknown > We also make the following disclosures for purposes of compliance with California privacy law: - Interpretation (disclaimed): States that the following disclosures are made for compliance with California privacy law, establishing the legal basis and obligatory nature of the subsequent disclosures. - Tier: All - Location: Privacy Policy › “Mandatory Disclosures” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20We%20also%20make,with%20California%20privacy%20law%3A ### privacy data use — risk unknown > Service Provision: We use Personal Data to deliver and update our Services as configured and used by You, and to make ongoing personalized experiences and recommendations. - Interpretation (disclaimed): This segment permits GitHub to use personal data to deliver, update, and personalize services as configured by the user, establishing an operative basis for ongoing service-related data processing. - Tier: All - Location: Privacy Policy › “Processing Purposes: How We Use Your Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Service%20Provision%3A%20We,personalized%20experiences%20and%20recommendations. ### privacy data use — risk unknown > GitHub uses cookies to provide, secure and improve our Service or to develop new features and functionality of our Service. For example, we use them to (i) keep you logged in, (ii) remember your preferences, (iii) identify your device for security and fraud purposes, including as needed to maintain the integrity of our Service, (iv) compile statistical reports, and (v) provide information and insight for future development of GitHub. We provide more information about cookies on GitHub that describes the cookies we set, the needs we have for those cookies, and the expiration of such cookies. - Interpretation (disclaimed): This segment grants GitHub permission to use cookies for specified purposes including session management, preference storage, security/fraud detection, statistical reporting, and product development, establishing the legal basis and scope of cookie deployment. - Tier: All - Location: Privacy Policy › “Cookies and tracking technologies” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20GitHub%20uses%20cookies,expiration%20of%20such%20cookies. ### data retention — risk medium > We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements, but barring legal requirements, we will delete your full profile and the Content of your repositories within 90 days of cancellation or termination (though some information may remain in encrypted backups). This information cannot be recovered once your Account is canceled. - Interpretation (disclaimed): The 90-day deletion window is relatively standard, but the undefined retention period for 'encrypted backups' creates ambiguity about full data erasure. The 90-day window for requesting a content copy may be insufficient for users who are unaware of this deadline. - Tier: All - Location: § 2 (Upon Cancellation) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=We%20will%20retain%20and,your%20Account%20is%20canceled. ### data retention — risk medium > Access through IDE for Chat and Code Completions: Prompts and Suggestions: Not retained User Engagement Data: Kept for two years. Feedback Data: Stored for as long as needed for its intended purpose. All other GitHub Copilot access and use: Prompts and Suggestions: Retained for 28 days. User Engagement Data: Kept for two years. Feedback Data: Stored for as long as needed for its intended purpose. - Interpretation (disclaimed): Retention policies vary significantly by access method. The open-ended 'as long as needed' standard for Feedback Data creates uncertainty. 28-day prompt retention for non-IDE access may implicate GDPR storage limitation principles. These are defaults for Business/Enterprise; Individual tier retention is not separately specified here. - Tier: Enterprise - Location: “How long does GitHub retain Copilot data for Business and Enterprise customers?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=Access%20through%20IDE%20for,for%20its%20intended%20purpose. ### data retention — risk medium > Retaining prompts and suggestions is necessary for chat on github.com, mobile, and CLI Copilot because those features’ effectiveness depends on using thread history to improve responses. The Copilot model requires access to previous interactions to deliver accurate and relevant suggestions. - Interpretation (disclaimed): The functional justification for retention may satisfy GDPR's necessity requirement but users sharing sensitive information via chat/mobile/CLI should be aware of this retention. Applies across all tiers using these access modes. - Tier: All - Location: “Why do some Copilot features retain prompts and suggestions?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=Retaining%20prompts%20and%20suggestions,accurate%20and%20relevant%20suggestions. ### data retention — risk medium > The default settings for Copilot Business and Enterprise Customers are as follows:  Access through IDE for Chat and Code Completions: Prompts and Suggestions: Not retained User Engagement Data: Kept for two years. Feedback Data: Stored for as long as needed for its intended purpose. All other GitHub Copilot access and use: Prompts and Suggestions: Retained for 28 days. User Engagement Data: Kept for two years. Feedback Data: Stored for as long as needed for its intended purpose. - Interpretation (disclaimed): While IDE prompts and suggestions are not retained, the same data submitted via github.com, mobile, or CLI is stored for 28 days. The open-ended 'feedback data' retention period creates unpredictable exposure. Enterprise customers should evaluate whether non-IDE usage is permissible under their data governance requirements. - Tier: Paid - Location: “How long does GitHub retain Copilot data for Business and Enterprise customers?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=The%20default%20settings%20for,for%20its%20intended%20purpose. ### data retention — risk medium > Please note that we may retain certain data as necessary for legal obligations or for establishing, exercising, or defending legal claims. - Interpretation (disclaimed): This carve-out allows GitHub to override user deletion/erasure requests by invoking legal obligations or litigation-related purposes, which are broadly defined and subjectively determined by GitHub. - Tier: All - Location: Privacy Policy › “The right to access the data collected about you” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=Please%20note%20that%20we,or%20defending%20legal%20claims. ### data retention — risk low > Upon receiving your verified request, we will promptly delete your personal information (unless an exception applies), and instruct our service providers to do the same. We employ brief retention terms by design. - Interpretation (disclaimed): The deletion commitment is subject to broad exceptions (legal obligation, fraud detection, abuse investigation, security). 'Brief retention terms by design' is a positive data minimization posture but is not quantified, limiting enforceability. - Tier: All - Location: Privacy Policy › “Privacy Rights” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=Upon%20receiving%20your%20verified,retention%20terms%20by%20design. ### data retention — risk unknown > It is your responsibility to properly cancel your Account with GitHub. You can cancel your Account at any time by going into your Settings in the global navigation bar at the top of the screen. The Account screen provides a simple, no questions asked cancellation link. We are not able to cancel Accounts in response to an email or phone request. - Interpretation (disclaimed): Describes the procedure for account cancellation, specifying that users must self-cancel through account Settings and that GitHub cannot process cancellation requests via email or phone, establishing procedural requirements for termination. - Tier: All - Location: § 1 (Account Cancellation) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20It%20is%20your,email%20or%20phone%20request. ### data retention — risk unknown > We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements, but barring legal requirements, we will delete your full profile and the Content of your repositories within 90 days of cancellation or termination (though some information may remain in encrypted backups). This information cannot be recovered once your Account is canceled. - Interpretation (disclaimed): Establishes GitHub's obligation to retain information only as necessary for legal obligations, dispute resolution, and agreement enforcement, and imposes a 90-day deletion timeline for profile and repository content after cancellation or termination, with a caveat for encrypted backups and irrecoverability. - Tier: All - Location: § 2 (Upon Cancellation) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20We%20will%20retain,your%20Account%20is%20canceled. ### data retention — risk unknown > Upon request, we will make a reasonable effort to provide an Account owner with a copy of your lawful, non-infringing Account contents after Account cancellation, termination, or downgrade. You must make this request within 90 days of cancellation, termination, or downgrade. - Interpretation (disclaimed): Grants account owners a right to request a copy of lawful, non-infringing account contents after cancellation, termination, or downgrade, subject to a 90-day request deadline. - Tier: All - Location: § 2 (Upon Cancellation) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Upon%20request%2C%20we,cancellation%2C%20termination%2C%20or%20downgrade. ### data retention — risk unknown > We will not delete Content that you have contributed to other Users' repositories or that other Users have forked. - Interpretation (disclaimed): This clause creates an exception to the deletion obligation, specifying that Content contributed to other users' repositories or forked by other users will not be deleted upon account cancellation, preserving the integrity of shared repositories. - Tier: All - Location: § 2 (Upon Cancellation) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20We%20will%20not,other%20Users%20have%20forked. ### data retention — risk unknown > Upon request, we will make a reasonable effort to provide an Account owner with a copy of your lawful, non-infringing Account contents after Account cancellation, termination, or downgrade. You must make this request within 90 days of cancellation, termination, or downgrade. - Interpretation (disclaimed): This clause grants the account owner the right to request a copy of their lawful, non-infringing account contents after cancellation, termination, or downgrade, subject to the condition that the request is made within 90 days of the triggering event. - Tier: All - Location: § 2 (Upon Cancellation) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Upon%20request%2C%20we,cancellation%2C%20termination%2C%20or%20downgrade. ### data retention — risk unknown > User Engagement Data: Kept for two years. - Interpretation (disclaimed): This segment imposes an obligation to keep User Engagement Data for two years when accessed through the IDE for Chat and Code Completions, defining a mandatory minimum retention period for this data category. - Tier: All - Location: “Prompts and Suggestions: Not retained” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20User%20Engagement%20Data%3A%20Kept%20for%20two%20years. ### data retention — risk unknown > Feedback Data: Stored for as long as needed for its intended purpose. - Interpretation (disclaimed): This segment establishes that Feedback Data is stored for as long as needed for its intended purpose, imposing a purpose-based retention standard as an ongoing obligation for the IDE access category. - Tier: All - Location: “Prompts and Suggestions: Not retained” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Feedback%20Data%3A%20Stored,for%20its%20intended%20purpose. ### data retention — risk unknown > User Engagement Data: Kept for two years. - Interpretation (disclaimed): This segment imposes a two-year retention obligation for User Engagement Data under all other Copilot access methods beyond the IDE, establishing a mandatory retention period. - Tier: All - Location: “Prompts and Suggestions: Not retained” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20User%20Engagement%20Data%3A%20Kept%20for%20two%20years. ### data retention — risk unknown > Retaining prompts and suggestions is necessary for chat on github.com, mobile, and CLI Copilot because those features’ effectiveness depends on using thread history to improve responses. The Copilot model requires access to previous interactions to deliver accurate and relevant suggestions. - Interpretation (disclaimed): This segment provides a functional justification and exception explaining why chat on github.com, mobile, and CLI retains prompts and suggestions — because thread history is necessary for feature effectiveness — thereby creating an exception to the general no-retention default for those specific access channels. - Tier: All - Location: “Why do some Copilot features retain prompts and suggestions?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Retaining%20prompts%20and,and%20relevant%20suggestions.%20 ### data retention — risk unknown > If and for how long GitHub’s retains Copilot data depends on how a Copilot user accesses Copilot and for what purpose. The default settings for Copilot Business and Enterprise Customers are as follows:  Access through IDE for Chat and Code Completions: - Interpretation (disclaimed): This segment establishes that retention duration is conditional on how and for what purpose Copilot is accessed, and introduces the default retention settings applicable to Business and Enterprise customers, setting up the framework for the specific retention periods that follow. - Tier: All - Location: “How long does GitHub retain Copilot data for Business and Enterprise customers?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20If%20and%20for,and%20Code%20Completions%3A%20 ### data retention — risk unknown > Feedback Data: Stored for as long as needed for its intended purpose. - Interpretation (disclaimed): This segment specifies that Feedback Data is stored for as long as needed for its intended purpose, establishing a purpose-limited retention standard rather than a fixed period. - Tier: All - Location: “Prompts and Suggestions: Not retained” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Feedback%20Data%3A%20Stored,for%20its%20intended%20purpose. ### data retention — risk unknown > User Engagement Data: Kept for two years. - Interpretation (disclaimed): This segment reiterates that User Engagement Data is retained for two years for all other Copilot access modes, establishing a consistent retention period across access types. - Tier: All - Location: “Prompts and Suggestions: Not retained” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20User%20Engagement%20Data%3A%20Kept%20for%20two%20years. ### data retention — risk unknown > Retaining prompts and suggestions is necessary for chat on github.com, mobile, and CLI Copilot because those features’ effectiveness depends on using thread history to improve responses. The Copilot model requires access to previous interactions to deliver accurate and relevant suggestions. - Interpretation (disclaimed): This segment explains that retaining prompts and suggestions is operationally necessary for chat on github.com, mobile, and CLI Copilot because thread history is required for feature effectiveness, justifying the exception to the general no-retention default for those access modes. - Tier: All - Location: “Why do some Copilot features retain prompts and suggestions?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Retaining%20prompts%20and,and%20relevant%20suggestions.%20 ### data retention — risk unknown > We aim to promptly respond to requests in compliance with legal requirements. Please note that we may retain certain data as necessary for legal obligations or for establishing, exercising, or defending legal claims. - Interpretation (disclaimed): Commits GitHub to timely responses to data requests in compliance with legal requirements, while asserting the exception that certain data may be retained for legal obligations or establishment/exercise/defense of legal claims. - Tier: All - Location: Privacy Policy › “The right to access the data collected about you” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20We%20aim%20to,or%20defending%20legal%20claims. ### data retention — risk unknown > The length of time a cookie will stay on your browser or device depends on whether it is a “persistent” or “session” cookie. Session cookies will only stay on your device until you stop browsing. Persistent cookies stay until they expire or are deleted. The expiration time or retention period applicable to persistent cookies depends on the purpose of the cookie collection and tool used. You may be able to delete cookie data. For more information, see GitHub General Privacy Statement . - Interpretation (disclaimed): This segment specifies the retention periods for session versus persistent cookies, explaining that session cookies expire on browser close while persistent cookies persist until expiration or deletion, and references the General Privacy Statement for further detail, creating a data retention obligation context. - Tier: All - Location: Privacy Policy › “Cookies and tracking technologies” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20The%20length%20of,General%20Privacy%20Statement%20. ### data retention — risk unknown > Right to a Timely Response: You are allowed to make two free requests in any 12-month period. We commit to responding to your request within 45 days. In complex cases, we may extend our response time by an additional 45 days. - Interpretation (disclaimed): Establishes the procedural framework for responding to data rights requests, including a cap of two free requests per 12-month period and a 45-day response window with a 45-day extension for complex cases. - Tier: All - Location: Privacy Policy › “Privacy Rights” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Right%20to%20a,an%20additional%2045%20days. ### data retention — risk unknown > California residents under the age of 18 who are registered users of online sites, services, or applications have a right under California Business and Professions Code Section 22581 to remove, or request and obtain removal of, content or information they have publicly posted. To remove content or information you have publicly posted, please submit a Private Information Removal request . Alternatively, to request that we remove such content or information, please send a detailed description of the specific content or information you wish to have removed to GitHub support . Please be aware that your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances. If you have any questions about our privacy practices with respect to California residents, please send an email to privacy[at]github[dot]com. - Interpretation (disclaimed): Grants California residents under 18 the right to remove or request removal of publicly posted content under California Business and Professions Code Section 22581, and establishes the procedure for submitting such removal requests. - Tier: All - Location: Privacy Policy › “Removal of Content” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20California%20residents%20under,an%20email%20to%20privacy%5Bat%5Dgithub%5Bdot%5Dcom. ### data retention — risk unknown > We will retain and use your information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements, but barring legal requirements, we will delete your full profile and the Content of your repositories within 90 days of cancellation or termination (though some information may remain in encrypted backups). This information cannot be recovered once your Account is canceled. - Interpretation (disclaimed): This clause obligates GitHub to retain user information as needed for legal compliance, dispute resolution, and agreement enforcement, but requires deletion of the user's full profile and repository content within 90 days of cancellation or termination (with exceptions for encrypted backups), and warns that deleted information is unrecoverable. - Tier: All - Location: § 2 (Upon Cancellation) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20We%20will%20retain,your%20Account%20is%20canceled. ### data retention — risk unknown > It is your responsibility to properly cancel your Account with GitHub. You can cancel your Account at any time by going into your Settings in the global navigation bar at the top of the screen. The Account screen provides a simple, no questions asked cancellation link. We are not able to cancel Accounts in response to an email or phone request. - Interpretation (disclaimed): This clause establishes the procedure for account cancellation, directing users to the Settings page and specifying that cancellation must be performed through the provided self-service link, and clarifies that GitHub cannot process cancellations via email or phone. - Tier: All - Location: § 1 (Account Cancellation) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20It%20is%20your,email%20or%20phone%20request. ### data retention — risk unknown > We will not delete Content that you have contributed to other Users' repositories or that other Users have forked. - Interpretation (disclaimed): Creates an exception to the deletion obligation by stating GitHub will not delete content contributed to other users' repositories or content that has been forked, limiting the scope of post-cancellation deletion rights. - Tier: All - Location: § 2 (Upon Cancellation) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20We%20will%20not,other%20Users%20have%20forked. ### data retention — risk unknown > User Engagement Data: Kept for two years. - Interpretation (disclaimed): This segment establishes that User Engagement Data is retained for a fixed period of two years under the default settings for Business and Enterprise customers, creating a defined retention obligation. - Tier: All - Location: “Prompts and Suggestions: Not retained” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20User%20Engagement%20Data%3A%20Kept%20for%20two%20years. ### data retention — risk unknown > Feedback Data: Stored for as long as needed for its intended purpose. - Interpretation (disclaimed): This segment mandates that Feedback Data under all other Copilot access methods be stored for as long as needed for its intended purpose, establishing an ongoing purpose-linked retention obligation. - Tier: All - Location: “Prompts and Suggestions: Not retained” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Feedback%20Data%3A%20Stored,for%20its%20intended%20purpose. ### data retention — risk unknown > All other GitHub Copilot access and use: Prompts and Suggestions: Retained for 28 days. - Interpretation (disclaimed): This segment specifies that for all Copilot access modes other than IDE Chat and Code Completions, prompts and suggestions are retained for 28 days, establishing a defined default retention period applicable to those use contexts. - Tier: All - Location: “Prompts and Suggestions: Not retained” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20All%20other%20GitHub,Retained%20for%2028%20days. ### data retention — risk unknown > Feedback Data: Stored for as long as needed for its intended purpose. - Interpretation (disclaimed): This segment reiterates that Feedback Data for all other access modes is stored for as long as needed for its intended purpose, applying a purpose-limitation retention standard consistently. - Tier: All - Location: “Prompts and Suggestions: Not retained” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Feedback%20Data%3A%20Stored,for%20its%20intended%20purpose. ### data retention — risk unknown > All other GitHub Copilot access and use: Prompts and Suggestions: Retained for 28 days. - Interpretation (disclaimed): This segment establishes that prompts and suggestions for all other Copilot access and use cases are retained for 28 days, imposing a defined retention period as an obligation for those access methods. - Tier: All - Location: “Prompts and Suggestions: Not retained” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20All%20other%20GitHub,Retained%20for%2028%20days. ### data retention — risk unknown > If and for how long GitHub’s retains Copilot data depends on how a Copilot user accesses Copilot and for what purpose. The default settings for Copilot Business and Enterprise Customers are as follows:  Access through IDE for Chat and Code Completions: - Interpretation (disclaimed): This segment explains that retention duration depends on how and for what purpose Copilot is accessed, and announces that default retention settings for Business and Enterprise customers will be described, establishing the procedural framework for interpreting the retention rules. - Tier: All - Location: “How long does GitHub retain Copilot data for Business and Enterprise customers?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20If%20and%20for,and%20Code%20Completions%3A%20 ### data retention — risk unknown > GitHub uses appropriate administrative, technical, and physical security controls to protect your Personal Data. We’ll retain your Personal Data as long as your account is active and as needed to fulfill contractual obligations, comply with legal requirements, resolve disputes, and enforce agreements. The retention duration depends on the purpose of data collection and any legal obligations. - Interpretation (disclaimed): Obligates GitHub to apply appropriate security controls and to retain Personal Data for the duration of account activity and as needed for contractual, legal, dispute resolution, and enforcement purposes, tying retention duration to the purpose of collection and applicable legal obligations. - Tier: All - Location: Privacy Policy › “Security and Retention” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20GitHub%20uses%20appropriate,and%20any%20legal%20obligations. ### data retention — risk unknown > Right to request Deletion: You reserve the right to request the deletion of your data, barring a few exceptions. Such exceptions include circumstances where we are required to retain data to comply with legal obligations, detect fraudulent activity, investigate reports of abuse or other violations of our Terms of Service, or rectify security issues. Upon receiving your verified request, we will promptly delete your personal information (unless an exception applies), and instruct our service providers to do the same. We employ brief retention terms by design. - Interpretation (disclaimed): Grants users the right to request deletion of personal data, defines the exceptions under which deletion may be withheld (legal obligations, fraud, abuse, security), and imposes an obligation on the platform to delete data and instruct service providers accordingly upon verified request. - Tier: All - Location: Privacy Policy › “Privacy Rights” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Right%20to%20request,retention%20terms%20by%20design. ### subprocessors data sharing — risk high > Affiliates: Personal Data may be shared with GitHub affiliates, including Microsoft, to facilitate customer service, marketing and advertising, order fulfillment, billing, technical support, legal and compliance obligations, product development and improvement (including training and improving artificial intelligence and machine learning technologies), and for other purposes described in their respective privacy statements. When we share data with affiliates, they will process it in accordance with applicable law and their privacy commitments. - Interpretation (disclaimed): Sharing Personal Data with Microsoft for AI model training purposes represents a significant data flow outside GitHub's direct control. Users are bound by Microsoft's privacy statements for such downstream processing. - Tier: All - Location: Privacy Policy › “Sharing of Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=Affiliates%3A%20Personal%20Data%20may,and%20their%20privacy%20commitments. ### subprocessors data sharing — risk high > Some of these cookies and technologies may be provided by third parties, including service providers and advertising partners. For example, our analytics and advertising partners may use these technologies in our Services to collect personal information (such as the pages you visit, the links you click on, and similar usage information, identifiers, and device information) related to your online activities over time and across Services for various purposes, including targeted advertising. - Interpretation (disclaimed): Allowing third-party advertising partners to collect personal information via the platform's own services constitutes direct third-party data collection, which may constitute a 'sale' or 'share' under CCPA and similar laws, and raises GDPR consent and data controller concerns. - Tier: All - Location: Privacy Policy › “How do we and our partners use cookies and similar technologies?” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=Some%20of%20these%20cookies,purposes%2C%20including%20targeted%20advertising. ### subprocessors data sharing — risk high > We disclosed the following categories of personal information for a business purpose in the last 12 months: identifiers/contact information, demographic information (such as gender and rough geographic location), payment information, commercial information, Internet or other electronic network activity information, geolocation data, audio, electronic, visual or similar information, and inferences drawn from the above. We disclosed each category to third-party business partners and service providers, third-party sites or platforms such as social networking sites, and other third parties as described in the Sharing of Personal Data section of our Privacy Statement. - Interpretation (disclaimed): Disclosure of payment and sensitive personal data to social networking sites goes significantly beyond standard service-provider processing and may implicate CCPA 'sharing' rules, GDPR restrictions on transfers to third parties, and financial data protection obligations. - Tier: All - Location: Privacy Policy › “Mandatory Disclosures” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=We%20disclosed%20the%20following,of%20our%20Privacy%20Statement. ### subprocessors data sharing — risk high > We and/or our partners also share the information we collect or infer with third parties for these purposes. - Interpretation (disclaimed): The phrase 'we and/or our partners' combined with 'infer' indicates that derived/inferred data is also shared, which may not be transparent to users and could implicate privacy rights under CCPA (right to know about inferences) and GDPR profiling rules. - Tier: All - Location: Privacy Policy › “How do we and our partners use cookies and similar technologies?” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=We%20and%2For%20our%20partners,parties%20for%20these%20purposes. ### subprocessors data sharing — risk high > As defined by applicable law, we “shared” the following categories of personal information in the last 12 months: identifiers/contact information, Internet or other electronic network activity information, and inferences drawn from the above. We shared each category to or with advertising networks, data analytics providers, and social networks. - Interpretation (disclaimed): CCPA defines 'sharing' as disclosing personal information for cross-context behavioral advertising. GitHub's acknowledgment that it shares such data with advertising networks triggers CCPA opt-out rights and signals significant commercial data monetization. - Tier: All - Location: Privacy Policy › “Mandatory Disclosures” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=As%20defined%20by%20applicable,providers%2C%20and%20social%20networks. ### subprocessors data sharing — risk medium > Corporate Transaction Entities: we might disclose Personal Data within the limits of the law and in accordance with this Privacy Statement for strategic business transactions such as sales or a merger. - Interpretation (disclaimed): Corporate transaction disclosures are standard but represent a risk that user data could transfer to a new controller whose privacy practices differ materially from GitHub's current commitments. - Tier: All - Location: Privacy Policy › “Sharing of Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=Corporate%20Transaction%20Entities%3A%20we,sales%20or%20a%20merger. ### subprocessors data sharing — risk medium > Please visit https://docs.github.com/en/site-policy/privacy-policies/github-subprocessors to see our list of Subprocessors. - Interpretation (disclaimed): Incorporating the subprocessor list by reference to a URL means GitHub can add/change subprocessors at any time without amending the privacy statement itself, reducing user visibility into who processes their data. - Tier: All - Location: Privacy Policy › “Sharing of Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=Please%20visit%20https%3A%2F%2Fdocs.github.com%2Fen%2Fsite-policy%2Fprivacy-policies%2Fgithub-subprocessors%20to,our%20list%20of%20Subprocessors. ### subprocessors data sharing — risk medium > Unless you opt out, GitHub's Affiliates may use your Inputs and Outputs under this license in accordance with their applicable privacy and contractual obligations. This license does not, however, permit GitHub or its Affiliates to share your Inputs or Outputs with third-party AI model providers for their own independent model training purposes. - Interpretation (disclaimed): Default sharing of user inputs/outputs with GitHub affiliates (without user action) is a notable privacy risk. While third-party AI providers are excluded from independent training use, affiliate sharing is governed only by those affiliates' own 'applicable privacy and contractual obligations,' which are not defined in this document. - Tier: Free - Location: § 3 (Development and Improvement Using Your Input and Output) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=Unless%20you%20opt%20out%2C,independent%20model%20training%20purposes. ### subprocessors data sharing — risk medium > GitHub Copilot is powered by generative AI models developed by GitHub, OpenAI, and Microsoft. - Interpretation (disclaimed): The involvement of OpenAI and Microsoft as model providers means user input data is transmitted to and processed by third-party subprocessors. The document does not detail data-processing agreements, data residency, or retention obligations for these subprocessors, creating ambiguity about downstream data handling. - Tier: All - Location: “What data has GitHub Copilot been trained on?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=GitHub%20Copilot%20is%20powered,GitHub%2C%20OpenAI%2C%20and%20Microsoft. ### subprocessors data sharing — risk medium > Delegate tasks to third-party coding agents like Claude by Anthropic and OpenAI Codex (Preview) - Interpretation (disclaimed): Delegating tasks to Claude (Anthropic) or Codex (OpenAI) inherently involves sharing user input data with those third-party providers. The scope of data shared, retention practices, and contractual safeguards with those subprocessors are not disclosed in this document, creating ambiguity about data protection posture. - Tier: Paid - Location: “Max plan Included” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=Delegate%20tasks%20to%20third-party,and%20OpenAI%20Codex%20(Preview) ### subprocessors data sharing — risk medium > Upon your instruction, we may share Personal Data with third-party applications available on our Marketplace. You are responsible for the data you instruct us to share with these applications. - Interpretation (disclaimed): GitHub shifts liability for data shared with Marketplace third parties entirely to the user. This limits GitHub's accountability and may expose users to unknown data practices by those apps. - Tier: All - Location: Privacy Policy › “Sharing of Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=Upon%20your%20instruction%2C%20we,share%20with%20these%20applications. ### subprocessors data sharing — risk medium > Subprocessors and Service Providers: We may use vendors to provide services on our behalf, including hosting, marketing, advertising, social, analytics, support ticketing, credit card processing, or security services. They are bound by contractual obligations to ensure the security, privacy, and confidentiality of your information. Please visit https://docs.github.com/en/site-policy/privacy-policies/github-subprocessors to see our list of Subprocessors. - Interpretation (disclaimed): While GitHub claims subprocessors are contractually bound, the full list is external and subject to change. The range of services (advertising, analytics, etc.) means Personal Data may flow to numerous third parties. - Tier: All - Location: Privacy Policy › “Sharing of Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=Subprocessors%20and%20Service%20Providers%3A,our%20list%20of%20Subprocessors. ### subprocessors data sharing — risk low > GitHub has the responsibility for the processing of Personal Data it receives under the Data Privacy Framework (DPF) Principles and subsequently transfers to a third party acting as an agent on GitHub’s behalf. GitHub shall remain liable under the DPF Principles if its agent processes such Personal Data in a manner inconsistent with the DPF Principles, unless the organization proves that it is not responsible for the event giving rise to the damage. - Interpretation (disclaimed): While GitHub accepts DPF liability for subprocessor/agent misuse, the escape clause ('unless the organization proves it is not responsible') allows GitHub to disclaim liability if it can establish lack of responsibility, which may be difficult for users to contest. - Tier: All - Location: Privacy Policy › “Data Privacy Framework (DPF)” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=GitHub%20has%20the%20responsibility,rise%20to%20the%20damage. ### subprocessors data sharing — risk unknown > In cases where your organization grants access to GitHub products, GitHub acts as the Data Controller solely for specific processing activities. These activities are clearly defined in a contractual agreement with your organization, known as a Data Protection Agreement. You can review our standard Data Protection Agreement at GitHub Data Protection Agreement . For those limited purposes, this Statement governs the handling of your Personal Data. For all other aspects of GitHub product usage, your organization's policies apply. - Interpretation (disclaimed): This segment defines the limited circumstances under which GitHub acts as Data Controller for organization-provided accounts, references the Data Protection Agreement as the governing contractual instrument, provides a link to the standard DPA, and delineates which aspects of the privacy statement apply versus those governed by the organization's own policies. - Tier: All - Location: Privacy Policy › “End User Notice: Organization-Provided GitHub Accounts” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20In%20cases%20where,your%20organization's%20policies%20apply. ### subprocessors data sharing — risk unknown > Abuse and Fraud Prevention Entities: We may disclose Personal Data based on a good faith belief it is needed to prevent fraud, abuse, or attacks on our Services, or to protect the safety of GitHub and our users. - Interpretation (disclaimed): This segment permits GitHub to disclose personal data to abuse and fraud prevention entities based on a good faith belief that disclosure is necessary to prevent fraud, abuse, or attacks, establishing a conditional permission for such third-party disclosure. - Tier: All - Location: Privacy Policy › “Sharing of Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Abuse%20and%20Fraud,GitHub%20and%20our%20users. ### subprocessors data sharing — risk unknown > We may share Personal Data with the following recipients: - Interpretation (disclaimed): This segment introduces the list of recipients with whom GitHub may share personal data, serving as an introductory definitional framing for the enumerated sharing disclosures that follow. - Tier: All - Location: Privacy Policy › “Sharing of Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20We%20may%20share,with%20the%20following%20recipients%3A ### subprocessors data sharing — risk unknown > Affiliates: Personal Data may be shared with GitHub affiliates, including Microsoft, to facilitate customer service, marketing and advertising, order fulfillment, billing, technical support, legal and compliance obligations, product development and improvement (including training and improving artificial intelligence and machine learning technologies), and for other purposes described in their respective privacy statements. When we share data with affiliates, they will process it in accordance with applicable law and their privacy commitments. - Interpretation (disclaimed): This segment permits sharing of personal data with GitHub affiliates including Microsoft for customer service, marketing, billing, technical support, product development, and AI/ML training purposes, and imposes an obligation on affiliates to process data lawfully and per their privacy commitments. - Tier: All - Location: Privacy Policy › “Sharing of Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Affiliates%3A%20Personal%20Data,and%20their%20privacy%20commitments. ### subprocessors data sharing — risk unknown > GitHub Organization Accounts: If an organization adds you to their GitHub account, we might share Personal Data with that organization to fulfill the commercial relationship. In such a case, your use of the Services is protected by a data protection agreement and terms between your organization and GitHub - Interpretation (disclaimed): This segment permits GitHub to share personal data with organizational account holders when a user is added to that organization's account to fulfill the commercial relationship, conditioned on the existence of a data protection agreement between the organization and GitHub. - Tier: All - Location: Privacy Policy › “Sharing of Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20GitHub%20Organization%20Accounts%3A,your%20organization%20and%20GitHub ### subprocessors data sharing — risk unknown > Mobile identifiers for analytics can be accessed and used by apps on mobile devices in much the same way that websites access and use cookies. When visiting Enterprise Marketing pages, like resources.github.com, on a mobile device these may allow us and our third-party analytics and advertising partners to collect data for sales and marketing purposes. - Interpretation (disclaimed): This segment grants GitHub and its third-party analytics and advertising partners permission to use mobile identifiers on Enterprise Marketing Pages to collect data for sales and marketing purposes through mobile apps. - Tier: All - Location: Privacy Policy › “What are cookies and similar technologies?” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Mobile%20identifiers%20for,sales%20and%20marketing%20purposes. ### subprocessors data sharing — risk unknown > The GitHub Services use cookies and similar technologies for a variety of purposes, including to store your preferences and settings, enable you to sign-in, analyze how our Services perform, track your interaction with the Services, develop inferences, combat fraud, and fulfill other legitimate purposes. Some of these cookies and technologies may be provided by third parties, including service providers and advertising partners. For example, our analytics and advertising partners may use these technologies in our Services to collect personal information (such as the pages you visit, the links you click on, and similar usage information, identifiers, and device information) related to your online activities over time and across Services for various purposes, including targeted advertising. GitHub will place non-essential cookies on pages where we market products and services to enterprise customers, for example, on resources.github.com. - Interpretation (disclaimed): This segment grants GitHub and third-party service providers and advertising partners permission to use cookies and similar technologies to collect personal information, analyze service performance, track interactions, develop inferences, and combat fraud. - Tier: All - Location: Privacy Policy › “How do we and our partners use cookies and similar technologies?” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20The%20GitHub%20Services,for%20example%2C%20on%20resources.github.com. ### subprocessors data sharing — risk unknown > We and/or our partners also share the information we collect or infer with third parties for these purposes. - Interpretation (disclaimed): This segment grants GitHub and its partners permission to share collected or inferred personal information with third parties for analytics and advertising purposes, constituting a data sharing permission. - Tier: All - Location: Privacy Policy › “How do we and our partners use cookies and similar technologies?” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20We%20and%2For%20our,parties%20for%20these%20purposes. ### subprocessors data sharing — risk unknown > We do not sell your covered information, as defined under Chapter 603A of the Nevada Revised Statutes. If you still have questions about your covered information or anything else in our Privacy Statement, please send an email to privacy[at]github[dot]com. - Interpretation (disclaimed): States that the platform does not sell covered information as defined under Nevada Revised Statutes Chapter 603A, creating a restriction on sale of personal data and providing a contact for related inquiries. - Tier: All - Location: Privacy Policy › “Nevada” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20We%20do%20not,an%20email%20to%20privacy%5Bat%5Dgithub%5Bdot%5Dcom. ### subprocessors data sharing — risk ambiguous > These practices are outlined in GitHub’s Data Protection Agreement ( DPA ), which details our data handling commitments to our data controller customers. - Interpretation (disclaimed): The document provides no information about which subprocessors or affiliates receive data, their locations, or safeguards. Risk cannot be assessed from this document alone; the DPA must be reviewed separately. - Tier: Enterprise - Location: “How does GitHub use the Copilot data from Business and Enterprise Subscribers?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=These%20practices%20are%20outlined,our%20data%20controller%20customers. ### subprocessors data sharing — risk unknown > These practices are outlined in GitHub’s Data Protection Agreement ( DPA ), which details our data handling commitments to our data controller customers. GitHub also uses certain personal data with customer authorization under the DPA, for the following purposes: - Interpretation (disclaimed): This segment incorporates by reference GitHub's Data Protection Agreement (DPA) as the governing instrument for data handling commitments, and identifies the DPA as authorizing specific personal data uses by GitHub, establishing the contractual framework for data processing relationships with controller customers. - Tier: All - Location: “How does GitHub use the Copilot data from Business and Enterprise Subscribers?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20These%20practices%20are,the%20following%20purposes%3A%20 ### subprocessors data sharing — risk unknown > We disclosed the following categories of personal information for a business purpose in the last 12 months: identifiers/contact information, demographic information (such as gender and rough geographic location), payment information, commercial information, Internet or other electronic network activity information, geolocation data, audio, electronic, visual or similar information, and inferences drawn from the above. We disclosed each category to third-party business partners and service providers, third-party sites or platforms such as social networking sites, and other third parties as described in the Sharing of Personal Data section of our Privacy Statement. - Interpretation (disclaimed): Discloses the categories of personal information shared with third-party business partners, service providers, social networking sites, and other third parties for business purposes during the last 12 months, fulfilling California privacy law disclosure obligations. - Tier: All - Location: Privacy Policy › “Mandatory Disclosures” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20We%20disclosed%20the,of%20our%20Privacy%20Statement. ### subprocessors data sharing — risk unknown > Information from Other Users of the Services: Other users may share information about you when they submit issues and comments. We may also receive information about you if you are identified as a representative or administrator on your company's account. - Interpretation (disclaimed): This segment defines Personal Data acquired from publicly available sources as a category of third-party data collection, establishing that GitHub may supplement user data with publicly accessible information. - Tier: All - Location: Privacy Policy › “From Third Parties” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Information%20from%20Other,on%20your%20company's%20account. ### subprocessors data sharing — risk unknown > Subprocessors and Service Providers: We may use vendors to provide services on our behalf, including hosting, marketing, advertising, social, analytics, support ticketing, credit card processing, or security services. They are bound by contractual obligations to ensure the security, privacy, and confidentiality of your information. Please visit https://docs.github.com/en/site-policy/privacy-policies/github-subprocessors to see our list of Subprocessors. - Interpretation (disclaimed): This segment permits use of subprocessors and service providers for hosting, marketing, analytics, and security services, and imposes contractual obligations on those vendors to ensure security, privacy, and confidentiality of user information, with a reference to a published subprocessor list. - Tier: All - Location: Privacy Policy › “Sharing of Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Subprocessors%20and%20Service,our%20list%20of%20Subprocessors. ### subprocessors data sharing — risk unknown > Services you linked to your GitHub account: When you or your administrator integrate third-party apps or services with our Services, we receive information based on your settings with those services. This can include details like your name and email from services like Google for authentication. The information we receive depends on the third-party's settings and privacy policies. Always review these to understand what data is shared with our Services. - Interpretation (disclaimed): This segment defines the receipt of Personal Data from vendors, resellers, partners, and affiliates as a category of third-party data collection, establishing that such data is used for purposes outlined in the privacy statement. - Tier: All - Location: Privacy Policy › “From Third Parties” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Services%20you%20linked,shared%20with%20our%20Services. ### subprocessors data sharing — risk unknown > Corporate Transaction Entities: we might disclose Personal Data within the limits of the law and in accordance with this Privacy Statement for strategic business transactions such as sales or a merger. - Interpretation (disclaimed): This segment permits disclosure of personal data in the context of corporate transactions such as sales or mergers, within legal limits and consistent with the privacy statement, establishing an operative permission for M&A-related data sharing. - Tier: All - Location: Privacy Policy › “Sharing of Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Corporate%20Transaction%20Entities%3A,sales%20or%20a%20merger. ### subprocessors data sharing — risk unknown > Web beacons are electronic images (also called “single-pixel” or “clear GIFs”) that are contained within a website or email. When your browser opens a webpage or email that contains a web beacon, it automatically connects to the web server that hosts the image (typically operated by a third party). This allows that web server to log information about your device and to set and read its own cookies. In the same way, third-party content on our websites (such as embedded videos, plug-ins, or ads) results in your browser connecting to the third-party web server that hosts that content. - Interpretation (disclaimed): This segment defines web beacons and explains how they cause browsers to connect to third-party web servers, enabling third-party data collection through cookies and logging, thereby defining a mechanism of third-party data sharing. - Tier: All - Location: Privacy Policy › “What are cookies and similar technologies?” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Web%20beacons%20are,that%20hosts%20that%20content. ### subprocessors data sharing — risk unknown > As defined by applicable law, we “shared” the following categories of personal information in the last 12 months: identifiers/contact information, Internet or other electronic network activity information, and inferences drawn from the above. We shared each category to or with advertising networks, data analytics providers, and social networks. - Interpretation (disclaimed): Discloses the categories of personal information 'shared' as defined by California law in the last 12 months, specifically with advertising networks, data analytics providers, and social networks, satisfying mandatory disclosure requirements. - Tier: All - Location: Privacy Policy › “Mandatory Disclosures” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20As%20defined%20by,providers%2C%20and%20social%20networks. ### subprocessors data sharing — risk unknown > Competent Authorities: We may disclose Personal Data to authorized law enforcement, regulators, courts, or other public authorities in response to lawful requests or to protect our rights and safety. Please refer to our Guidelines for Legal Requests of User Data for more information. - Interpretation (disclaimed): This segment permits disclosure of personal data to law enforcement, regulators, courts, or other public authorities in response to lawful requests or to protect GitHub's rights and safety, establishing a legal compliance-based sharing permission. - Tier: All - Location: Privacy Policy › “Sharing of Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Competent%20Authorities%3A%20We,Data%20for%20more%20information. ### subprocessors data sharing — risk unknown > GitHub has the responsibility for the processing of Personal Data it receives under the Data Privacy Framework (DPF) Principles and subsequently transfers to a third party acting as an agent on GitHub’s behalf. GitHub shall remain liable under the DPF Principles if its agent processes such Personal Data in a manner inconsistent with the DPF Principles, unless the organization proves that it is not responsible for the event giving rise to the damage. - Interpretation (disclaimed): Establishes GitHub's ongoing liability under DPF Principles for Personal Data transferred to third-party agents, including residual liability where agents process data inconsistently with DPF Principles unless GitHub proves non-responsibility. - Tier: All - Location: Privacy Policy › “Data Privacy Framework (DPF)” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20GitHub%20has%20the,rise%20to%20the%20damage. ### subprocessors data sharing — risk unknown > Right to Know Data Recipients: We share your information with service providers for legitimate business operations, such as data storage and hosting. For more details, please see “Sharing Your Information” below. - Interpretation (disclaimed): This segment grants users the right to know the recipients of their shared personal information, disclosing that GitHub shares information with service providers for legitimate business operations such as data storage and hosting, and incorporating a cross-reference to further detail. - Tier: All - Location: Privacy Policy › “Privacy Rights” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Right%20to%20Know,%E2%80%9CSharing%20Your%20Information%E2%80%9D%20below. ### subprocessors data sharing — risk unknown > Publicly Available Sources: We may acquire information about you from publicly available sources. - Interpretation (disclaimed): This segment defines the data received from third-party apps and services linked to a user's GitHub account (e.g., Google authentication), clarifying that the scope of data received depends on the user's settings and the third party's privacy policies, and imposing an implicit obligation on users to review those policies. - Tier: All - Location: Privacy Policy › “From Third Parties” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Publicly%20Available%20Sources%3A,from%20publicly%20available%20sources. ### subprocessors data sharing — risk unknown > Other Third-party Applications: Upon your instruction, we may share Personal Data with third-party applications available on our Marketplace. You are responsible for the data you instruct us to share with these applications. - Interpretation (disclaimed): This segment permits GitHub to share personal data with third-party Marketplace applications at the user's instruction and assigns responsibility for such sharing to the user, establishing a user-directed sharing permission with accompanying liability allocation. - Tier: All - Location: Privacy Policy › “Sharing of Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Other%20Third-party%20Applications%3A,share%20with%20these%20applications. ### subprocessors data sharing — risk unknown > Under California Civil Code section 1798.83, also known as the “Shine the Light” law, California residents who have provided personal information to a business with which the individual has established a business relationship for personal, family, or household purposes (“California Customers”) may request information about whether the business has disclosed personal information to any third parties for the third parties’ direct marketing purposes. Please be aware that we do not disclose personal information to any third parties for their direct marketing purposes as defined by this law. California Customers may request further information about our compliance with this law by emailing (privacy[at]github[dot]com). Please note that businesses are required to respond to one request per California Customer each year and may not be required to respond to requests made by means other than through the designated email address. - Interpretation (disclaimed): Restricts the platform from disclosing personal information to third parties for their direct marketing purposes under the California Shine the Light Act, and provides a disclosure that no such sharing occurs. - Tier: All - Location: Privacy Policy › “Shine the Light Act” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Under%20California%20Civil,the%20designated%20email%20address. ### subprocessors data sharing — risk unknown > Partners and Resellers: We cooperate with third-parties that offer sales, consulting, support, and technical services for our Services. We may share your data with these partners and resellers where allowed, and with your consent when required. - Interpretation (disclaimed): This segment permits sharing of personal data with sales, consulting, support, and technical service partners and resellers where allowed and with user consent where required, establishing a conditional permission for partner data sharing. - Tier: All - Location: Privacy Policy › “Sharing of Personal Data” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Partners%20and%20Resellers%3A,your%20consent%20when%20required. ### audit rights dpa residency — risk medium > Yes. GitHub and customers can enter a Data Protection Agreement that supports compliance with the GDPR and similar legislation. - Interpretation (disclaimed): The permissive framing ('can enter') rather than a mandatory DPA for Business/Enterprise customers means GDPR-required controller-processor terms may not automatically apply. Users must proactively request and execute the DPA to obtain those protections. - Tier: Enterprise - Location: “Does GitHub Copilot support compliance with the GDPR and other data protection laws?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=Yes.%20GitHub%20and%20customers,GDPR%20and%20similar%20legislation. ### audit rights dpa residency — risk medium > GitHub stores and processes Personal Data in a variety of locations, including your local region, the United States, and other countries where GitHub, its affiliates, subsidiaries, or subprocessors have operations. We transfer Personal Data from the European Union, the United Kingdom, and Switzerland to countries that the European Commission has not recognized as having an adequate level of data protection. When we engage in such transfers, we generally rely on the standard contractual clauses published by the European Commission under Commission Implementing Decision 2021/914 , to help protect your rights and enable these protections to travel with your data. - Interpretation (disclaimed): Data may flow to countries lacking adequate data protection under GDPR standards. GitHub relies on SCCs as the transfer mechanism, which provides a legal basis but may not guarantee equivalent practical protections to those in the EU/UK. - Tier: All - Location: Privacy Policy › “International data transfers” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=GitHub%20stores%20and%20processes,travel%20with%20your%20data. ### audit rights dpa residency — risk low > Does GitHub Copilot support compliance with the GDPR and other data protection laws? ### Yes. GitHub and customers can enter a Data Protection Agreement that supports compliance with the GDPR and similar legislation. - Interpretation (disclaimed): GitHub offers a DPA for GDPR compliance but the document does not confirm it is automatically applicable to all plans or that audit rights, sub-processor lists, or data residency terms are included. Enterprises should verify DPA scope before relying on GDPR compliance representations. - Tier: Enterprise - Location: “Does GitHub Copilot support compliance with the GDPR and other data protection laws?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=Does%20GitHub%20Copilot%20support,GDPR%20and%20similar%20legislation. ### audit rights dpa residency — risk low > A Data Protection Agreement governs the relationship between GitHub and the Data Controller. For further details regarding their privacy practices, please refer to the privacy statement of the organization providing your account. In cases where your organization grants access to GitHub products, GitHub acts as the Data Controller solely for specific processing activities. These activities are clearly defined in a contractual agreement with your organization, known as a Data Protection Agreement. You can review our standard Data Protection Agreement at GitHub Data Protection Agreement . - Interpretation (disclaimed): The DPA governs data processing where the organization is the Data Controller. Individual end users under organizational accounts have limited direct rights under GitHub's privacy statement and must rely on their organization's policies. - Tier: Enterprise - Location: Privacy Policy › “End User Notice: Organization-Provided GitHub Accounts” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=A%20Data%20Protection%20Agreement,Data%20Protection%20Agreement%20. ### audit rights dpa residency — risk unknown > The right to request detailed information about the specific types of Personal Data we've collected over the past 12 months, including data disclosed for business purposes - Interpretation (disclaimed): This segment establishes a data subject's right to request detailed information about categories of personal data collected over the past 12 months, including data disclosed for business purposes, operationalizing a transparency and access right. - Tier: All - Location: Privacy Policy › “The right to access the data collected about you” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20The%20right%20to,disclosed%20for%20business%20purposes ### audit rights dpa residency — risk unknown > The right to rectify or update inaccurate or incomplete Personal Data under certain circumstances - Interpretation (disclaimed): This segment establishes an individual's right to rectify or update inaccurate or incomplete personal data under certain circumstances, creating an operative correction right. - Tier: All - Location: Privacy Policy › “The right to access the data collected about you” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20The%20right%20to,Data%20under%20certain%20circumstances ### audit rights dpa residency — risk unknown > GitHub also complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) as set forth by the U.S. Department of Commerce. GitHub has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF. GitHub has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF. If there is any conflict between the terms in this privacy statement and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/ . - Interpretation (disclaimed): States GitHub's certification and adherence to the EU-U.S. DPF, UK Extension, and Swiss-U.S. DPF Principles with the U.S. Department of Commerce, constituting a formal legal commitment governing cross-border data transfers. - Tier: All - Location: Privacy Policy › “Data Privacy Framework (DPF)” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20GitHub%20also%20complies,please%20visit%20https%3A%2F%2Fwww.dataprivacyframework.gov%2F%20. ### audit rights dpa residency — risk unknown > GitHub B.V. - Interpretation (disclaimed): Identifies GitHub B.V. as a legal entity and data controller, relevant to establishing jurisdiction and DPA residency for EU data subjects. - Tier: All - Location: Privacy Policy › “Contact Us” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20GitHub%20B.V. ### audit rights dpa residency — risk unknown > GitHub, Inc. 88 Colin P. Kelly Jr. St. - Interpretation (disclaimed): Identifies GitHub, Inc. and its San Francisco address as the US entity, establishing the principal US controller entity and its physical location relevant to governing law and cross-border transfer accountability. - Tier: All - Location: Privacy Policy › “The Netherlands” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20GitHub%2C%20Inc.%2088,P.%20Kelly%20Jr.%20St. ### audit rights dpa residency — risk unknown > Yes. GitHub and customers can enter a Data Protection Agreement that supports compliance with the GDPR and similar legislation. - Interpretation (disclaimed): This segment confirms that GitHub and customers may enter a Data Protection Agreement to support GDPR compliance, granting customers the right to establish a formal DPA relationship for regulatory compliance purposes. - Tier: All - Location: “Does GitHub Copilot support compliance with the GDPR and other data protection laws?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Yes.%20GitHub%20and,GDPR%20and%20similar%20legislation. ### audit rights dpa residency — risk unknown > These practices are outlined in GitHub’s Data Protection Agreement ( DPA ), which details our data handling commitments to our data controller customers. GitHub also uses certain personal data with customer authorization under the DPA, for the following purposes: - Interpretation (disclaimed): Incorporates GitHub's Data Protection Agreement (DPA) by reference as governing data handling commitments to controller customers, and introduces additional authorized data use purposes under the DPA, establishing the DPA as the operative legal instrument for data processing obligations. - Tier: All - Location: “How does GitHub use the Copilot data from Business and Enterprise Subscribers?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20These%20practices%20are,the%20following%20purposes%3A%20 ### audit rights dpa residency — risk unknown > Yes. GitHub and customers can enter a Data Protection Agreement that supports compliance with the GDPR and similar legislation. - Interpretation (disclaimed): This segment confirms that GitHub and customers can enter into a Data Protection Agreement to support compliance with GDPR and similar legislation, establishing the availability of a formal DPA mechanism as a contractual right for customers. - Tier: All - Location: “Does GitHub Copilot support compliance with the GDPR and other data protection laws?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Yes.%20GitHub%20and,GDPR%20and%20similar%20legislation. ### audit rights dpa residency — risk unknown > GitHub stores and processes Personal Data in a variety of locations, including your local region, the United States, and other countries where GitHub, its affiliates, subsidiaries, or subprocessors have operations. We transfer Personal Data from the European Union, the United Kingdom, and Switzerland to countries that the European Commission has not recognized as having an adequate level of data protection. When we engage in such transfers, we generally rely on the standard contractual clauses published by the European Commission under Commission Implementing Decision 2021/914 , to help protect your rights and enable these protections to travel with your data. To learn more about the European Commission’s decisions on the adequacy of the protection of personal data in the countries where GitHub processes personal data, see this article on the European Commission website . - Interpretation (disclaimed): Discloses that GitHub stores and processes Personal Data across multiple jurisdictions including the US and other countries, and states the legal mechanism (EU Commission Standard Contractual Clauses under Decision 2021/914) used to legitimise transfers from the EU, UK, and Switzerland to countries lacking adequacy decisions. - Tier: All - Location: Privacy Policy › “International data transfers” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20GitHub%20stores%20and,European%20Commission%20website%20. ### audit rights dpa residency — risk unknown > To exercise these rights, please send an email to privacy[at]github[dot]com and follow the instructions provided. To verify your identity for security, we may request extra information before addressing your data-related request. Please contact our Data Protection Officer at dpo[at]github[dot]com for any feedback or concerns. Depending on your region, you have the right to complain to your local Data Protection Authority. European users can find authority contacts on the European Data Protection Board website, and UK users on the Information Commissioner’s Office website. - Interpretation (disclaimed): Establishes the procedure for exercising data subject rights (email to privacy@github.com), identity verification steps, contact for the DPO, and the right to lodge a complaint with a local Data Protection Authority, including jurisdiction-specific guidance for EU and UK users. - Tier: All - Location: Privacy Policy › “The right to access the data collected about you” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20To%20exercise%20these,Information%20Commissioner%E2%80%99s%20Office%20website. ### audit rights dpa residency — risk unknown > The right to erase or limit the processing of your Personal Data under specific conditions - Interpretation (disclaimed): This segment establishes an individual's right to erasure or restriction of processing of personal data under specific conditions, creating operative deletion and limitation rights for data subjects. - Tier: All - Location: Privacy Policy › “The right to access the data collected about you” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20The%20right%20to,Data%20under%20specific%20conditions ### audit rights dpa residency — risk ambiguous > Right to Know Data Recipients: We share your information with service providers for legitimate business operations, such as data storage and hosting. For more details, please see “Sharing Your Information” below. - Interpretation (disclaimed): The document does not specify data residency, DPA commitments, or user audit rights in this excerpt. Enterprise customers typically require explicit DPA and residency terms; their absence here is notable. - Tier: All - Location: Privacy Policy › “Privacy Rights” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=Right%20to%20Know%20Data,%E2%80%9CSharing%20Your%20Information%E2%80%9D%20below. ### indemnity liability — risk high > You are responsible for your use of Output, including ensuring it complies with applicable law and does not infringe third-party rights. Your indemnity obligations in Section Q apply to your use of AI Features and Output, including claims arising from Output you incorporate into your products or services. - Interpretation (disclaimed): Combining the absence of any IP warranty on outputs with a broad indemnity obligation creates high risk for users, particularly those incorporating AI-generated code or content into commercial products. The user indemnifies GitHub for the very IP risks GitHub has disclaimed responsibility for. - Tier: All - Location: § 5 (Your Responsibility and Indemnity) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=You%20are%20responsible%20for,your%20products%20or%20services. ### indemnity liability — risk high > You agree to indemnify us, defend us, and hold us harmless from and against any and all claims, liabilities, and expenses, including attorneys’ fees, arising out of your use of the Website and the Service, including but not limited to your violation of this Agreement, provided that GitHub (1) promptly gives you written notice of the claim, demand, suit or proceeding; (2) gives you sole control of the defense and settlement of the claim, demand, suit or proceeding (provided that you may not settle any claim, demand, suit or proceeding unless the settlement unconditionally releases GitHub of all liability); and (3) provides to you all reasonable assistance, at your expense. - Interpretation (disclaimed): This is a standard but broad indemnification clause requiring the user to defend and hold harmless GitHub for any claims arising from the user's use or violations. The requirement that any settlement unconditionally release GitHub limits the user's settlement flexibility and could increase litigation costs. - Tier: All - Location: § Q (Release and Indemnification) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=You%20agree%20to%20indemnify,assistance%2C%20at%20your%20expense. ### indemnity liability — risk high > GitHub provides the Website and the Service “as is” and “as available,” without warranty of any kind. Without limiting this, we expressly disclaim all warranties, whether express, implied or statutory, regarding the Website and the Service including without limitation any warranty of merchantability, fitness for a particular purpose, title, security, accuracy and non-infringement. - Interpretation (disclaimed): A blanket disclaimer of all warranties, including implied warranties of merchantability, fitness, and non-infringement, is the broadest possible liability exclusion. This is especially significant for enterprise or commercial users who may have relied on platform stability or IP safety. - Tier: All - Location: § O (Disclaimer of Warranties) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=GitHub%20provides%20the%20Website,security%2C%20accuracy%20and%20non-infringement. ### indemnity liability — risk high > Q. Release and Indemnification You are fully responsible for your use of the service. - Interpretation (disclaimed): Section Q's summary language ('fully responsible') is a strong signal of a broad indemnification obligation. Without the operative text, the exact scope of the indemnity, release, and any carve-outs cannot be confirmed, but the risk to users is expected to be high. - Tier: All - Location: Article M - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=Q.%20Release%20and%20Indemnification,use%20of%20the%20service. ### indemnity liability — risk high > P. Limitation of Liability We will not be liable for damages or losses arising from your use or inability to use the service or otherwise arising under this agreement. Please read this section carefully; it limits our obligations to you. - Interpretation (disclaimed): A broad limitation-of-liability clause that excludes damages from both use and inability to use the service substantially limits user recourse. This is a high-risk surface for users in the event of service failures or data loss. - Tier: All - Location: Article M - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=P.%20Limitation%20of%20Liability,our%20obligations%20to%20you. ### indemnity liability — risk high > You understand and agree that we will not be liable to you or any third party for any loss of profits, use, goodwill, or data, or for any incidental, indirect, special, consequential or exemplary damages, however arising, that result from the use, disclosure, or display of your User-Generated Content; your use or inability to use the Service; any modification, price change, suspension or discontinuance of the Service; the Service generally or the software or systems that make the Service available; unauthorized access to or alterations of your transmissions or data; statements or conduct of any third party on the Service; any other user interactions that you input or receive through your use of the Service; or any other matter relating to the Service. Our liability is limited whether or not we have been informed of the possibility of such damages, and even if a remedy set forth in this Agreement is found to have failed of its essential purpose. We will have no liability for any failure or delay due to matters beyond our reasonable control. - Interpretation (disclaimed): This limitation of liability clause excludes virtually all meaningful damages a user could suffer, including loss of data and loss of profits. Notably it excludes liability even for unauthorized access to user transmissions or data, which is particularly relevant for an AI/developer platform storing code and sensitive content. - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=You%20understand%20and%20agree,beyond%20our%20reasonable%20control. ### indemnity liability — risk high > O. Disclaimer of Warranties We provide our service as is, and we make no promises or guarantees about this service. Please read this section carefully; you should understand what to expect. - Interpretation (disclaimed): An as-is disclaimer eliminates implied warranties of merchantability and fitness for a particular purpose, leaving users with no warranty protection. This significantly limits user remedies. - Tier: All - Location: Article M - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=O.%20Disclaimer%20of%20Warranties,understand%20what%20to%20expect. ### indemnity liability — risk high > The primary differences between the organization offerings and the individual offering are license management, policy management, and IP indemnity. - Interpretation (disclaimed): The absence of IP indemnity for Free/Pro/Pro+ users means those users must independently bear the risk of third-party intellectual property claims arising from use of Copilot-generated code. This is a significant legal exposure for commercial users on individual plans. - Tier: Free - Location: “What are the differences between the GitHub Copilot Business, GitHub Copilot Enterprise, and GitHub Copilot Individual plans?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=The%20primary%20differences%20between,management%2C%20and%20IP%20indemnity. ### indemnity liability — risk medium > If you have a dispute with one or more Users, you agree to release GitHub from any and all claims, demands and damages (actual and consequential) of every kind and nature, known and unknown, arising out of or in any way connected with such disputes. - Interpretation (disclaimed): This release clause covers 'known and unknown' claims, which in California requires a specific waiver of Civil Code §1542. Such broad releases can extinguish claims users may not yet be aware of arising from third-party conduct on the platform. - Tier: All - Location: § Q (Release and Indemnification) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=If%20you%20have%20a,connected%20with%20such%20disputes. ### indemnity liability — risk unknown > Q. Release and Indemnification You are fully responsible for your use of the service. - Interpretation (disclaimed): Summary entry for Section Q stating users are fully responsible for their service use; cross-reference incorporating indemnification obligations placed on users. - Tier: All - Location: Article M - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Q.%20Release%20and,of%20the%20service.%20 ### indemnity liability — risk unknown > You are responsible for all content posted and activity that occurs under your Account (even when content is posted by others who have Accounts under your Account). - Interpretation (disclaimed): Imposes obligation on the user for all content posted and activity occurring under their Account, including activity by sub-account holders, establishing broad user-side liability for Account use. - Tier: All - Location: § 4 (Account Security) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20are%20responsible,Accounts%20under%20your%20Account). ### indemnity liability — risk unknown > Your indemnity obligations in Section Q apply to your use of AI Features and Output, including claims arising from Output you incorporate into your products or services. - Interpretation (disclaimed): Incorporates Section Q indemnity obligations into the context of AI Features and Output, extending indemnity to claims arising from Output incorporated into the user's products or services. - Tier: All - Location: § 5 (Your Responsibility and Indemnity) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Your%20indemnity%20obligations,your%20products%20or%20services. ### indemnity liability — risk unknown > any other matter relating to the Service. - Interpretation (disclaimed): Catch-all exclusion of liability for any other matter relating to the Service, providing maximum breadth to GitHub's limitation of liability provisions. - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20any%20other%20matter%20relating%20to%20the%20Service. ### indemnity liability — risk unknown > Short version: We provide our service as is, and we make no promises or guarantees about this service. Please read this section carefully; you should understand what to expect. - Interpretation (disclaimed): Plain-language summary warning users that the service is provided as-is with no promises or guarantees, setting user expectations before the formal warranty disclaimer. - Tier: All - Location: § O (Disclaimer of Warranties) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20We,what%20to%20expect.%20 ### indemnity liability — risk unknown > GitHub does not warrant that the Service will meet your requirements; that the Service will be uninterrupted, timely, secure, or error-free; that the information provided through the Service is accurate, reliable or correct; that any defects or errors will be corrected; that the Service will be available at any particular time or location; or that the Service is free of viruses or other harmful components. You assume full responsibility and risk of loss resulting from your downloading and/or use of files, information, content or other material obtained from the Service. - Interpretation (disclaimed): Extends the warranty disclaimer to specific performance characteristics (uptime, accuracy, security, virus-free operation) and shifts full risk of loss from downloading or using service content to the user. - Tier: All - Location: § O (Disclaimer of Warranties) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20GitHub%20does%20not,obtained%20from%20the%20Service. ### indemnity liability — risk unknown > You understand and agree that we will not be liable to you or any third party for any loss of profits, use, goodwill, or data, or for any incidental, indirect, special, consequential or exemplary damages, however arising, that result from - Interpretation (disclaimed): Establishes that GitHub is not liable to the user or any third party for loss of profits, use, goodwill, data, or any incidental/indirect/special/consequential/exemplary damages arising from enumerated circumstances, broadly limiting GitHub's financial liability. - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20understand%20and,arising%2C%20that%20result%20from ### indemnity liability — risk unknown > any modification, price change, suspension or discontinuance of the Service; - Interpretation (disclaimed): Excludes liability for damages resulting from service modification, price changes, suspension, or discontinuance, limiting GitHub's responsibility for business decisions affecting service availability. - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20any%20modification%2C%20price,discontinuance%20of%20the%20Service%3B ### indemnity liability — risk unknown > any other user interactions that you input or receive through your use of the Service; or - Interpretation (disclaimed): Excludes liability for damages from any other user interactions input or received through the Service, providing a broad catch-all limitation on inter-user conduct liability. - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20any%20other%20user,of%20the%20Service%3B%20or ### indemnity liability — risk unknown > Short version: You are responsible for your use of the service. If you harm someone else or get into a dispute with someone else, we will not be involved. - Interpretation (disclaimed): Plain-language summary placing responsibility for service use on the user and disclaiming GitHub's involvement in user disputes, framing the indemnification obligations that follow. - Tier: All - Location: § Q (Release and Indemnification) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20You,not%20be%20involved.%20 ### indemnity liability — risk unknown > If you have a dispute with one or more Users, you agree to release GitHub from any and all claims, demands and damages (actual and consequential) of every kind and nature, known and unknown, arising out of or in any way connected with such disputes. - Interpretation (disclaimed): Requires users involved in disputes with other users to release GitHub from all claims, demands, and damages of every kind arising from such disputes, extinguishing GitHub's liability as a remedy mechanism. - Tier: All - Location: § Q (Release and Indemnification) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20If%20you%20have,connected%20with%20such%20disputes. ### indemnity liability — risk unknown > Q. Release and Indemnification You are fully responsible for your use of the service. - Interpretation (disclaimed): Summary entry describing the Release and Indemnification section; states user is fully responsible for their service use, incorporating the indemnification obligation by reference. - Tier: All - Location: Article M - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Q.%20Release%20and,of%20the%20service.%20 ### indemnity liability — risk unknown > You are responsible for all content posted and activity that occurs under your Account (even when content is posted by others who have Accounts under your Account). - Interpretation (disclaimed): Disclaims GitHub liability for loss or damage arising from user's failure to maintain Account security, reinforcing the allocation of risk to the user for security breaches attributable to their own non-compliance. - Tier: All - Location: § 4 (Account Security) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20are%20responsible,Accounts%20under%20your%20Account). ### indemnity liability — risk unknown > You are responsible for reviewing, testing, and validating any Output before use. - Interpretation (disclaimed): Imposes an obligation on users to review, test, and validate Output before use, placing the burden of quality assurance on the user rather than GitHub. - Tier: All - Location: § 4 (Disclaimers) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20are%20responsible,any%20Output%20before%20use. ### indemnity liability — risk unknown > You are responsible for your use of Output, including ensuring it complies with applicable law and does not infringe third-party rights. - Interpretation (disclaimed): Places responsibility on users for their use of AI Output, including ensuring compliance with applicable law and non-infringement of third-party rights. - Tier: All - Location: § 5 (Your Responsibility and Indemnity) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20are%20responsible,not%20infringe%20third-party%20rights. ### indemnity liability — risk unknown > Invoicing For invoiced Users, User agrees to pay the fees in full, up front without deduction or setoff of any kind, in U.S. Dollars. User must pay the fees within thirty (30) days of the GitHub invoice date. Amounts payable under this Agreement are non-refundable, except as otherwise provided in this Agreement. If User fails to pay any fees on time, GitHub reserves the right, in addition to taking any other action at law or equity, to (i) charge interest on past due amounts at 1.0% per month or the highest interest rate allowed by law, whichever is less, and to charge all expenses of recovery, and (ii) terminate the applicable order form. User is solely responsible for all taxes, fees, duties and governmental assessments (except for taxes based on GitHub's net income) that are imposed or become due in connection with this Agreement. - Interpretation (disclaimed): This clause imposes obligations on invoiced users to pay fees in full, upfront, in U.S. dollars within 30 days of invoice without deduction or setoff, and grants GitHub the right to charge interest at 1.0% per month or the maximum legal rate on overdue amounts plus recovery expenses, establishing financial remedies for non-payment. - Tier: All - Location: § 3 (Billing Schedule; No Refunds) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Invoicing%20For%20invoiced,connection%20with%20this%20Agreement. ### indemnity liability — risk unknown > Short version: We will not be liable for damages or losses arising from your use or inability to use the service or otherwise arising under this agreement. Please read this section carefully; it limits our obligations to you. - Interpretation (disclaimed): Plain-language summary stating GitHub will not be liable for damages or losses arising from use of or inability to use the service, flagging the operative limitations that follow. - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20We,obligations%20to%20you.%20 ### indemnity liability — risk unknown > You understand and agree that we will not be liable to you or any third party for any loss of profits, use, goodwill, or data, or for any incidental, indirect, special, consequential or exemplary damages, however arising, that result from - Interpretation (disclaimed): Establishes that GitHub will not be liable to the user or any third party for loss of profits, use, goodwill, data, or any incidental, indirect, special, consequential, or exemplary damages, however arising, introducing the enumerated triggering circumstances. - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20understand%20and,arising%2C%20that%20result%20from ### indemnity liability — risk unknown > the Service generally or the software or systems that make the Service available; - Interpretation (disclaimed): Excludes liability for damages arising from the Service generally or the underlying software and systems, broadly limiting GitHub's exposure for platform-level issues. - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20the%20Service%20generally,make%20the%20Service%20available%3B ### indemnity liability — risk unknown > unauthorized access to or alterations of your transmissions or data; - Interpretation (disclaimed): Excludes liability for unauthorized access to or alterations of user transmissions or data, limiting GitHub's responsibility for security breaches by third parties. - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20unauthorized%20access%20to,your%20transmissions%20or%20data%3B ### indemnity liability — risk unknown > statements or conduct of any third party on the Service; - Interpretation (disclaimed): Excludes liability for damages arising from statements or conduct of third parties on the Service, limiting GitHub's responsibility for third-party actions. - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20statements%20or%20conduct,party%20on%20the%20Service%3B ### indemnity liability — risk unknown > any other user interactions that you input or receive through your use of the Service; or - Interpretation (disclaimed): Excludes liability for damages resulting from user interactions input or received through the Service, broadly limiting exposure for peer-to-peer harms. - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20any%20other%20user,of%20the%20Service%3B%20or ### indemnity liability — risk unknown > If you have a dispute with one or more Users, you agree to release GitHub from any and all claims, demands and damages (actual and consequential) of every kind and nature, known and unknown, arising out of or in any way connected with such disputes. - Interpretation (disclaimed): Requires the user to release GitHub from all claims, demands, and damages of every kind arising out of disputes with other users, extinguishing GitHub's liability for inter-user conflicts. - Tier: All - Location: § Q (Release and Indemnification) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20If%20you%20have,connected%20with%20such%20disputes. ### indemnity liability — risk unknown > You’re entitled to IP indemnification from GitHub for the unmodified suggestions when Copilot’s filtering is enabled. If you do elect to enable this feature, the copyright responsibility is ours, not our customers. As part of our ongoing commitment to responsible AI, GitHub and Microsoft extends our IP indemnity and protection support to our customers who are empowering their teams with GitHub Copilot. See Microsoft's Copilot Copyright Commitment for more details. - Interpretation (disclaimed): Grants users the right to IP indemnification from GitHub for unmodified suggestions when Copilot's duplicate-detection filtering is enabled, and references Microsoft's Copilot Copyright Commitment as the governing commitment, establishing the scope and conditions of copyright liability coverage. - Tier: All - Location: “Can GitHub Copilot users simply use suggestions without concern?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20You%E2%80%99re%20entitled%20to,Commitment%20for%20more%20details. ### indemnity liability — risk unknown > Depending on your particular use case, you should consider implementing the protections discussed above. It is your responsibility to assess what is appropriate for the situation and implement appropriate safeguards. - Interpretation (disclaimed): This segment grants customers IP indemnification from GitHub for unmodified Copilot suggestions when the filtering feature is enabled, shifts copyright responsibility to GitHub and Microsoft in that scenario, and references Microsoft's Copilot Copyright Commitment as further indemnity support, establishing a conditional remedy for IP claims. - Tier: All - Location: “Can GitHub Copilot users simply use suggestions without concern?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Depending%20on%20your,and%20implement%20appropriate%20safeguards. ### indemnity liability — risk unknown > any modification, price change, suspension or discontinuance of the Service; - Interpretation (disclaimed): Excludes liability for damages caused by modification, price change, suspension, or discontinuance of the Service, protecting GitHub from claims related to service changes. - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20any%20modification%2C%20price,discontinuance%20of%20the%20Service%3B ### indemnity liability — risk unknown > Your indemnity obligations in Section Q apply to your use of AI Features and Output, including claims arising from Output you incorporate into your products or services. - Interpretation (disclaimed): Incorporates Section Q indemnity obligations and extends them to cover use of AI Features and Output, including claims arising from Output incorporated into user products or services. - Tier: All - Location: § 5 (Your Responsibility and Indemnity) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Your%20indemnity%20obligations,your%20products%20or%20services. ### indemnity liability — risk unknown > You are responsible for keeping your Account secure while you use our Service. We offer tools such as two-factor authentication to help you maintain your Account's security, but the content of your Account and its security are up to you. - Interpretation (disclaimed): Assigns responsibility to the user for maintaining Account and password security and expressly disclaims GitHub's liability for any loss or damage resulting from the user's failure to comply with that security obligation. - Tier: All - Location: § 4 (Account Security) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20are%20responsible,are%20up%20to%20you. ### indemnity liability — risk unknown > any other matter relating to the Service. - Interpretation (disclaimed): Catch-all exclusion of liability for any other matter relating to the Service, functioning as a broad sweep of residual damage claims. - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20any%20other%20matter%20relating%20to%20the%20Service. ### indemnity liability — risk unknown > Short version: We provide our service as is, and we make no promises or guarantees about this service. Please read this section carefully; you should understand what to expect. - Interpretation (disclaimed): Plain-language summary warning users that the service is provided as-is with no promises or guarantees, setting expectations for the formal disclaimer that follows. - Tier: All - Location: § O (Disclaimer of Warranties) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20We,what%20to%20expect.%20 ### indemnity liability — risk unknown > GitHub does not warrant that the Service will meet your requirements; that the Service will be uninterrupted, timely, secure, or error-free; that the information provided through the Service is accurate, reliable or correct; that any defects or errors will be corrected; that the Service will be available at any particular time or location; or that the Service is free of viruses or other harmful components. You assume full responsibility and risk of loss resulting from your downloading and/or use of files, information, content or other material obtained from the Service. - Interpretation (disclaimed): Disclaims warranties of uninterrupted or error-free service, accuracy of information, and freedom from viruses, and places full responsibility and risk of loss on the user for downloaded content. - Tier: All - Location: § O (Disclaimer of Warranties) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20GitHub%20does%20not,obtained%20from%20the%20Service. ### indemnity liability — risk unknown > GitHub has the right to suspend or terminate your access to all or any part of the Website at any time, with or without cause, with or without notice, effective immediately. GitHub reserves the right to refuse service to anyone for any reason at any time. - Interpretation (disclaimed): This is a section heading ('Survival') that introduces the survival clause; it labels the following substantive provision about post-termination obligations. - Tier: All - Location: § 3 (GitHub May Terminate) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20GitHub%20has%20the,reason%20at%20any%20time. ### indemnity liability — risk unknown > Our liability is limited whether or not we have been informed of the possibility of such damages, and even if a remedy set forth in this Agreement is found to have failed of its essential purpose. We will have no liability for any failure or delay due to matters beyond our reasonable control. - Interpretation (disclaimed): States that liability is capped regardless of notice of possible damages and even if a contractual remedy fails its essential purpose, and further excludes liability for failures or delays beyond GitHub's reasonable control. - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Our%20liability%20is,beyond%20our%20reasonable%20control. ### indemnity liability — risk unknown > your use or inability to use the Service; - Interpretation (disclaimed): Excludes liability for damages resulting from the user's use of or inability to use the Service, a core limitation on GitHub's exposure. - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20your%20use%20or,to%20use%20the%20Service%3B ### indemnity liability — risk unknown > Output is provided "as-is" and subject to the disclaimers in Section O. Without limiting Section O: Output may be inaccurate, incomplete, or non-functional. Output may resemble third-party code, including code under open source licenses. We do not guarantee that Output is free of errors, vulnerabilities, or intellectual property claims. - Interpretation (disclaimed): Provides as-is disclaimer for AI Output, warning it may be inaccurate, incomplete, non-functional, or resemble third-party or open-source code, and disclaims any guarantee that Output is free from errors, vulnerabilities, or IP claims. - Tier: All - Location: § 4 (Disclaimers) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Output%20is%20provided,or%20intellectual%20property%20claims. ### indemnity liability — risk unknown > GitHub provides the Website and the Service “as is” and “as available,” without warranty of any kind. Without limiting this, we expressly disclaim all warranties, whether express, implied or statutory, regarding the Website and the Service including without limitation any warranty of merchantability, fitness for a particular purpose, title, security, accuracy and non-infringement. - Interpretation (disclaimed): Formally disclaims all warranties—express, implied, or statutory—including merchantability, fitness for purpose, title, security, accuracy, and non-infringement regarding the Website and Service. - Tier: All - Location: § O (Disclaimer of Warranties) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20GitHub%20provides%20the,security%2C%20accuracy%20and%20non-infringement. ### indemnity liability — risk unknown > Short version: You are responsible for your use of the service. If you harm someone else or get into a dispute with someone else, we will not be involved. - Interpretation (disclaimed): Plain-language summary stating users are responsible for their own service use and that GitHub will not be involved in user disputes, previewing the release and indemnity clauses. - Tier: All - Location: § Q (Release and Indemnification) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20You,not%20be%20involved.%20 ### indemnity liability — risk unknown > You agree to indemnify us, defend us, and hold us harmless from and against any and all claims, liabilities, and expenses, including attorneys’ fees, arising out of your use of the Website and the Service, including but not limited to your violation of this Agreement, provided that GitHub (1) promptly gives you written notice of the claim, demand, suit or proceeding; (2) gives you sole control of the defense and settlement of the claim, demand, suit or proceeding (provided that you may not settle any claim, demand, suit or proceeding unless the settlement unconditionally releases GitHub of all liability); and (3) provides to you all reasonable assistance, at your expense. - Interpretation (disclaimed): Imposes a broad indemnification obligation on the user to defend, indemnify, and hold GitHub harmless from claims, liabilities, and attorneys' fees arising from the user's use of the service or violation of the Agreement, subject to notice and control conditions placed on GitHub. - Tier: All - Location: § Q (Release and Indemnification) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20agree%20to,assistance%2C%20at%20your%20expense. ### indemnity liability — risk unknown > P. Limitation of Liability We will not be liable for damages or losses arising from your use or inability to use the service or otherwise arising under this agreement. Please read this section carefully; it limits our obligations to you. - Interpretation (disclaimed): Summary entry describing the Limitation of Liability section; cross-references GitHub's limitation on liability for damages or losses arising from service use, incorporating that limitation by reference. - Tier: All - Location: Article M - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20P.%20Limitation%20of,obligations%20to%20you.%20 ### indemnity liability — risk unknown > statements or conduct of any third party on the Service; - Interpretation (disclaimed): Excludes liability for damages resulting from statements or conduct of third parties on the Service, insulating GitHub from user-generated harmful content claims. - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20statements%20or%20conduct,party%20on%20the%20Service%3B ### indemnity liability — risk unknown > Our liability is limited whether or not we have been informed of the possibility of such damages, and even if a remedy set forth in this Agreement is found to have failed of its essential purpose. We will have no liability for any failure or delay due to matters beyond our reasonable control. - Interpretation (disclaimed): Confirms the liability limitation applies regardless of notice of potential damages and even if contractual remedies fail their essential purpose, and further excludes liability for failures due to circumstances beyond GitHub's reasonable control (force majeure). - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Our%20liability%20is,beyond%20our%20reasonable%20control. ### indemnity liability — risk unknown > All provisions of this Agreement which, by their nature, should survive termination will survive termination — including, without limitation: ownership provisions, warranty disclaimers, indemnity, and limitations of liability. - Interpretation (disclaimed): Specifies that ownership provisions, warranty disclaimers, indemnity, and limitations of liability survive termination of the Agreement, preserving key legal obligations and rights beyond the contractual relationship's end. - Tier: All - Location: § 4 (Survival) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20All%20provisions%20of,and%20limitations%20of%20liability. ### indemnity liability — risk unknown > GitHub provides the Website and the Service “as is” and “as available,” without warranty of any kind. Without limiting this, we expressly disclaim all warranties, whether express, implied or statutory, regarding the Website and the Service including without limitation any warranty of merchantability, fitness for a particular purpose, title, security, accuracy and non-infringement. - Interpretation (disclaimed): Formal disclaimer of all warranties — express, implied, and statutory — including merchantability, fitness for purpose, title, security, accuracy, and non-infringement, removing GitHub's legal obligations regarding service quality. - Tier: All - Location: § O (Disclaimer of Warranties) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20GitHub%20provides%20the,security%2C%20accuracy%20and%20non-infringement. ### indemnity liability — risk unknown > GitHub has the right to suspend or terminate your access to all or any part of the Website at any time, with or without cause, with or without notice, effective immediately. GitHub reserves the right to refuse service to anyone for any reason at any time. - Interpretation (disclaimed): Grants GitHub the unilateral right to suspend or terminate user access at any time, with or without cause or notice, and to refuse service to any person at any time, establishing broad termination rights in GitHub's favor. - Tier: All - Location: § 3 (GitHub May Terminate) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20GitHub%20has%20the,reason%20at%20any%20time. ### indemnity liability — risk unknown > You are responsible for your use of Output, including ensuring it complies with applicable law and does not infringe third-party rights. - Interpretation (disclaimed): Places responsibility on the user for their use of Output, including ensuring compliance with applicable law and non-infringement of third-party rights, establishing a duty of care in Output deployment. - Tier: All - Location: § 5 (Your Responsibility and Indemnity) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20are%20responsible,not%20infringe%20third-party%20rights. ### indemnity liability — risk unknown > You agree to indemnify us, defend us, and hold us harmless from and against any and all claims, liabilities, and expenses, including attorneys’ fees, arising out of your use of the Website and the Service, including but not limited to your violation of this Agreement, provided that GitHub (1) promptly gives you written notice of the claim, demand, suit or proceeding; (2) gives you sole control of the defense and settlement of the claim, demand, suit or proceeding (provided that you may not settle any claim, demand, suit or proceeding unless the settlement unconditionally releases GitHub of all liability); and (3) provides to you all reasonable assistance, at your expense. - Interpretation (disclaimed): Imposes a broad obligation on the user to indemnify, defend, and hold harmless GitHub against all claims, liabilities, and expenses including attorneys' fees arising from the user's use of the service or violation of the Agreement, subject to procedural conditions including prompt notice and user control of defense and settlement. - Tier: All - Location: § Q (Release and Indemnification) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20agree%20to,assistance%2C%20at%20your%20expense. ### indemnity liability — risk unknown > You are responsible for keeping your Account secure while you use our Service. We offer tools such as two-factor authentication to help you maintain your Account's security, but the content of your Account and its security are up to you. - Interpretation (disclaimed): Places responsibility on the user for maintaining Account security and content, noting GitHub offers tools like two-factor authentication but disclaiming ultimate responsibility, thereby allocating security obligations to the user. - Tier: All - Location: § 4 (Account Security) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20are%20responsible,are%20up%20to%20you. ### indemnity liability — risk unknown > the Service generally or the software or systems that make the Service available; - Interpretation (disclaimed): Excludes liability for damages arising from the Service generally or the underlying software and systems, broadly shielding GitHub from infrastructure-related claims. - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20the%20Service%20generally,make%20the%20Service%20available%3B ### indemnity liability — risk unknown > You are responsible for maintaining the security of your Account and password. GitHub cannot and will not be liable for any loss or damage from your failure to comply with this security obligation. - Interpretation (disclaimed): Assigns the user responsibility for Account and password security and explicitly disclaims GitHub's liability for any loss or damage resulting from the user's failure to comply with that security obligation. - Tier: All - Location: § 4 (Account Security) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20are%20responsible,with%20this%20security%20obligation. ### indemnity liability — risk unknown > Short version: We will not be liable for damages or losses arising from your use or inability to use the service or otherwise arising under this agreement. Please read this section carefully; it limits our obligations to you. - Interpretation (disclaimed): Plain-language summary that GitHub will not be liable for damages or losses arising from use or inability to use the service, reducing GitHub's obligations to users. - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20We,obligations%20to%20you.%20 ### indemnity liability — risk unknown > P. Limitation of Liability We will not be liable for damages or losses arising from your use or inability to use the service or otherwise arising under this agreement. Please read this section carefully; it limits our obligations to you. - Interpretation (disclaimed): Summary entry for Section P describing limitation of liability for damages arising from service use; cross-reference incorporating liability limitation provisions and directing users to read carefully. - Tier: All - Location: Article M - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20P.%20Limitation%20of,obligations%20to%20you.%20 ### indemnity liability — risk unknown > your use or inability to use the Service; - Interpretation (disclaimed): Extends liability exclusion to damages arising from the user's use or inability to use the Service, removing GitHub's responsibility for service unavailability or performance failures. - Tier: All - Location: § P (Limitation of Liability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20your%20use%20or,to%20use%20the%20Service%3B ### indemnity liability — risk unknown > If a code suggestion matches existing code, there is risk that using that suggestion could trigger claims of copyright infringement, which would depend on the amount and nature of code used, and the context of how the code is used. In many ways, this is the same risk that arises when using any code that a developer does not originate, such as copying code from an online source, or reusing code from a library. That is why responsible organizations and developers recommend that users employ code scanning policies to identify and evaluate potential matching code. In Copilot, you can opt whether to allow Copilot to suggest code completions that match publicly available code on GitHub.com. For more information, see " Configuring GitHub Copilot settings on GitHub.com ". If you have allowed suggestions that match public code, GitHub Copilot can provide you with details about the matching code when you accept such suggestions. Matching code does not necessarily mean copyright infringement, so it is ultimately up to the user to determine whether to use the suggestion, and what and who to attribute (along with other license compliance) in appropriate circumstances. - Interpretation (disclaimed): This segment acknowledges the risk of copyright infringement claims if a code suggestion matches existing code, advises users to employ code scanning policies, and frames this risk as analogous to reusing code from any external source, thereby disclosing legal risk without accepting liability for infringement arising from user use of suggestions. - Tier: All - Location: “What are the intellectual property considerations when using GitHub Copilot?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=If%20a%20code%20suggestion,compliance)%20in%20appropriate%20circumstances. ### indemnity liability — risk unknown > Not necessarily. GitHub Copilot users should align their use of Copilot with their respective risk tolerances. As noted above, GitHub Copilot is not intended to replace developers, or their individual skill and judgment, and is not intended to fully automate the process of code development. The same risks that apply to the use of any third-party code apply to the use of Copilot’s suggestions. - Interpretation (disclaimed): This segment places on the customer the responsibility to assess what safeguards are appropriate for their use case and to implement them, establishing a customer-side due diligence obligation that limits GitHub's liability for downstream misuse. - Tier: All - Location: “Can GitHub Copilot users simply use suggestions without concern?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Not%20necessarily.%20GitHub,use%20of%20Copilot%E2%80%99s%20suggestions. ### confidentiality — risk medium > This Agreement supersedes any proposal or prior agreement oral or written, and any other communications between you and GitHub relating to the subject matter of these terms including any confidentiality or nondisclosure agreements. - Interpretation (disclaimed): By superseding prior NDAs or confidentiality agreements, this clause could strip users of bespoke confidentiality protections they may have previously negotiated with GitHub, replacing them solely with whatever the ToS provides. - Tier: All - Location: § 5 (Amendments; Complete Agreement) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=This%20Agreement%20supersedes%20any,confidentiality%20or%20nondisclosure%20agreements. ### confidentiality — risk medium > Confidentiality Obligations. You agree that any non-public Beta Preview information we give you, such as information about a private Beta Preview, will be considered GitHub’s confidential information (collectively, “Confidential Information”), regardless of whether it is marked or identified as such. You agree to only use such Confidential Information for the express purpose of testing and evaluating the Beta Preview (the “Purpose”), and not for any other purpose. You should use the same degree of care as you would with your own confidential information, but no less than reasonable precautions to prevent any unauthorized use, disclosure, publication, or dissemination of our Confidential Information. You promise not to disclose, publish, or disseminate any Confidential Information to any third party, unless we don’t otherwise prohibit or restrict such disclosure (for example, you might be part of a GitHub-organized group discussion about a private Beta Preview feature). - Interpretation (disclaimed): The 'regardless of whether marked' standard expands the scope of what constitutes Confidential Information beyond typical NDA practice, increasing the risk that users inadvertently breach the agreement. The use restriction is narrow (testing/evaluation only). - Tier: All - Location: § 2 (Confidentiality) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=Confidentiality%20Obligations.%20You%20agree,private%20Beta%20Preview%20feature). ### confidentiality — risk unknown > Short version: We treat the content of private repositories as confidential, and we only access it as described in Section E.3 below—for security purposes, to assist the repository owner with a support matter, to maintain the integrity of the Service, to comply with our legal obligations, if we have reason to believe the contents are in violation of the law, or with your consent. - Interpretation (disclaimed): Short-version summary defining GitHub's treatment of private repository contents as confidential and enumerating the narrow circumstances permitting access, serving as an interpretive overview for the detailed provisions that follow. - Tier: All - Location: § E (Private Repositories) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20We,with%20your%20consent.%20 ### confidentiality — risk unknown > Some Accounts may have private repositories, which allow the User to control access to Content. - Interpretation (disclaimed): Defines the nature of private repositories as allowing the user to control access to content, establishing the foundational premise for the confidentiality provisions that follow. - Tier: All - Location: § 1 (Control of Private Repositories) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Some%20Accounts%20may,control%20access%20to%20Content. ### confidentiality — risk unknown > for security purposes; - Interpretation (disclaimed): Identifies security purposes as a permitted exception allowing GitHub to access private repository content without user consent. - Tier: All - Location: § 3 (Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20for%20security%20purposes%3B ### confidentiality — risk unknown > for automated scanning or manual review for known vulnerabilities, active malware, or other content known to violate our Terms of Service; - Interpretation (disclaimed): Permits automated scanning or manual review of private repository content for known vulnerabilities, active malware, or Terms of Service violations as an exception to the general no-access rule. - Tier: All - Location: § 3 (Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20for%20automated%20scanning,our%20Terms%20of%20Service%3B ### confidentiality — risk unknown > to maintain the integrity of the Service; or - Interpretation (disclaimed): Permits GitHub to access private repository content for the purpose of maintaining the integrity of the Service without requiring user consent. - Tier: All - Location: § 3 (Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20to%20maintain%20the,of%20the%20Service%3B%20or ### confidentiality — risk unknown > to comply with our legal obligations if we have reason to believe the contents are in violation of the law. - Interpretation (disclaimed): Permits GitHub to access private repository content to comply with legal obligations where there is reason to believe the contents violate the law. - Tier: All - Location: § 3 (Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20to%20comply%20with,violation%20of%20the%20law. ### confidentiality — risk unknown > Additionally, we may be compelled by law to disclose the contents of your private repositories. - Interpretation (disclaimed): Acknowledges that GitHub may be legally compelled to disclose private repository contents, establishing a legal-process exception to the confidentiality obligation. - Tier: All - Location: § 3 (Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Additionally%2C%20we%20may,of%20your%20private%20repositories. ### confidentiality — risk unknown > Short version: Beta Previews may not be supported or may change at any time. You may receive confidential information through those programs that must remain confidential while the program is private. We'd love your feedback to make our Beta Previews better. - Interpretation (disclaimed): Short-version description of Beta Previews terms, summarizing that previews may change without notice, may involve confidential information requiring secrecy, and inviting feedback; serves as a definitional and contextual framing for the operative clauses. - Tier: All - Location: § K (Beta Previews) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20Beta,Beta%20Previews%20better.%20 ### confidentiality — risk unknown > Some Accounts may have private repositories, which allow the User to control access to Content. - Interpretation (disclaimed): Section header for confidentiality of private repositories, serving as a structural incorporation reference for GitHub's confidentiality obligations regarding private repository content. - Tier: All - Location: § 1 (Control of Private Repositories) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Some%20Accounts%20may,control%20access%20to%20Content. ### confidentiality — risk unknown > You control access to the content of your private repositories. GitHub considers the contents of private repositories to be confidential to you, as set forth in Section E.2, and GitHub personnel will not access private repository content without your consent except in the following circumstances: - Interpretation (disclaimed): Lists security as one of the enumerated exceptions permitting GitHub personnel to access private repository content without user consent, qualifying the general restriction established in Section E.3. - Tier: All - Location: § 3 (Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20control%20access,in%20the%20following%20circumstances%3A ### confidentiality — risk unknown > for automated scanning or manual review for known vulnerabilities, active malware, or other content known to violate our Terms of Service; - Interpretation (disclaimed): Lists supporting the repository owner with a support matter as an enumerated exception permitting GitHub personnel to access private repository content without user consent. - Tier: All - Location: § 3 (Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20for%20automated%20scanning,our%20Terms%20of%20Service%3B ### confidentiality — risk unknown > to assist the repository owner with a support matter; - Interpretation (disclaimed): Lists maintaining the integrity of the Service as an enumerated exception permitting GitHub personnel to access private repository content without user consent. - Tier: All - Location: § 3 (Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20to%20assist%20the,with%20a%20support%20matter%3B ### confidentiality — risk unknown > to comply with our legal obligations if we have reason to believe the contents are in violation of the law. - Interpretation (disclaimed): Permits users to enable additional access to their private repositories beyond the default, and establishes that enabling GitHub services or features requiring additional rights to private repository content may expand those rights while maintaining confidentiality treatment, with a requirement that GitHub explain any additional rights needed. - Tier: All - Location: § 3 (Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20to%20comply%20with,violation%20of%20the%20law. ### confidentiality — risk unknown > You may enable various GitHub services or features that require additional rights to Your Content in private repositories. These rights may vary depending on the service or feature, but GitHub will continue to treat your private repository Content as confidential. If those services or features require rights in addition to those we need to provide the GitHub Service, we will provide an explanation of those rights. - Interpretation (disclaimed): States that GitHub may be legally compelled to disclose private repository contents, establishing a legal-obligation exception to the confidentiality protections for private repositories. - Tier: All - Location: § 3 (Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20may%20enable,explanation%20of%20those%20rights. ### confidentiality — risk unknown > If you’d like to use GitHub’s trademarks, you must follow all of our trademark guidelines, including those on our logos page: https://github.com/logos . - Interpretation (disclaimed): Restricts use of GitHub's trademarks and logos to compliance with GitHub's trademark guidelines, creating an obligation to follow those guidelines as a condition of use. - Tier: All - Location: § 2 (GitHub Trademarks and Logos) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20If%20you%E2%80%99d%20like,logos%20page%3A%20https%3A%2F%2Fgithub.com%2Flogos%20. ### confidentiality — risk unknown > Beta Previews may not be supported and may be changed at any time without notice. In addition, Beta Previews are not subject to the same security measures and auditing to which the Service has been and is subject. By using a Beta Preview, you use it at your own risk. - Interpretation (disclaimed): Sub-section header introducing the confidentiality obligations applicable to Beta Preview users who receive non-public information. - Tier: All - Location: § 1 (Subject to Change) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Beta%20Previews%20may,your%20own%20risk.%20 ### confidentiality — risk unknown > Exceptions. Confidential Information will not include information that is: (a) or becomes publicly available without breach of this Agreement through no act or inaction on your part (such as when a private Beta Preview becomes a public Beta Preview); (b) known to you before we disclose it to you; (c) independently developed by you without breach of any confidentiality obligation to us or any third party; or (d) disclosed with permission from GitHub. You will not violate the terms of this Agreement if you are required to disclose Confidential Information pursuant to operation of law, provided GitHub has been given reasonable advance written notice to object, unless prohibited by law. - Interpretation (disclaimed): This clause defines the exceptions to what qualifies as Confidential Information, carving out publicly available information, previously known information, independently developed information, and permissively disclosed information from confidentiality obligations, and also provides an exception for legally compelled disclosure. - Tier: All - Location: § 2 (Confidentiality) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Exceptions.%20Confidential%20Information,unless%20prohibited%20by%20law. ### confidentiality — risk unknown > This Agreement may only be modified by a written amendment signed by an authorized representative of GitHub, or by the posting by GitHub of a revised version in accordance with Section R. Changes to These Terms . These Terms of Service, together with the GitHub Privacy Statement, represent the complete and exclusive statement of the agreement between you and us. This Agreement supersedes any proposal or prior agreement oral or written, and any other communications between you and GitHub relating to the subject matter of these terms including any confidentiality or nondisclosure agreements. - Interpretation (disclaimed): States that the agreement may only be modified by signed written amendment or posted revised version per Section R, declares these Terms together with the GitHub Privacy Statement as the complete and exclusive agreement, superseding all prior proposals, oral or written agreements, and confidentiality or nondisclosure agreements. - Tier: All - Location: § 5 (Amendments; Complete Agreement) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20This%20Agreement%20may,confidentiality%20or%20nondisclosure%20agreements. ### confidentiality — risk unknown > If your GitHub account has private repositories, our ability and rights to access private repository information is set forth in Section E (Private Repositories) of the GitHub Terms of Service. - Interpretation (disclaimed): This segment incorporates by reference Section E (Private Repositories) of the GitHub Terms of Service to define the scope and limits of GitHub's ability and rights to access private repository information, making those terms operative with respect to confidentiality of private data. - Tier: All - Location: Privacy Policy › “Private repositories: GitHub Access” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20If%20your%20GitHub,GitHub%20Terms%20of%20Service. ### confidentiality — risk unknown > Short version: Beta Previews may not be supported or may change at any time. You may receive confidential information through those programs that must remain confidential while the program is private. We'd love your feedback to make our Beta Previews better. - Interpretation (disclaimed): Sub-section header for the 'Subject to Change' provision under Beta Previews, introducing disclaimers about support, stability, and security of Beta Preview features. - Tier: All - Location: § K (Beta Previews) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20Beta,Beta%20Previews%20better.%20 ### confidentiality — risk unknown > Short version: We treat the content of private repositories as confidential, and we only access it as described in Section E.3 below—for security purposes, to assist the repository owner with a support matter, to maintain the integrity of the Service, to comply with our legal obligations, if we have reason to believe the contents are in violation of the law, or with your consent. - Interpretation (disclaimed): Section header for control of private repositories, serving as a structural definition/incorporation reference for the access control terms that follow. - Tier: All - Location: § E (Private Repositories) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20We,with%20your%20consent.%20 ### confidentiality — risk unknown > You may choose to enable additional access to your private repositories. For example: - Interpretation (disclaimed): Grants users the ability to voluntarily enable additional access to their private repositories, indicating that expanded access is opt-in and user-directed. - Tier: All - Location: § 3 (Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20may%20choose,private%20repositories.%20For%20example%3A ### confidentiality — risk unknown > to maintain the integrity of the Service; or - Interpretation (disclaimed): Lists compliance with legal obligations where GitHub has reason to believe the contents violate the law as an enumerated exception permitting GitHub personnel to access private repository content without user consent. - Tier: All - Location: § 3 (Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20to%20maintain%20the,of%20the%20Service%3B%20or ### confidentiality — risk ambiguous > E. Private Repositories This section talks about how GitHub will treat content you post in private repositories. - Interpretation (disclaimed): Private repository confidentiality is a key concern for enterprise and individual users storing proprietary code. Without Section E's operative text, the scope of protections and GitHub's reserved access rights cannot be assessed. - Tier: All - Location: Article D - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=E.%20Private%20Repositories%20This,post%20in%20private%20repositories. ### confidentiality — risk unknown > As a user of Beta Previews, you may get access to special information that isn’t available to the rest of the world. Due to the sensitive nature of this information, it’s important for us to make sure that you keep that information secret. - Interpretation (disclaimed): Defines non-public Beta Preview information as GitHub's Confidential Information and obligates users to use it only for the express purpose of testing and evaluating the Beta Preview, applying a duty of care no less than reasonable precaution to protect such information. - Tier: All - Location: § 2 (Confidentiality) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20As%20a%20user,keep%20that%20information%20secret. ### confidentiality — risk unknown > GitHub considers the contents of private repositories to be confidential to you. GitHub will protect the contents of private repositories from unauthorized use, access, or disclosure in the same manner that we would use to protect our own confidential information of a similar nature and in no event with less than a reasonable degree of care. - Interpretation (disclaimed): Section header for access to private repositories, serving as a structural incorporation reference for the enumerated circumstances under which GitHub personnel may access private repository content. - Tier: All - Location: § 2 (Confidentiality of Private Repositories) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20GitHub%20considers%20the,reasonable%20degree%20of%20care. ### confidentiality — risk unknown > Confidentiality Obligations. You agree that any non-public Beta Preview information we give you, such as information about a private Beta Preview, will be considered GitHub’s confidential information (collectively, “Confidential Information”), regardless of whether it is marked or identified as such. You agree to only use such Confidential Information for the express purpose of testing and evaluating the Beta Preview (the “Purpose”), and not for any other purpose. You should use the same degree of care as you would with your own confidential information, but no less than reasonable precautions to prevent any unauthorized use, disclosure, publication, or dissemination of our Confidential Information. You promise not to disclose, publish, or disseminate any Confidential Information to any third party, unless we don’t otherwise prohibit or restrict such disclosure (for example, you might be part of a GitHub-organized group discussion about a private Beta Preview feature). - Interpretation (disclaimed): Defines Beta Preview non-public information as GitHub's Confidential Information, obligates users to use it only for testing and evaluating the Beta Preview, and requires users to apply at least reasonable precautions—no less than those applied to their own confidential information—to protect it. - Tier: All - Location: § 2 (Confidentiality) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Confidentiality%20Obligations.%20You,private%20Beta%20Preview%20feature). ### confidentiality — risk unknown > This Section D.9 does not apply to Access solely for the purpose of academic research or if, on the date you Access the Content, the number of monthly active users of the products or services made available by you is less than 700 million in the preceding calendar month. For the purposes of this Section, "you" shall refer to you and any entity that directly or indirectly controls, is controlled by, or is under common control with you (affiliates). - Interpretation (disclaimed): Section header introducing the private repositories section, followed by a short-version summary establishing the confidentiality treatment of private repository content and enumerating the limited circumstances under which GitHub may access it. - Tier: All - Location: § 9 (Access Reciprocity) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20This%20Section%20D.9,control%20with%20you%20(affiliates). ### confidentiality — risk unknown > If you provide your private repository content as Input to AI Features, we may use that Input to provide, develop, train, and improve the Service, including AI Features. Your ability to opt out under Section J.3 applies to this use of private repository content. We will not otherwise use your private repository contents to develop or improve the Service. - Interpretation (disclaimed): Obligates GitHub to provide notice to users regarding access to private repository content, subject to exceptions for legal disclosure requirements, legal obligations, legal process, automated scanning, or security threat responses, establishing a transparency duty around private repository access. - Tier: All - Location: § 3 (Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20If%20you%20provide,or%20improve%20the%20Service. ### confidentiality — risk unknown > Exceptions. Confidential Information will not include information that is: (a) or becomes publicly available without breach of this Agreement through no act or inaction on your part (such as when a private Beta Preview becomes a public Beta Preview); (b) known to you before we disclose it to you; (c) independently developed by you without breach of any confidentiality obligation to us or any third party; or (d) disclosed with permission from GitHub. You will not violate the terms of this Agreement if you are required to disclose Confidential Information pursuant to operation of law, provided GitHub has been given reasonable advance written notice to object, unless prohibited by law. - Interpretation (disclaimed): Defines the exceptions to what constitutes Confidential Information, carving out publicly available, previously known, independently developed, or permissively disclosed information, and provides a safe harbor when disclosure is compelled by law. - Tier: All - Location: § 2 (Confidentiality) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Exceptions.%20Confidential%20Information,unless%20prohibited%20by%20law. ### confidentiality — risk unknown > If you’d like to use GitHub’s trademarks, you must follow all of our trademark guidelines, including those on our logos page: https://github.com/logos . - Interpretation (disclaimed): Imposes an obligation on users who wish to use GitHub's trademarks to comply with GitHub's trademark guidelines, including logo-specific guidelines linked therein. - Tier: All - Location: § 2 (GitHub Trademarks and Logos) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20If%20you%E2%80%99d%20like,logos%20page%3A%20https%3A%2F%2Fgithub.com%2Flogos%20. ### confidentiality — risk unknown > GitHub will provide notice regarding our access to private repository content, unless for legal disclosure , to comply with our legal obligations, or where otherwise bound by requirements under law, for automated scanning, or if in response to a security threat or other risk to security. - Interpretation (disclaimed): Obligates GitHub to provide notice to users when accessing private repository content, subject to exceptions for legal disclosure requirements, legal obligations, automated scanning, or security threat responses. - Tier: All - Location: § 3 (Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20GitHub%20will%20provide,other%20risk%20to%20security. ### confidentiality — risk unknown > By choosing to contribute Content to a public repository, you are choosing to and directing us to make such Content accessible to everyone on the internet. Unless specifically set forth herein, these Terms do not restrict lawful access to or use of the contents of public repositories by third parties, or by GitHub or its Affiliates. - Interpretation (disclaimed): Establishes that contributing to a public repository directs GitHub to make that content accessible to all internet users and explicitly permits lawful third-party access to public repository contents without restriction under these Terms. - Tier: All - Location: § 8 (Public Repositories and Lawful Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20By%20choosing%20to,GitHub%20or%20its%20Affiliates. ### confidentiality — risk unknown > You may enable various GitHub services or features that require additional rights to Your Content in private repositories. These rights may vary depending on the service or feature, but GitHub will continue to treat your private repository Content as confidential. If those services or features require rights in addition to those we need to provide the GitHub Service, we will provide an explanation of those rights. - Interpretation (disclaimed): Obligates GitHub to explain any additional rights required by optional services or features that access private repository content, while maintaining the general confidentiality treatment. - Tier: All - Location: § 3 (Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20may%20enable,explanation%20of%20those%20rights. ### confidentiality — risk unknown > to assist the repository owner with a support matter; - Interpretation (disclaimed): Permits GitHub personnel to access private repository content without consent in order to assist the repository owner with a support matter. - Tier: All - Location: § 3 (Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20to%20assist%20the,with%20a%20support%20matter%3B ### confidentiality — risk unknown > GitHub considers the contents of private repositories to be confidential to you. GitHub will protect the contents of private repositories from unauthorized use, access, or disclosure in the same manner that we would use to protect our own confidential information of a similar nature and in no event with less than a reasonable degree of care. - Interpretation (disclaimed): Obligates GitHub to treat private repository contents as confidential and to protect them from unauthorized use, access, or disclosure using at least a reasonable degree of care equivalent to the protection GitHub applies to its own confidential information. - Tier: All - Location: § 2 (Confidentiality of Private Repositories) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20GitHub%20considers%20the,reasonable%20degree%20of%20care. ### confidentiality — risk unknown > You control access to the content of your private repositories. GitHub considers the contents of private repositories to be confidential to you, as set forth in Section E.2, and GitHub personnel will not access private repository content without your consent except in the following circumstances: - Interpretation (disclaimed): Restricts GitHub personnel from accessing private repository content without user consent except in the enumerated circumstances that follow, reinforcing the confidentiality obligation. - Tier: All - Location: § 3 (Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20control%20access,in%20the%20following%20circumstances%3A ### confidentiality — risk unknown > As a user of Beta Previews, you may get access to special information that isn’t available to the rest of the world. Due to the sensitive nature of this information, it’s important for us to make sure that you keep that information secret. - Interpretation (disclaimed): Establishes that Beta Preview users may receive non-public special information and imposes a general duty of secrecy over such information due to its sensitive nature, framing the confidentiality obligation. - Tier: All - Location: § 2 (Confidentiality) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20As%20a%20user,keep%20that%20information%20secret. ### governing law disputes — risk medium > S. Miscellaneous Please see this section for legal details including our choice of law. - Interpretation (disclaimed): Choice-of-law provisions determine the jurisdiction whose law governs disputes. Non-US users may face disadvantage if US law (likely California or Delaware) is mandated. The full operative terms are in the missing Section S. - Tier: All - Location: Article M - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=S.%20Miscellaneous%20Please%20see,our%20choice%20of%20law. ### governing law disputes — risk medium > Except to the extent applicable law provides otherwise, this Agreement between you and GitHub and any access to or use of the Website or the Service are governed by the federal laws of the United States of America and the laws of the State of California, without regard to conflict of law provisions. You and GitHub agree to submit to the exclusive jurisdiction and venue of the courts located in the City and County of San Francisco, California. However, any claim for injunctive relief with respect to a violation of section D.9 may be brought in any jurisdiction. - Interpretation (disclaimed): Mandatory California/federal law and exclusive San Francisco venue provisions may disadvantage international users or those in other US states who would face significant cost and inconvenience to litigate disputes. The carve-out for injunctive relief in any jurisdiction benefits GitHub more than users. - Tier: All - Location: § 1 (Governing Law) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=Except%20to%20the%20extent,brought%20in%20any%20jurisdiction. ### governing law disputes — risk low > In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, GitHub commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU, UK, and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension, and the Swiss-U.S. DPF should first contact GitHub at: dpo[at]github[dot]com. If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://go.adr.org/dpf_irm.html for more information or to file a complaint. The services of the International Centre for Dispute Resolution are provided at no cost to you. An individual has the possibility, under certain conditions, to invoke binding arbitration for complaints regarding DPF compliance not resolved by any of the other DPF mechanisms. - Interpretation (disclaimed): The DPF dispute resolution pathway funnels complaints through internal processes, then third-party ADR, and finally binding arbitration. While offered at no cost, binding arbitration forecloses court-based remedies for affected EU/UK/Swiss users. - Tier: All - Location: Privacy Policy › “Dispute resolution process” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=In%20compliance%20with%20the,the%20other%20DPF%20mechanisms. ### governing law disputes — risk unknown > S. Miscellaneous Please see this section for legal details including our choice of law. - Interpretation (disclaimed): Summary entry for Section S referencing legal details including choice of law; cross-reference incorporating governing law and dispute resolution provisions. - Tier: All - Location: Article M - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20S.%20Miscellaneous%20Please,choice%20of%20law.%20 ### governing law disputes — risk unknown > Communications made through email or GitHub Support's messaging system will not constitute legal notice to GitHub or any of its officers, employees, agents or representatives in any situation where notice to GitHub is required by contract or any law or regulation. Legal notice to GitHub must be in writing and served on GitHub's legal agent . - Interpretation (disclaimed): Specifies the required procedure for legal notices to GitHub, establishing that email or support messages do not constitute legal notice and that formal legal notice must be in writing and served on GitHub's legal agent, governing the dispute-notification mechanism. - Tier: All - Location: § 2 (Legal Notice to GitHub Must Be in Writing) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Communications%20made%20through,GitHub's%20legal%20agent%20. ### governing law disputes — risk unknown > Short version: We want our users to be informed of important changes to our terms, but some changes aren't that important — we don't want to bother you every time we fix a typo. So while we may modify this agreement at any time, we will notify users of any material changes and give you time to adjust to them. - Interpretation (disclaimed): Plain-language summary explaining GitHub's intent to notify users of material changes while reserving the right to modify the agreement at any time, framing the amendment procedures that follow. - Tier: All - Location: § R (Changes to These Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20We,adjust%20to%20them.%20 ### governing law disputes — risk unknown > Throughout this Agreement, each section includes titles and brief summaries of the following terms and conditions. These section titles and brief summaries are not legally binding. - Interpretation (disclaimed): Clarifies that section titles and brief summaries throughout the Agreement are not legally binding, defining the interpretive status of organizational headings so they cannot be used to create legal obligations. - Tier: All - Location: § 3 (Section Headings and Summaries) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Throughout%20this%20Agreement%2C,are%20not%20legally%20binding. ### governing law disputes — risk unknown > If any part of this Agreement is held invalid or unenforceable, that portion of the Agreement will be construed to reflect the parties’ original intent. The remaining portions will remain in full force and effect. Any failure on the part of GitHub to enforce any provision of this Agreement will not be considered a waiver of our right to enforce such provision. Our rights under this Agreement will survive any termination of this Agreement. - Interpretation (disclaimed): Establishes severability (invalid portions construed to reflect original intent), no-waiver (failure to enforce does not waive rights), and survival (GitHub's rights survive termination), providing interpretive rules that preserve the Agreement's enforceability and GitHub's ongoing rights. - Tier: All - Location: § 4 (Severability, No Waiver, and Survival) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20If%20any%20part,termination%20of%20this%20Agreement. ### governing law disputes — risk unknown > Questions about the Terms of Service? Contact us through the GitHub Support portal . - Interpretation (disclaimed): Provides the procedure for users to contact GitHub with questions about the Terms of Service via the GitHub Support portal, establishing a formal channel for legal inquiries. - Tier: All - Location: § 6 (Questions) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Questions%20about%20the,GitHub%20Support%20portal%20. ### governing law disputes — risk unknown > The “Website” refers to GitHub’s website located at github.com , and all content, services, and products provided by GitHub at or through the Website. It also refers to GitHub-owned subdomains of github.com, such as education.github.com and pages.github.com . These Terms also govern GitHub’s conference websites, such as githubuniverse.com , and product websites, such as electronjs.org . Occasionally, websites owned by GitHub may provide different or additional terms of service. If those additional terms conflict with this Agreement, the more specific terms apply to the relevant page or service. - Interpretation (disclaimed): Defines 'Website' and its scope, including subdomains and conference/product sites, and specifies that more specific terms prevail over this Agreement in case of conflict, establishing a hierarchy of governing terms. - Tier: All - Location: § A (Definitions) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20The%20%E2%80%9CWebsite%E2%80%9D%20refers,relevant%20page%20or%20service. ### governing law disputes — risk unknown > All use of the GitHub API is subject to these Terms of Service and the GitHub Privacy Statement . - Interpretation (disclaimed): Subjects all API use to both the Terms of Service and the GitHub Privacy Statement, incorporating those documents as binding on API users. - Tier: All - Location: § H (API Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20All%20use%20of,GitHub%20Privacy%20Statement%20. ### governing law disputes — risk unknown > For contractual purposes, you (1) consent to receive communications from us in an electronic form via the email address you have submitted or via the Service; and (2) agree that all Terms of Service, agreements, notices, disclosures, and other communications that we provide to you electronically satisfy any legal requirement that those communications would satisfy if they were on paper. This section does not affect your non-waivable rights. - Interpretation (disclaimed): This is a section heading ('Legal Notice to GitHub Must Be in Writing') that introduces the formal legal notice requirements; it labels the following substantive provision. - Tier: All - Location: § 1 (Electronic Communication Required) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20For%20contractual%20purposes%2C,affect%20your%20non-waivable%20rights. ### governing law disputes — risk unknown > Short version: We want our users to be informed of important changes to our terms, but some changes aren't that important — we don't want to bother you every time we fix a typo. So while we may modify this agreement at any time, we will notify users of any material changes and give you time to adjust to them. - Interpretation (disclaimed): Plain-language summary explaining GitHub's policy of notifying users of material changes while reserving the right to modify the agreement at any time. - Tier: All - Location: § R (Changes to These Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20We,adjust%20to%20them.%20 ### governing law disputes — risk unknown > GitHub may assign or delegate these Terms of Service and/or the GitHub Privacy Statement , in whole or in part, to any person or entity at any time with or without your consent, including the license grant in Section D.4. You may not assign or delegate any rights or obligations under the Terms of Service or Privacy Statement without our prior written consent, and any unauthorized assignment and delegation by you is void. - Interpretation (disclaimed): Permits GitHub to freely assign or delegate the Terms and privacy statement at any time without consent, while restricting users from assigning or delegating any rights or obligations without GitHub's prior written consent, voiding any unauthorized assignment. - Tier: All - Location: § 2 (Non-Assignability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20GitHub%20may%20assign,by%20you%20is%20void. ### governing law disputes — risk unknown > Questions about the Terms of Service? Contact us through the GitHub Support portal . - Interpretation (disclaimed): Directs users with questions about the Terms of Service to contact GitHub through the GitHub Support portal, establishing a procedural channel for inquiry. - Tier: All - Location: § 6 (Questions) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Questions%20about%20the,GitHub%20Support%20portal%20. ### governing law disputes — risk unknown > If you do not receive timely acknowledgment of your DPF Principles-related complaint from us, or if we have not addressed your DPF Principles-related complaint to your satisfaction, please visit https://go.adr.org/dpf_irm.html for more information or to file a complaint. The services of the International Centre for Dispute Resolution are provided at no cost to you. - Interpretation (disclaimed): Provides an escalation path for unresolved DPF complaints to the International Centre for Dispute Resolution (ICDR/ADR) at no cost to the complainant, establishing an alternative dispute resolution mechanism. - Tier: All - Location: Privacy Policy › “Dispute resolution process” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20If%20you%20do,no%20cost%20to%20you. ### governing law disputes — risk unknown > We reserve the right, at our sole discretion, to amend these Terms of Service at any time and will update these Terms of Service in the event of any such amendments. We will notify our Users of material changes to this Agreement, such as price increases, at least 30 days prior to the change taking effect by posting a notice on our Website or sending email to the primary email address specified in your GitHub account. Customer's continued use of the Service after those 30 days constitutes agreement to those revisions of this Agreement. For any other modifications, your continued use of the Website constitutes agreement to our revisions of these Terms of Service. You can view all changes to these Terms in our Site Policy repository. - Interpretation (disclaimed): Reserves GitHub's right to amend the Terms at its sole discretion, requires 30-day advance notice of material changes via website posting or email, and deems continued use after 30 days as acceptance of revisions. - Tier: All - Location: § R (Changes to These Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20We%20reserve%20the,our%20Site%20Policy%20repository. ### governing law disputes — risk unknown > If any part of this Agreement is held invalid or unenforceable, that portion of the Agreement will be construed to reflect the parties’ original intent. The remaining portions will remain in full force and effect. Any failure on the part of GitHub to enforce any provision of this Agreement will not be considered a waiver of our right to enforce such provision. Our rights under this Agreement will survive any termination of this Agreement. - Interpretation (disclaimed): Establishes severability (invalid portions are construed to reflect original intent while remaining portions stay in effect), no-waiver (failure to enforce is not a waiver), and survival (GitHub's rights survive termination), providing structural rules for the agreement's enforceability. - Tier: All - Location: § 4 (Severability, No Waiver, and Survival) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20If%20any%20part,termination%20of%20this%20Agreement. ### governing law disputes — risk unknown > We reserve the right at any time and from time to time to modify or discontinue, temporarily or permanently, the Website (or any part of it) with or without notice. - Interpretation (disclaimed): Reserves GitHub's right to modify or discontinue the Website or any part of it, temporarily or permanently, at any time with or without notice, establishing a broad unilateral right of service alteration. - Tier: All - Location: § R (Changes to These Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20We%20reserve%20the,with%20or%20without%20notice. ### governing law disputes — risk unknown > Except to the extent applicable law provides otherwise, this Agreement between you and GitHub and any access to or use of the Website or the Service are governed by the federal laws of the United States of America and the laws of the State of California, without regard to conflict of law provisions. You and GitHub agree to submit to the exclusive jurisdiction and venue of the courts located in the City and County of San Francisco, California. However, any claim for injunctive relief with respect to a violation of section D.9 may be brought in any jurisdiction. - Interpretation (disclaimed): Establishes that the agreement is governed by U.S. federal law and California state law, submits disputes to the exclusive jurisdiction of San Francisco courts, with an exception allowing injunctive relief claims under section D.9 to be brought in any jurisdiction. - Tier: All - Location: § 1 (Governing Law) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Except%20to%20the,brought%20in%20any%20jurisdiction. ### governing law disputes — risk unknown > S. Miscellaneous Please see this section for legal details including our choice of law. - Interpretation (disclaimed): Summary entry directing readers to the Miscellaneous section for legal details including choice of law; cross-references the governing law and dispute resolution provisions. - Tier: All - Location: Article M - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20S.%20Miscellaneous%20Please,choice%20of%20law.%20 ### governing law disputes — risk unknown > Throughout this Agreement, each section includes titles and brief summaries of the following terms and conditions. These section titles and brief summaries are not legally binding. - Interpretation (disclaimed): Clarifies that section titles and brief summaries throughout the agreement are not legally binding, preventing their use as operative contract terms in disputes. - Tier: All - Location: § 3 (Section Headings and Summaries) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Throughout%20this%20Agreement%2C,are%20not%20legally%20binding. ### governing law disputes — risk unknown > In some situations, third parties' terms may apply to your use of GitHub. For example, you may be a member of an organization on GitHub with its own terms or license agreements; you may download an application that integrates with GitHub; or you may use GitHub to authenticate to another service. Please be aware that while these Terms are our full agreement with you, other parties' terms govern their relationships with you. - Interpretation (disclaimed): Incorporates the Government Amendment to GitHub Terms of Service for government users or government-capacity access, making those provisions binding on such users. - Tier: All - Location: § 5 (Additional Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20In%20some%20situations%2C,their%20relationships%20with%20you. ### governing law disputes — risk unknown > GitHub may assign or delegate these Terms of Service and/or the GitHub Privacy Statement , in whole or in part, to any person or entity at any time with or without your consent, including the license grant in Section D.4. You may not assign or delegate any rights or obligations under the Terms of Service or Privacy Statement without our prior written consent, and any unauthorized assignment and delegation by you is void. - Interpretation (disclaimed): Permits GitHub to assign or delegate the Terms and Privacy Statement including license grants to any person at any time without user consent, while restricting users from assigning or delegating any rights or obligations without GitHub's prior written consent and voiding any unauthorized assignment. - Tier: All - Location: § 2 (Non-Assignability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20GitHub%20may%20assign,by%20you%20is%20void. ### governing law disputes — risk unknown > In some situations, third parties' terms may apply to your use of GitHub. For example, you may be a member of an organization on GitHub with its own terms or license agreements; you may download an application that integrates with GitHub; or you may use GitHub to authenticate to another service. Please be aware that while these Terms are our full agreement with you, other parties' terms govern their relationships with you. - Interpretation (disclaimed): Acknowledges that third-party terms may apply in certain contexts (organizations, integrations, authentication) and clarifies that while these Terms govern the GitHub relationship, third-party terms separately govern those third-party relationships. - Tier: All - Location: § 5 (Additional Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20In%20some%20situations%2C,their%20relationships%20with%20you. ### governing law disputes — risk unknown > For contractual purposes, you (1) consent to receive communications from us in an electronic form via the email address you have submitted or via the Service; and (2) agree that all Terms of Service, agreements, notices, disclosures, and other communications that we provide to you electronically satisfy any legal requirement that those communications would satisfy if they were on paper. This section does not affect your non-waivable rights. - Interpretation (disclaimed): Requires users to consent to receive electronic communications from GitHub and to accept that electronic communications satisfy legal notice requirements, establishing the binding nature of electronic delivery and communications for contractual purposes. - Tier: All - Location: § 1 (Electronic Communication Required) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20For%20contractual%20purposes%2C,affect%20your%20non-waivable%20rights. ### governing law disputes — risk unknown > This Agreement may only be modified by a written amendment signed by an authorized representative of GitHub, or by the posting by GitHub of a revised version in accordance with Section R. Changes to These Terms . These Terms of Service, together with the GitHub Privacy Statement, represent the complete and exclusive statement of the agreement between you and us. This Agreement supersedes any proposal or prior agreement oral or written, and any other communications between you and GitHub relating to the subject matter of these terms including any confidentiality or nondisclosure agreements. - Interpretation (disclaimed): Specifies that the Agreement may only be modified by written amendment from an authorized GitHub representative or by GitHub posting a revised version per Section R; incorporates the Privacy Statement as part of the complete agreement; and supersedes all prior proposals, oral or written agreements, and confidentiality or non-disclosure agreements between the parties. - Tier: All - Location: § 5 (Amendments; Complete Agreement) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20This%20Agreement%20may,confidentiality%20or%20nondisclosure%20agreements. ### governing law disputes — risk unknown > Except to the extent applicable law provides otherwise, this Agreement between you and GitHub and any access to or use of the Website or the Service are governed by the federal laws of the United States of America and the laws of the State of California, without regard to conflict of law provisions. You and GitHub agree to submit to the exclusive jurisdiction and venue of the courts located in the City and County of San Francisco, California. However, any claim for injunctive relief with respect to a violation of section D.9 may be brought in any jurisdiction. - Interpretation (disclaimed): Establishes that the Agreement is governed by U.S. federal law and California state law, requires submission to exclusive jurisdiction and venue in San Francisco courts, and carves out an exception permitting injunctive relief claims under section D.9 to be brought in any jurisdiction. - Tier: All - Location: § 1 (Governing Law) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Except%20to%20the,brought%20in%20any%20jurisdiction. ### governing law disputes — risk unknown > We reserve the right, at our sole discretion, to amend these Terms of Service at any time and will update these Terms of Service in the event of any such amendments. We will notify our Users of material changes to this Agreement, such as price increases, at least 30 days prior to the change taking effect by posting a notice on our Website or sending email to the primary email address specified in your GitHub account. Customer's continued use of the Service after those 30 days constitutes agreement to those revisions of this Agreement. For any other modifications, your continued use of the Website constitutes agreement to our revisions of these Terms of Service. You can view all changes to these Terms in our Site Policy repository. - Interpretation (disclaimed): Establishes GitHub's right to amend the Terms at its sole discretion, requires 30-day advance notice for material changes such as price increases via website posting or email, and deems continued use of the Service after 30 days as acceptance of the revised terms. - Tier: All - Location: § R (Changes to These Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20We%20reserve%20the,our%20Site%20Policy%20repository. ### governing law disputes — risk unknown > The “Website” refers to GitHub’s website located at github.com , and all content, services, and products provided by GitHub at or through the Website. It also refers to GitHub-owned subdomains of github.com, such as education.github.com and pages.github.com . These Terms also govern GitHub’s conference websites, such as githubuniverse.com , and product websites, such as electronjs.org . Occasionally, websites owned by GitHub may provide different or additional terms of service. If those additional terms conflict with this Agreement, the more specific terms apply to the relevant page or service. - Interpretation (disclaimed): Defines 'Website' and specifies that these Terms govern multiple GitHub web properties, with an incorporation rule that more specific terms apply when additional terms conflict with the Agreement. - Tier: All - Location: § A (Definitions) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20The%20%E2%80%9CWebsite%E2%80%9D%20refers,relevant%20page%20or%20service. ### governing law disputes — risk unknown > We reserve the right at any time and from time to time to modify or discontinue, temporarily or permanently, the Website (or any part of it) with or without notice. - Interpretation (disclaimed): Reserves GitHub's right at any time to modify or discontinue the Website or any part of it, temporarily or permanently, with or without notice, establishing broad unilateral rights over service availability. - Tier: All - Location: § R (Changes to These Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20We%20reserve%20the,with%20or%20without%20notice. ### governing law disputes — risk unknown > In compliance with the EU-U.S. DPF, the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. DPF, GitHub commits to resolve DPF Principles-related complaints about our collection and use of your personal information. EU, UK, and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the EU-U.S. DPF, the UK Extension, and the Swiss-U.S. DPF should first contact GitHub at: dpo[at]github[dot]com. - Interpretation (disclaimed): Commits GitHub to resolving DPF Principles-related complaints from EU, UK, and Swiss individuals and designates the DPO email as the first point of contact for such complaints, establishing a required pre-dispute procedure. - Tier: All - Location: Privacy Policy › “Dispute resolution process” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20In%20compliance%20with,contact%20GitHub%20at%3A%20dpo%5Bat%5Dgithub%5Bdot%5Dcom. ### governing law disputes — risk unknown > GitHub is subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC). Under Section 5 of the Federal Trade Commission Act (15 U.S.C. § 45), an organization's failure to abide by commitments to implement the DPF Principles may be challenged as deceptive by the FTC. The FTC has the power to prohibit such misrepresentations through administrative orders or by seeking court orders. - Interpretation (disclaimed): Confirms GitHub is subject to FTC investigatory and enforcement powers under Section 5 of the FTC Act, establishing that failure to adhere to DPF Principles may be treated as deceptive and subject to administrative or court orders. - Tier: All - Location: Privacy Policy › “Government Enforcement” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20GitHub%20is%20subject,by%20seeking%20court%20orders. ### governing law disputes — risk unknown > Below are translations of this document into other languages. In the event of any conflict, uncertainty, or apparent inconsistency between any of those versions and the English version, this English version is the controlling version. - Interpretation (disclaimed): Establishes the English version of the Privacy Statement as the authoritative controlling version in cases of conflict, uncertainty, or inconsistency with translated versions, creating a binding interpretation rule. - Tier: All - Location: Privacy Policy › “Translations” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20Below%20are%20translations,is%20the%20controlling%20version. ### governing law disputes — risk unknown > An individual has the possibility, under certain conditions, to invoke binding arbitration for complaints regarding DPF compliance not resolved by any of the other DPF mechanisms. For additional information visit https://www.dataprivacyframework.gov/framework-article/ANNEX-I-introduction . - Interpretation (disclaimed): Grants individuals the conditional right to invoke binding arbitration under the DPF Annex I mechanism for unresolved DPF compliance complaints, creating an enforceable dispute resolution right. - Tier: All - Location: Privacy Policy › “Dispute resolution process” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20An%20individual%20has,information%20visit%20https%3A%2F%2Fwww.dataprivacyframework.gov%2Fframework-article%2FANNEX-I-introduction%20. ### moderation enforcement — risk high > GitHub has the right to suspend or terminate your access to all or any part of the Website at any time, with or without cause, with or without notice, effective immediately. GitHub reserves the right to refuse service to anyone for any reason at any time. - Interpretation (disclaimed): This is a maximally broad unilateral termination clause. For paid users or businesses dependent on the platform, abrupt termination without cause or notice creates significant operational and financial risk. No-refund provisions in the payment section compound this risk. - Tier: All - Location: § 3 (GitHub May Terminate) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=GitHub%20has%20the%20right,reason%20at%20any%20time. ### moderation enforcement — risk medium > For abuse detection, prevention, and protection, virus scanning, and scanning to detect violations of terms of service - Interpretation (disclaimed): The explicit reference to scanning content for violations of terms of service means user inputs and outputs are subject to monitoring. No safe harbor or procedural protections for suspension/termination are described in this document. - Tier: All - Location: “To comply with and resolve legal obligations” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=For%20abuse%20detection%2C%20prevention%2C,of%20terms%20of%20service ### moderation enforcement — risk low > In addition to off-topic, harmful, and offensive output filters, GitHub Copilot also scans the outputs for vulnerable code. - Interpretation (disclaimed): Output scanning for policy violations and vulnerable code implies that GitHub reviews or processes generated outputs for enforcement purposes. While beneficial for safety, it confirms that outputs are not fully opaque to GitHub's systems. - Tier: All - Location: “Does GitHub Copilot include a filtering mechanism to mitigate risk?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=In%20addition%20to%20off-topic%2C,outputs%20for%20vulnerable%20code. ### moderation enforcement — risk low > If we learn of any User under the age of 13, we will terminate that User’s Account immediately . - Interpretation (disclaimed): This clause reflects US legal obligations under COPPA. It is a standard compliance-driven enforcement provision rather than a discretionary risk. - Tier: All - Location: § 3 (Account Requirements) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=If%20we%20learn%20of,User%E2%80%99s%20Account%20immediately%20. ### moderation enforcement — risk low > GitHub Copilot includes filters to block offensive language in the prompts and to avoid synthesizing suggestions in sensitive contexts. We continue to work on improving the filter system to more intelligently detect and remove offensive outputs. If you see offensive outputs, please report them directly to copilot-safety@github.com so that we can improve our safeguards. - Interpretation (disclaimed): GitHub applies automated content moderation to both user prompts and generated outputs. This gives GitHub discretion to block or modify content, potentially affecting legitimate professional use cases. The document acknowledges the system is imperfect ('continue to work on improving'), meaning users may encounter inconsistent enforcement. - Tier: All - Location: “Does GitHub Copilot produce offensive outputs?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=GitHub%20Copilot%20includes%20filters,can%20improve%20our%20safeguards. ### moderation enforcement — risk unknown > You must be a human to create an Account. Accounts registered by "bots" or other automated methods are not permitted. We do permit machine accounts: - Interpretation (disclaimed): Restricts Account creation to human users, prohibiting bots or automated methods from registering Accounts, while carving out a limited exception for machine accounts. - Tier: All - Location: § 3 (Account Requirements) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20must%20be,do%20permit%20machine%20accounts%3A ### moderation enforcement — risk unknown > You may not use GitHub in violation of export control or sanctions laws of the United States or any other applicable jurisdiction. You may not use GitHub if you are or are working on behalf of a Specially Designated National (SDN) or a person subject to similar blocking or denied party prohibitions administered by a U.S. government agency. GitHub may allow persons in certain sanctioned countries or territories to access certain GitHub services pursuant to U.S. government authorizations. For more information, please see our Export Controls policy . - Interpretation (disclaimed): Prohibits use of GitHub in violation of U.S. or applicable export control or sanctions laws, and bars use by Specially Designated Nationals or similarly restricted parties, with a limited permission for sanctioned-country access under U.S. government authorizations. - Tier: All - Location: § 3 (Account Requirements) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20may%20not,Export%20Controls%20policy%20. ### moderation enforcement — risk unknown > You will promptly notify GitHub by contacting us through the GitHub Support portal if you become aware of any unauthorized use of, or access to, our Service through your Account, including any unauthorized use of your password or Account. - Interpretation (disclaimed): Establishes a procedural obligation requiring the user to promptly notify GitHub through the Support portal upon becoming aware of any unauthorized use of or access to their Account or password. - Tier: All - Location: § 4 (Account Security) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20will%20promptly,your%20password%20or%20Account. ### moderation enforcement — risk unknown > Short version: GitHub hosts a wide variety of collaborative projects from all over the world, and that collaboration only works when our users are able to work together in good faith. While using the service, you must follow the terms of this section, which include some restrictions on content you can post, conduct on the service, and other limitations. In short, be excellent to each other. - Interpretation (disclaimed): Short-version summary for the Acceptable Use section stating users must follow restrictions on content, conduct, and other limitations while using the service, establishing the general obligation to comply with acceptable use requirements. - Tier: All - Location: Article C (Acceptable Use) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20GitHub,to%20each%20other.%20 ### moderation enforcement — risk unknown > Your use of the Website and Service must not violate any applicable laws, including copyright or trademark laws, export control or sanctions laws, or other laws in your jurisdiction. You are responsible for making sure that your use of the Service is in compliance with laws and any applicable regulations. - Interpretation (disclaimed): Imposes an obligation on users to ensure their use of the Website and Service does not violate applicable laws including copyright, trademark, export control, and sanctions laws, placing compliance responsibility on the user. - Tier: All - Location: Article C (Acceptable Use) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Your%20use%20of,and%20any%20applicable%20regulations. ### moderation enforcement — risk unknown > If you believe that content on our website violates your copyright, please contact us in accordance with our Digital Millennium Copyright Act Policy . If you are a copyright owner and you believe that content on GitHub violates your rights, please contact us via our convenient DMCA form or by emailing copyright@github.com . There may be legal consequences for sending a false or frivolous takedown notice. Before sending a takedown request, you must consider legal uses such as fair use and licensed uses. - Interpretation (disclaimed): Establishes the procedure for reporting copyright infringement via the DMCA Policy and DMCA form, warns of legal consequences for false takedown notices, and requires consideration of fair use before submitting a request. - Tier: All - Location: § F (Copyright Infringement and DMCA Policy) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20If%20you%20believe,use%20and%20licensed%20uses. ### moderation enforcement — risk unknown > We will terminate the Accounts of repeat infringers of this policy. - Interpretation (disclaimed): Obligates GitHub to terminate accounts of repeat copyright infringers, establishing an enforcement consequence for repeated violations of the DMCA policy. - Tier: All - Location: § F (Copyright Infringement and DMCA Policy) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20We%20will%20terminate,infringers%20of%20this%20policy. ### moderation enforcement — risk unknown > Abuse or excessively frequent requests to GitHub via the API may result in the temporary or permanent suspension of your Account's access to the API. GitHub, in our sole discretion, will determine abuse or excessive usage of the API. We will make a reasonable attempt to warn you via email prior to suspension. - Interpretation (disclaimed): Describes GitHub's enforcement procedure for API abuse or excessive use, including temporary or permanent account suspension at GitHub's sole discretion and a reasonable attempt to provide prior email warning. - Tier: All - Location: § H (API Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Abuse%20or%20excessively,email%20prior%20to%20suspension. ### moderation enforcement — risk unknown > You may not share API tokens to exceed GitHub's rate limitations. - Interpretation (disclaimed): Prohibits users from sharing API tokens in a manner that would exceed GitHub's rate limitations, restricting token-sharing behavior to enforce usage caps. - Tier: All - Location: § H (API Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20may%20not,exceed%20GitHub's%20rate%20limitations. ### moderation enforcement — risk unknown > Beta Previews may not be supported and may be changed at any time without notice. In addition, Beta Previews are not subject to the same security measures and auditing to which the Service has been and is subject. By using a Beta Preview, you use it at your own risk. - Interpretation (disclaimed): Disclaims any obligation to support Beta Previews, reserves GitHub's right to change them at any time without notice, states they are not subject to the same security and auditing standards as the Service, and places risk of use on the user. - Tier: All - Location: § 1 (Subject to Change) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Beta%20Previews%20may,your%20own%20risk.%20 ### moderation enforcement — risk unknown > You must be a human to create an Account. Accounts registered by "bots" or other automated methods are not permitted. We do permit machine accounts: - Interpretation (disclaimed): Defines 'machine account' with specific eligibility criteria (human acceptance of Terms, valid email, responsibility for actions, automated-tasks-only use) and limits users to one free machine account in addition to a free Personal Account. - Tier: All - Location: § 3 (Account Requirements) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20must%20be,do%20permit%20machine%20accounts%3A ### moderation enforcement — risk unknown > We have a few simple rules for Accounts on GitHub's Service. - Interpretation (disclaimed): Restricts Account creation to human actors and prohibits registration by bots or automated methods, while carving out a defined exception for machine accounts under specific conditions. - Tier: All - Location: § 3 (Account Requirements) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20We%20have%20a,Accounts%20on%20GitHub's%20Service. ### moderation enforcement — risk unknown > One person or legal entity may maintain no more than one free Account (if you choose to control a machine account as well, that's fine, but it can only be used for running a machine). - Interpretation (disclaimed): Imposes minimum age requirement of 13, states compliance with U.S. law obligations, prohibits users under 13, and mandates immediate account termination upon discovery of underage users, constituting an enforcement obligation and restriction. - Tier: All - Location: § 3 (Account Requirements) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20One%20person%20or,for%20running%20a%20machine). ### moderation enforcement — risk unknown > Your login may only be used by one person — i.e., a single login may not be shared by multiple people. A paid Organization may only provide access to as many Personal Accounts as your subscription allows. - Interpretation (disclaimed): Prohibits use of GitHub in violation of U.S. and other applicable export control or sanctions laws, restricts access by Specially Designated Nationals or sanctioned-party-adjacent persons, and permits GitHub to allow access in certain sanctioned territories pursuant to government authorizations. - Tier: All - Location: § 3 (Account Requirements) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Your%20login%20may,as%20your%20subscription%20allows. ### moderation enforcement — risk unknown > You are responsible for maintaining the security of your Account and password. GitHub cannot and will not be liable for any loss or damage from your failure to comply with this security obligation. - Interpretation (disclaimed): Requires the user to promptly notify GitHub through the Support portal upon becoming aware of any unauthorized use of or access to their Account, establishing a procedural reporting obligation. - Tier: All - Location: § 4 (Account Security) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20are%20responsible,with%20this%20security%20obligation. ### moderation enforcement — risk unknown > You may not share API tokens to exceed GitHub's rate limitations. - Interpretation (disclaimed): Prohibits sharing of API tokens in a manner that exceeds GitHub's rate limitations, restricting token distribution to prevent circumvention of usage controls. - Tier: All - Location: § H (API Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20may%20not,exceed%20GitHub's%20rate%20limitations. ### moderation enforcement — risk unknown > GitHub Copilot is entirely optional and requires you to opt in before gaining access. You can easily configure its usage directly in the editor, enabling or disabling it at any time. Additionally, you have control over which file types GitHub Copilot is active for. - Interpretation (disclaimed): Grants the user the permission to opt in, enable, or disable GitHub Copilot and control which file types it is active for, establishing user-level configurability rights over the service. - Tier: All - Location: “What if I do not want GitHub Copilot?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20is,Copilot%20is%20active%20for. ### moderation enforcement — risk unknown > For abuse detection, prevention, and protection, virus scanning, and scanning to detect violations of terms of service - Interpretation (disclaimed): This segment permits GitHub to use personal data for abuse detection, prevention, protection, virus scanning, and scanning for terms of service violations, establishing authorized enforcement-related data processing purposes. - Tier: All - Location: “To comply with and resolve legal obligations” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20For%20abuse%20detection%2C,terms%20of%20service%20 ### moderation enforcement — risk unknown > With the filter enabled, Copilot checks code suggestions for matches or near-matches against public code on GitHub of 65 lexemes or more (on average,150 characters). If there is a match, the suggestion will not be shown to the user. - Interpretation (disclaimed): This segment specifies the operational procedure by which the duplication detection filter works — checking for matches of 65 lexemes or more against public GitHub code and suppressing matching suggestions — defining the technical enforcement mechanism. - Tier: All - Location: “Does GitHub Copilot include a filtering mechanism to mitigate risk?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20With%20the%20filter,shown%20to%20the%20user. ### moderation enforcement — risk unknown > Public code may contain insecure coding patterns, bugs, or references to outdated APIs or idioms. When GitHub Copilot synthesizes code suggestions based on this data, it can also synthesize code that contains these undesirable patterns. Copilot has filters in place that either block or notify users of insecure code patterns that are detected in Copilot suggestions. These filters target the most common vulnerable coding patterns, including hardcoded credentials , SQL injections , and path injections . Additionally, in recent years we’ve provided tools such as GitHub Advanced Security, GitHub Actions, Dependabot, and CodeQL to open source projects to help improve code quality. Of course, you should always use GitHub Copilot together with good testing and code review practices and security tools, as well as your own judgment. - Interpretation (disclaimed): This segment acknowledges that Copilot may synthesize insecure code patterns from public code training data, while describing filters that block or notify users of detected insecure patterns such as hardcoded credentials, SQL injections, and path injections, thereby disclosing the risk and limiting GitHub's liability for insecure code suggestions while describing mitigation measures. - Tier: All - Location: “Can GitHub Copilot introduce insecure code in its suggestions?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Public%20code%20may,as%20your%20own%20judgment. ### moderation enforcement — risk unknown > The product is called “Copilot” not “Autopilot” and it’s not intended to generate code without oversight. You should use exactly the same sorts of safeguards and diligence with Copilot’s suggestions as you would use with any third-party code. - Interpretation (disclaimed): Disclaimer stating the product is not 'Autopilot' and that users must apply the same safeguards to Copilot suggestions as to any third-party code, limiting GitHub's liability for unsupervised use. - Tier: All - Location: “Is GitHub Copilot intended to fully automate code generation and replace developers?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20The%20product%20is,with%20any%20third-party%20code. ### moderation enforcement — risk unknown > Depending on your particular use case, you should consider implementing the protections discussed above. It is your responsibility to assess what is appropriate for the situation and implement appropriate safeguards. - Interpretation (disclaimed): Places the obligation on the user to assess risk tolerance and implement appropriate safeguards depending on their use case, thereby allocating responsibility to the customer rather than GitHub. - Tier: All - Location: “Can GitHub Copilot users simply use suggestions without concern?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Depending%20on%20your,and%20implement%20appropriate%20safeguards. ### moderation enforcement — risk unknown > With the filter enabled, Copilot checks code suggestions for matches or near-matches against public code on GitHub of 65 lexemes or more (on average,150 characters). If there is a match, the suggestion will not be shown to the user. - Interpretation (disclaimed): This segment specifies the technical threshold (65 lexemes or more, approximately 150 characters) and operational behavior of the duplication detection filter—checking for matches and suppressing suggestions when a match is found—establishing the enforcement procedure for the filter. - Tier: All - Location: “Does GitHub Copilot include a filtering mechanism to mitigate risk?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20With%20the%20filter,shown%20to%20the%20user. ### moderation enforcement — risk unknown > Public code may contain insecure coding patterns, bugs, or references to outdated APIs or idioms. When GitHub Copilot synthesizes code suggestions based on this data, it can also synthesize code that contains these undesirable patterns. Copilot has filters in place that either block or notify users of insecure code patterns that are detected in Copilot suggestions. These filters target the most common vulnerable coding patterns, including hardcoded credentials , SQL injections , and path injections . Additionally, in recent years we’ve provided tools such as GitHub Advanced Security, GitHub Actions, Dependabot, and CodeQL to open source projects to help improve code quality. Of course, you should always use GitHub Copilot together with good testing and code review practices and security tools, as well as your own judgment. - Interpretation (disclaimed): This segment explains that public training data may contain insecure patterns that Copilot can reproduce, and describes filters in place to block or notify users of detected insecure code patterns such as hardcoded credentials, SQL injections, and path injections, balancing the risk disclosure with moderation measures. - Tier: All - Location: “Can GitHub Copilot introduce insecure code in its suggestions?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Public%20code%20may,as%20your%20own%20judgment. ### moderation enforcement — risk unknown > GitHub Copilot includes filters to block offensive language in the prompts and to avoid synthesizing suggestions in sensitive contexts. We continue to work on improving the filter system to more intelligently detect and remove offensive outputs. If you see offensive outputs, please report them directly to copilot-safety@github.com so that we can improve our safeguards. GitHub takes this challenge very seriously and we are committed to addressing it. - Interpretation (disclaimed): This segment describes GitHub's use of filters to block offensive language in prompts and outputs, imposes a practical obligation on the platform to maintain moderation safeguards, directs users to report offensive outputs to a designated email address, and commits GitHub to improving its content moderation systems. - Tier: All - Location: “Does GitHub Copilot produce offensive outputs?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20includes,committed%20to%20addressing%20it. ### moderation enforcement — risk unknown > F. Copyright & DMCA Policy This section talks about how GitHub will respond if you believe someone is infringing your copyrights on GitHub. - Interpretation (disclaimed): Summary entry describing GitHub's DMCA and copyright policy; incorporates by reference the procedure and enforcement mechanism for copyright infringement claims. - Tier: All - Location: Article D - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20F.%20Copyright%20%26%23x26%3B,copyrights%20on%20GitHub.%20 ### moderation enforcement — risk unknown > Abuse or excessively frequent requests to GitHub via the API may result in the temporary or permanent suspension of your Account's access to the API. GitHub, in our sole discretion, will determine abuse or excessive usage of the API. We will make a reasonable attempt to warn you via email prior to suspension. - Interpretation (disclaimed): Describes GitHub's enforcement procedure for API abuse or excessive requests, including potential temporary or permanent suspension determined at GitHub's sole discretion, with a reasonable attempt to provide email warning before suspension. - Tier: All - Location: § H (API Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Abuse%20or%20excessively,email%20prior%20to%20suspension. ### moderation enforcement — risk unknown > Additionally, we may be compelled by law to disclose the contents of your private repositories. - Interpretation (disclaimed): Section header for copyright infringement and DMCA policy, serving as a structural incorporation reference for the takedown and enforcement procedures that follow. - Tier: All - Location: § 3 (Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Additionally%2C%20we%20may,of%20your%20private%20repositories. ### moderation enforcement — risk unknown > for security purposes; - Interpretation (disclaimed): Lists automated or manual scanning for known vulnerabilities, active malware, or Terms of Service violations as a permitted basis for GitHub to access private repository content without user consent, constituting a moderation-related exception to the confidentiality restriction. - Tier: All - Location: § 3 (Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20for%20security%20purposes%3B ### moderation enforcement — risk unknown > Short version: GitHub hosts a wide variety of collaborative projects from all over the world, and that collaboration only works when our users are able to work together in good faith. While using the service, you must follow the terms of this section, which include some restrictions on content you can post, conduct on the service, and other limitations. In short, be excellent to each other. - Interpretation (disclaimed): Imposes an obligation on users not to violate GitHub's Acceptable Use Policies or Community Guidelines under any circumstances, incorporating those external policies as binding restrictions by reference. - Tier: All - Location: Article C (Acceptable Use) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20GitHub,to%20each%20other.%20 ### moderation enforcement — risk unknown > GitHub will provide notice regarding our access to private repository content, unless for legal disclosure , to comply with our legal obligations, or where otherwise bound by requirements under law, for automated scanning, or if in response to a security threat or other risk to security. - Interpretation (disclaimed): Directs users to contact GitHub via specified channels for DMCA copyright infringement claims, warns of legal consequences for false or frivolous takedown notices, and obligates users to consider fair use and licensed uses before submitting takedown requests, establishing the procedural framework for copyright enforcement. - Tier: All - Location: § 3 (Access) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20GitHub%20will%20provide,other%20risk%20to%20security. ### moderation enforcement — risk unknown > Short version: You own content you create, but you allow us certain rights to it, so that we can display and share the content you post. You still have control over your content, and responsibility for it, and the rights you grant us are limited to those we need to provide the service. We have the right to remove content or close Accounts if we need to. - Interpretation (disclaimed): Places responsibility on the user for their Content and any resulting harm, disclaims GitHub's responsibility for public display or misuse of that Content, and establishes GitHub's right to refuse or remove content violating law or policies, including a procedure reference for private repository access. - Tier: All - Location: Article D (User-Generated Content) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20You,we%20need%20to.%20 ### moderation enforcement — risk unknown > You must be age 13 or older. While we are thrilled to see brilliant young coders get excited by learning to program, we must comply with United States law. GitHub does not target our Service to children under 13, and we do not permit any Users under 13 on our Service. If we learn of any User under the age of 13, we will terminate that User’s Account immediately . If you are a resident of a country outside the United States, your country’s minimum age may be older; in such a case, you are responsible for complying with your country’s laws. - Interpretation (disclaimed): Imposes a minimum age requirement of 13 and mandates immediate Account termination upon discovery of underage users; also places compliance responsibility on users in jurisdictions with higher minimum age laws. - Tier: All - Location: § 3 (Account Requirements) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20must%20be,with%20your%20country%E2%80%99s%20laws. ### moderation enforcement — risk unknown > You agree that you will not under any circumstances violate our Acceptable Use Policies or Community Guidelines . - Interpretation (disclaimed): Obliges users not to violate GitHub's Acceptable Use Policies or Community Guidelines under any circumstances, incorporating those policies by reference as binding restrictions. - Tier: All - Location: Article C (Acceptable Use) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20agree%20that,or%20Community%20Guidelines%20. ### moderation enforcement — risk unknown > A machine account is an Account set up by an individual human who accepts the Terms on behalf of the Account, provides a valid email address, and is responsible for its actions. A machine account is used exclusively for performing automated tasks. Multiple users may direct the actions of a machine account, but the owner of the Account is ultimately responsible for the machine's actions. You may maintain no more than one free machine account in addition to your free Personal Account. - Interpretation (disclaimed): Defines 'machine account,' specifies conditions for its permitted use (human acceptance of Terms, valid email, automated tasks only), and imposes responsibility on the Account owner for its actions, with a limit of one free machine account per user. - Tier: All - Location: § 3 (Account Requirements) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20A%20machine%20account,your%20free%20Personal%20Account. ### moderation enforcement — risk unknown > No. Copilot is a tool intended to make developers more efficient. It’s not intended to replace developers, who should continue to apply the same sorts of safeguards and diligence they would apply with regard to any third-party code of unknown origin. - Interpretation (disclaimed): Disclaimer clarifying that Copilot is not intended to replace developer oversight or judgment, thereby limiting GitHub's responsibility for outputs by placing diligence obligations on the user. - Tier: All - Location: “Is GitHub Copilot intended to fully automate code generation and replace developers?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20No.%20Copilot%20is,code%20of%20unknown%20origin. ### moderation enforcement — risk unknown > Not necessarily. GitHub Copilot users should align their use of Copilot with their respective risk tolerances. As noted above, GitHub Copilot is not intended to replace developers, or their individual skill and judgment, and is not intended to fully automate the process of code development. The same risks that apply to the use of any third-party code apply to the use of Copilot’s suggestions. - Interpretation (disclaimed): Disclaimer that Copilot is not intended to replace developer skill and judgment or fully automate code development, and that the same third-party code risks apply, limiting GitHub's responsibility for suggestion quality and safety. - Tier: All - Location: “Can GitHub Copilot users simply use suggestions without concern?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Not%20necessarily.%20GitHub,use%20of%20Copilot%E2%80%99s%20suggestions. ### moderation enforcement — risk unknown > In addition to off-topic, harmful, and offensive output filters, GitHub Copilot also scans the outputs for vulnerable code. - Interpretation (disclaimed): This segment establishes that Copilot scans outputs for off-topic, harmful, offensive content, and vulnerable code, imposing an ongoing enforcement obligation as part of the platform's content moderation commitments. - Tier: All - Location: “Does GitHub Copilot include a filtering mechanism to mitigate risk?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20In%20addition%20to,outputs%20for%20vulnerable%20code. ### moderation enforcement — risk unknown > Identifying best practices for use of third party code is beyond the scope of this section. That said, whatever practices your organization currently uses – rigorous functionality testing, code scanning, security testing, etc. – you should continue these policies with Copilot’s suggestions. Moreover, you should make sure your code editor or editor does not automatically compile or run generated code before you review it. - Interpretation (disclaimed): Imposes an obligation on users to continue existing code-review and security-testing practices when using Copilot suggestions, and to prevent automatic compilation or execution of generated code before review. - Tier: All - Location: “Is GitHub Copilot intended to fully automate code generation and replace developers?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Identifying%20best%20practices,before%20you%20review%20it. ### moderation enforcement — risk unknown > Yes, GitHub Copilot does include an optional code referencing filter to detect and suppress certain suggestions that match public code on GitHub. GitHub has created a duplication detection filter to detect and suppress suggestions that contain code segments over a certain length that match public code on GitHub. This filter can be enabled by the administrator for your enterprise and it can apply for all organizations within your enterprise, or the administrator can defer control to individual organizations. - Interpretation (disclaimed): This segment describes the optional duplication detection filter that detects and suppresses suggestions matching public code on GitHub, and specifies that enterprise administrators can enable it for all organizations or delegate control, establishing the permission structure for filter configuration. - Tier: All - Location: “Does GitHub Copilot include a filtering mechanism to mitigate risk?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Yes%2C%20GitHub%20Copilot,to%20individual%20organizations.%20 ### moderation enforcement — risk unknown > We are conducting internal testing of GitHub Copilot’s ease of use by developers with disabilities and working to ensure that GitHub Copilot is accessible to all developers. Please feel free to share your feedback on GitHub Copilot accessibility in our feedback forum . - Interpretation (disclaimed): This segment describes internal testing efforts for accessibility and invites user feedback, functioning as a disclaimer about the current state of accessibility support without imposing legal obligations or restrictions. - Tier: All - Location: “Does GitHub Copilot support accessibility features?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20We%20are%20conducting,our%20feedback%20forum%20. ### moderation enforcement — risk unknown > GitHub Copilot includes filters to block offensive language in the prompts and to avoid synthesizing suggestions in sensitive contexts. We continue to work on improving the filter system to more intelligently detect and remove offensive outputs. If you see offensive outputs, please report them directly to copilot-safety@github.com so that we can improve our safeguards. GitHub takes this challenge very seriously and we are committed to addressing it. - Interpretation (disclaimed): Describes GitHub's obligation to maintain content filters blocking offensive language in prompts and suggestions, and establishes a procedure for users to report offensive outputs, reflecting an ongoing enforcement commitment. - Tier: All - Location: “Does GitHub Copilot produce offensive outputs?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20includes,committed%20to%20addressing%20it. ### moderation enforcement — risk unknown > ‘GitHub AI Credits paid usage’ must be enabled to allow enterprises to be charged for GitHub AI Credits exceeding their included usage. - Interpretation (disclaimed): Specifies that a second Copilot code review policy must be explicitly enabled to allow non-licensed members to use Copilot code review on github.com, establishing a mandatory two-step administrative activation procedure. - Tier: All - Location: “Is Copilot code review usage from users without a Copilot license enabled by default? How do I control the cost?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20%E2%80%98GitHub%20AI%20Credits,exceeding%20their%20included%20usage. ### moderation enforcement — risk unknown > Access to Copilot Business and Enterprise is managed by your GitHub Administrator. They can control access to preview features, models, and set GitHub Copilot policies for your organization. Additionally, you can use your network firewall to explicitly allow access to Copilot Business and/or block access to Copilot Pro or Free. For more details, refer to the documentation . - Interpretation (disclaimed): Describes the administrative procedure by which access to Copilot Business and Enterprise is managed, including administrator control over policies, preview features, models, and the use of network firewalls to allow or block access to specific tiers. - Tier: All - Location: “How do I control access to GitHub Copilot in my company?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Access%20to%20Copilot,to%20the%20documentation%20. ### moderation enforcement — risk unknown > In addition to off-topic, harmful, and offensive output filters, GitHub Copilot also scans the outputs for vulnerable code. - Interpretation (disclaimed): This segment discloses that Copilot scans outputs for vulnerable code in addition to filtering off-topic, harmful, and offensive content, establishing ongoing moderation obligations applied to all generated outputs. - Tier: All - Location: “Does GitHub Copilot include a filtering mechanism to mitigate risk?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20In%20addition%20to,outputs%20for%20vulnerable%20code. ### moderation enforcement — risk unknown > Yes, GitHub Copilot does include an optional code referencing filter to detect and suppress certain suggestions that match public code on GitHub. GitHub has created a duplication detection filter to detect and suppress suggestions that contain code segments over a certain length that match public code on GitHub. This filter can be enabled by the administrator for your enterprise and it can apply for all organizations within your enterprise, or the administrator can defer control to individual organizations. - Interpretation (disclaimed): This segment describes the optional code referencing filter that administrators may enable to detect and suppress Copilot suggestions matching public code on GitHub, establishing the administrative right to configure enforcement controls at the enterprise or organization level. - Tier: All - Location: “Does GitHub Copilot include a filtering mechanism to mitigate risk?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Yes%2C%20GitHub%20Copilot,to%20individual%20organizations.%20 ### tier differences — risk high > When a school or employer supplies your GitHub account, they assume the role of Data Controller for most Personal Data used in our Services. This enables them to: Manage and administer your GitHub account, including adjusting privacy settings. Access and utilize your Personal Data, which includes details on how you use the Services, as well as your content and files. - Interpretation (disclaimed): Organization-provided accounts shift Data Controller status to the organization, granting employers/schools broad access to employee/student Personal Data including content and files, with GitHub acting only as Data Processor. - Tier: Enterprise - Location: Privacy Policy › “End User Notice: Organization-Provided GitHub Accounts” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=When%20a%20school%20or,your%20content%20and%20files. ### tier differences — risk high > GitHub uses the Copilot data from Individual subscribers for all the operational purposes described above for Business/Enterprise subscribers. In addition, for Individual subscribers only: GitHub may use Copilot interaction data — including prompts (inputs), s uggestions (outputs), and code snippets generated during Copilot sessions — to train and improve AI models. - Interpretation (disclaimed): The document explicitly carves out a training-use right that applies only to Individual (Free/Pro/Pro+) subscribers, creating a significant tier-based risk differential. - Tier: Free - Location: “How does GitHub use the Copilot data from Individual (Free/Pro/Pro+) Subscribers?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=GitHub%20uses%20the%20Copilot,and%20improve%20AI%20models. ### tier differences — risk high > IP indemnity Free plan Not included Pro plan Not included Pro+ plan Not included Max plan Not included - Interpretation (disclaimed): IP indemnity — protection against third-party IP infringement claims arising from AI-generated code — is not available on any individual pricing tier shown. This means users have no contractual backstop if generated code infringes third-party IP rights. Enterprise plans (not detailed on this page) may differ. - Tier: All - Location: “IP indemnity” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=IP%20indemnity%20Free%20plan,Max%20plan%20Not%20included ### tier differences — risk medium > Audit logs 4x+ included usage than Pro $70 monthly total credits for Pro+ - Interpretation (disclaimed): Audit log availability is restricted to Pro+ and above. Organizations or individual users subject to compliance frameworks requiring activity audit trails must upgrade to at least Pro+ to obtain this feature. - Tier: Paid - Location: “Audit logs” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=Audit%20logs%204x%2B%20included,total%20credits%20for%20Pro%2B ### tier differences — risk medium > The primary differences between the organization offerings and the individual offering are license management, policy management, and IP indemnity. Organizations can choose between GitHub Copilot Business and GitHub Copilot Enterprise. GitHub Copilot Business primarily features GitHub Copilot in the coding environment - that is the IDE, CLI and GitHub Mobile. GitHub Copilot Enterprise includes everything in GitHub Copilot Business. It also  adds an additional layer of customization for organizations and integrates into GitHub.com as a chat interface to allow developers to converse with GitHub Copilot throughout the platform. GitHub Copilot Enterprise can index an organization’s codebase for a deeper understanding of the customer’s knowledge for more tailored suggestions and will offer customers access to fine-tuned custom, private models for inline suggestions . GitHub Copilot Individual is designed for individual developers, freelancers, students, educators, and open source maintainers. The plan includes all the features of GitHub Copilot Business except organizational license management, policy management, and IP indemnity. - Interpretation (disclaimed): The explicit exclusion of IP indemnity from individual/Free/Pro plans means users on those tiers have no contractual protection from GitHub against third-party IP claims arising from Copilot-generated output. Organizations on Business or Enterprise receive IP indemnity, creating a significant legal risk differential. - Tier: All - Location: “What are the differences between the GitHub Copilot Business, GitHub Copilot Enterprise, and GitHub Copilot Individual plans?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=The%20primary%20differences%20between,management%2C%20and%20IP%20indemnity. ### tier differences — risk medium > This filter can be enabled by the administrator for your enterprise and it can apply for all organizations within your enterprise, or the administrator can defer control to individual organizations. - Interpretation (disclaimed): The public code matching/filtering feature is scoped to Enterprise tier and is administrator-controlled. This means Free/Pro users may lack equivalent IP-risk mitigation tooling, which is relevant to the conditioned IP indemnity discussed elsewhere in the document. - Tier: Enterprise - Location: “Does GitHub Copilot include a filtering mechanism to mitigate risk?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=This%20filter%20can%20be,control%20to%20individual%20organizations. ### tier differences — risk medium > The training and data-use provisions in Section J.3 apply only to individual licenses. If your use of the Service is governed by a GitHub Customer Agreement or volume licensing agreement, those agreements govern the use of your data in connection with AI Features and Section J.3 does not apply to you. - Interpretation (disclaimed): Individual-tier users face default training-use data obligations that enterprise customers do not. This tier asymmetry means individual users bear meaningfully higher data-use risk unless they affirmatively opt out. - Tier: Free - Location: § 1 (Applicability) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=The%20training%20and%20data-use,not%20apply%20to%20you. ### tier differences — risk medium > If you have signed up for GitHub Enterprise Cloud, the Enterprise Cloud Addendum applies to you, and you agree to its provisions. - Interpretation (disclaimed): Enterprise-tier users are subject to supplemental terms in the Enterprise Cloud Addendum. Those terms may include different data handling, liability, or SLA provisions that are not visible in the base ToS. - Tier: Enterprise - Location: § 5 (Additional Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=If%20you%20have%20signed,agree%20to%20its%20provisions. ### tier differences — risk medium > Enterprise-grade security Free plan Not included Pro plan Not included Pro+ plan Not included Max plan Not included - Interpretation (disclaimed): The absence of enterprise-grade security controls (e.g., enhanced access management, audit controls, compliance certifications) from all listed individual tiers creates risk for users processing sensitive data or operating under regulatory obligations. - Tier: All - Location: “Enterprise-grade security” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=Enterprise-grade%20security%20Free%20plan,Max%20plan%20Not%20included ### tier differences — risk medium > SAML SSO authentication Free plan Not included Pro plan Not included Pro+ plan Not included Max plan Not included - Interpretation (disclaimed): Absence of SAML SSO from all listed tiers means that identity federation, mandatory MFA enforcement via IdP, and centralized access revocation are not available, which is a material gap for enterprise or regulated-industry users on individual plans. - Tier: All - Location: “SAML SSO authentication” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=SAML%20SSO%20authentication%20Free,Max%20plan%20Not%20included ### tier differences — risk medium > Delegate tasks to third-party coding agents like Claude by Anthropic and OpenAI Codex (Preview) Free plan Not included Pro plan Not included Pro+ plan Included Max plan Included - Interpretation (disclaimed): Access to third-party agents introduces subprocessor/data-sharing risk because user code and prompts may be transmitted to Anthropic or OpenAI under their respective terms. This feature is gated at Pro+ ($39/month) and Max ($100/month), meaning lower-tier users are not exposed to this risk. - Tier: Paid - Location: “Max plan Included” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=Delegate%20tasks%20to%20third-party,Included%20Max%20plan%20Included ### tier differences — risk medium > Usage from non-licensed users is billed directly to your organization as GitHub AI Credits. This flexible model allows you to get full review coverage on every PR without purchasing a full Copilot seat for non-development contributors who may not need Copilot. Usage from your existing licensed users continues to draw from their included monthly allowance as it does today. Beginning June 1, 2026, code review workflows also consume GitHub Actions minutes. - Interpretation (disclaimed): Enabling Copilot code review for non-licensed users shifts from a flat-seat cost model to a metered consumption model billed as AI Credits plus Actions minutes. Without budget controls, organizations face open-ended liability for usage by all PR authors. - Tier: Enterprise - Location: “How does billing work for Copilot code review usage generated by users without a Copilot license?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=Usage%20from%20non-licensed%20users,consume%20GitHub%20Actions%20minutes. ### tier differences — risk low > No. GitHub does not use either Copilot Business or Enterprise data to train its models. - Interpretation (disclaimed): Clear contractual carve-out for Business and Enterprise tiers from model training. This is a meaningful tier differentiation that lowers risk for organizational subscribers relative to individual plans. - Tier: Enterprise - Location: “Does GitHub use Copilot Business or Enterprise data to train GitHub’s model?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=No.%20GitHub%20does%20not,to%20train%20its%20models. ### tier differences — risk low > GitHub Copilot Free users are limited to 2000 completions and 50 chat requests (including Copilot Edits). - Interpretation (disclaimed): Usage limitations on the Free tier are a standard commercial restriction. The risk to users is service interruption rather than legal or IP exposure, but the caps may affect operational reliance on the service. - Tier: Free - Location: “What is included in GitHub Copilot Free?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=GitHub%20Copilot%20Free%20users,requests%20(including%20Copilot%20Edits). ### tier differences — risk low > GitHub Mobile for Copilot Pro and Copilot Business have access to Bing and public repository code search. Copilot Enterprise in GitHub Mobile gives you additional access to your organization's knowledge. - Interpretation (disclaimed): Enterprise-tier mobile users have their organizational codebase knowledge accessible through GitHub Mobile, which may increase the risk of sensitive organizational data being transmitted through mobile network channels or stored on mobile devices. - Tier: Enterprise - Location: “What languages, IDEs, and platforms does GitHub Copilot support?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=GitHub%20Mobile%20for%20Copilot,to%20your%20organization%26%23x27%3Bs%20knowledge. ### tier differences — risk low > A paid Organization may only provide access to as many Personal Accounts as your subscription allows. - Interpretation (disclaimed): Paid tier Organizations are contractually limited to the number of user seats in their subscription, which is a standard SaaS commercial term. - Tier: Paid - Location: § 3 (Account Requirements) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=A%20paid%20Organization%20may,as%20your%20subscription%20allows. ### tier differences — risk low > On GitHub Copilot Business and GitHub Copilot Enterprise, admins set usage limits and decide whether additional paid usage is allowed. If it isn't, Copilot pauses until the next cycle. - Interpretation (disclaimed): Admin-enforced usage caps on Business/Enterprise tiers give organizations cost control but may result in unexpected service interruption for individual developers within the organization if limits are reached and paid overage is not enabled. - Tier: Enterprise - Location: “What happens when I hit my usage limit?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=On%20GitHub%20Copilot%20Business,until%20the%20next%20cycle. ### tier differences — risk low > GitHub Copilot Max is built for heavy Copilot usage, including sustained agent-driven workflows, and includes $100/month in GitHub AI Credits. - Interpretation (disclaimed): The introduction of a credits-based billing model for the Max tier creates ambiguity around cost predictability for agent-driven workflows. The document does not specify what happens when credits are exhausted, creating potential service interruption or additional cost risk. - Tier: Paid - Location: “What are the differences between the Free, Pro, Pro+, Max, Business, and Enterprise plans?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=GitHub%20Copilot%20Max%20is,in%20GitHub%20AI%20Credits. ### tier differences — risk low > Inline suggestions Free plan 2,000 per month Pro plan Unlimited Pro+ plan Unlimited Max plan Unlimited - Interpretation (disclaimed): Free plan users face a monthly usage ceiling on inline code completions. Exceeding this limit may interrupt workflows. Paid tiers (Pro, Pro+, Max) have unlimited completions. - Tier: Free - Location: “Inline suggestions” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=Inline%20suggestions%20Free%20plan,Unlimited%20Max%20plan%20Unlimited ### tier differences — risk low > Purchase additional GitHub AI Credits Free plan Not included Pro plan Included Pro+ plan Included Max plan Included - Interpretation (disclaimed): Free plan users are limited to the bundled credit allotment with no mechanism to extend usage by purchasing additional credits, unlike paid tiers. - Tier: Free - Location: “Purchase additional GitHub AI Credits” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=Purchase%20additional%20GitHub%20AI,Included%20Max%20plan%20Included ### tier differences — risk low > Priority access to new models and features 2.9x+ included usage than Pro+ $200 monthly total credits for Max - Interpretation (disclaimed): Priority access to new models is a Max-only benefit, meaning Free, Pro, and Pro+ users may receive new model access on a delayed or limited basis. This creates a tiered capability gap that could affect users whose workflows depend on the latest model versions. - Tier: Paid - Location: “Priority access to new models and features” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=Priority%20access%20to%20new,total%20credits%20for%20Max ### tier differences — risk unknown > Your login may only be used by one person — i.e., a single login may not be shared by multiple people. A paid Organization may only provide access to as many Personal Accounts as your subscription allows. - Interpretation (disclaimed): Restricts a login to a single person prohibiting credential sharing, and limits paid Organizations to providing access only up to the number of Personal Accounts permitted by the subscription, creating tier-based usage restrictions. - Tier: All - Location: § 3 (Account Requirements) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Your%20login%20may,as%20your%20subscription%20allows. ### tier differences — risk unknown > If you are a government User or otherwise accessing or using any GitHub Service in a government capacity, this Government Amendment to GitHub Terms of Service applies to you, and you agree to its provisions. - Interpretation (disclaimed): Incorporates the Government Amendment to GitHub Terms of Service by reference, making it binding on government users and creating a distinct tier of obligations for government account holders. - Tier: All - Location: § 5 (Additional Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20If%20you%20are,agree%20to%20its%20provisions. ### tier differences — risk unknown > You may change your level of service at any time by choosing a plan option or going into your Billing settings . If you choose to downgrade your Account, you may lose access to Content, features, or capacity of your Account. Please see our section on Cancellation for information on getting a copy of that Content. - Interpretation (disclaimed): Describes the procedure for changing service level and warns that downgrading may result in loss of access to Content, features, or capacity, and cross-references the Cancellation section for data retrieval. - Tier: All - Location: § 2 (Upgrades, Downgrades, and Changes) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20may%20change,copy%20of%20that%20Content. ### tier differences — risk unknown > K. Beta Previews These are some of the additional terms that apply to GitHub's features that are still in development. - Interpretation (disclaimed): Summary entry describing Beta Previews section; cross-references additional terms applicable to features still in development, incorporating those terms by reference and noting a distinct tier of service conditions. - Tier: All - Location: Article I - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20K.%20Beta%20Previews,still%20in%20development.%20 ### tier differences — risk unknown > "Beta Previews" mean software, services, or features identified as alpha, beta, preview, early access, or evaluation, or words or phrases with similar meanings. - Interpretation (disclaimed): Defines 'Beta Previews' as software, services, or features identified as alpha, beta, preview, early access, or evaluation; this definition scopes a distinct service tier subject to additional terms. - Tier: All - Location: § A (Definitions) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20%22Beta%20Previews%22%20mean,phrases%20with%20similar%20meanings. ### tier differences — risk unknown > GitHub may offer subscription-based access to our API for those Users who require high-throughput access or access that would result in resale of GitHub's Service. - Interpretation (disclaimed): Permits GitHub to offer subscription-based high-throughput API access for users who require it or intend to resell GitHub's Service, establishing a tiered access model. - Tier: All - Location: § H (API Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20GitHub%20may%20offer,resale%20of%20GitHub's%20Service. ### tier differences — risk unknown > Short version: You are responsible for any fees associated with your use of GitHub. We are responsible for communicating those fees to you clearly and accurately, and letting you know well in advance if those prices change. - Interpretation (disclaimed): This short-version summary establishes the allocation of fee responsibility between the user and GitHub and GitHub's obligation to communicate pricing clearly, functioning as a plain-language summary of the payment section's obligations. - Tier: All - Location: Article L (Payment) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20You,those%20prices%20change.%20 ### tier differences — risk unknown > Our pricing and payment terms are available at github.com/pricing . If you agree to a subscription price, that will remain your price for the duration of the payment term; however, prices are subject to change at the end of a payment term. - Interpretation (disclaimed): Duplicate of segment 165 content; this clause specifies where pricing is found and confirms subscription price stability within a payment term while allowing changes at term end, creating a contractual pricing commitment for the current term. - Tier: All - Location: § 1 (Pricing) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Our%20pricing%20and,of%20a%20payment%20term. ### tier differences — risk unknown > We will immediately bill you when you upgrade from the free plan to any paying plan. - Interpretation (disclaimed): This clause establishes that GitHub will immediately bill the user upon upgrading from a free plan to a paid plan, setting out the billing timing obligation triggered by a plan upgrade. - Tier: All - Location: § 2 (Upgrades, Downgrades, and Changes) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20We%20will%20immediately,to%20any%20paying%20plan. ### tier differences — risk unknown > Payment Based on Plan For monthly or yearly payment plans, the Service is billed in advance on a monthly or yearly basis respectively and is non-refundable. There will be no refunds or credits for partial months of service, downgrade refunds, or refunds for months unused with an open Account; however, the service will remain active for the length of the paid billing period. In order to treat everyone equally, no exceptions will be made. - Interpretation (disclaimed): This clause establishes that subscription plans are billed in advance and are non-refundable, explicitly prohibiting refunds or credits for partial months, downgrades, or unused time, and stating no exceptions will be made, which restricts user rights to seek reimbursement. - Tier: All - Location: § 3 (Billing Schedule; No Refunds) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Payment%20Based%20on,exceptions%20will%20be%20made. ### tier differences — risk unknown > By agreeing to these Terms, you are giving us permission to charge your on-file credit card, PayPal account, or other approved methods of payment for fees that you authorize for GitHub. - Interpretation (disclaimed): This clause grants GitHub explicit permission from the user to charge their stored payment method for authorized fees, establishing the legal basis for GitHub to initiate charges against the user's on-file payment method. - Tier: All - Location: § 4 (Authorization) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20By%20agreeing%20to,you%20authorize%20for%20GitHub. ### tier differences — risk unknown > You are responsible for all fees, including taxes, associated with your use of the Service. By using the Service, you agree to pay GitHub any charge incurred in connection with your use of the Service. If you dispute the matter, contact us through the GitHub Support portal . You are responsible for providing us with a valid means of payment for paid Accounts. Free Accounts are not required to provide payment information. - Interpretation (disclaimed): This clause imposes an obligation on users to pay all fees including taxes associated with service use, to provide valid payment information for paid accounts, and to contact GitHub Support to dispute charges, allocating full financial responsibility for service usage to the user. - Tier: All - Location: § 5 (Responsibility for Payment) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20are%20responsible,to%20provide%20payment%20information. ### tier differences — risk unknown > Promotion available for Copilot Business and Copilot Enterprise customers through August 2026 — - Interpretation (disclaimed): Announces a promotional offer specifically available to Copilot Business and Copilot Enterprise customers through August 2026, granting a time-limited benefit tied to specific subscription tiers. - Tier: All - Location: “Skip to content” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Promotion%20available%20for,August%202026%20%E2%80%94%20 ### tier differences — risk unknown > ### - Interpretation (disclaimed): Grants Pro-tier users access to Cloud agent and code review features, defining an entitlement not available in the Free tier. - Tier: All - Location: “Everything in Free and:” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20%23%23%23 ### tier differences — risk unknown > $15 monthly total credits for Pro - Interpretation (disclaimed): Defines the 'Pro+' tier at $39 USD per user/month, describes its intended use case, and discloses a temporary pause on new sign-ups while permitting existing Student and Pro customers to upgrade. - Tier: All - Location: “Model selection” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20%2415%20monthly%20total%20credits%20for%20Pro%20 ### tier differences — risk unknown > ### - Interpretation (disclaimed): Grants Pro+ users access to audit logs, a compliance and governance feature that constitutes a tier-specific right relevant to accountability and oversight. - Tier: All - Location: “Everything in Pro and:” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20%23%23%23 ### tier differences — risk unknown > 2.9x+ included usage than Pro+ $200 monthly total credits for Max - Interpretation (disclaimed): Defines the included usage quantity for the Max plan (2.9x+ more than Pro+, $200 monthly total credits), establishing the scope of entitlements that differentiate this tier from others. - Tier: All - Location: “Priority access to new models and features” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%202.9x%2B%20included%20usage,credits%20for%20Max%20 ### tier differences — risk unknown > $10 per month - Interpretation (disclaimed): Defines the price point ($10 per month) for the Pro tier, establishing the recurring financial obligation associated with this plan. - Tier: All - Location: “Pro” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20%2410%20per%20month%20 ### tier differences — risk unknown > $39 per month - Interpretation (disclaimed): Defines the price point ($39 per month) for the Pro+ tier, establishing the recurring financial obligation associated with this plan. - Tier: All - Location: “Pro+” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20%2439%20per%20month%20 ### tier differences — risk unknown > Variable additional usage on top of your base. Flex allotments may change over time. - Interpretation (disclaimed): Defines Flex allotments as variable additional usage on top of base credits and disclaims that flex allotments may change over time, creating a reservation of right to modify this benefit. - Tier: All - Location: “Flex allotment” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Variable%20additional%20usage,may%20change%20over%20time. ### tier differences — risk unknown > GitHub (including github.com and GitHub Mobile) - Interpretation (disclaimed): Identifies GitHub (including github.com and GitHub Mobile) as the platform/surface where a feature is available, defining the scope of access across plan tiers. - Tier: All - Location: “Max plan Included” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20(including%20github.com%20and%20GitHub%20Mobile) ### tier differences — risk unknown > App modernization for Java and .NET - Interpretation (disclaimed): Defines 'App modernization for Java and .NET' as a product feature, scoping the capability subject to tier-based inclusion or exclusion rules below. - Tier: All - Location: “Max plan Included” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20App%20modernization%20for%20Java%20and%20.NET ### tier differences — risk unknown > Custom instructions with instructions.md - Interpretation (disclaimed): Defines 'Custom instructions with instructions.md' as a feature category whose availability is differentiated across subscription tiers. - Tier: All - Location: “Max plan Included” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Custom%20instructions%20with%20instructions.md ### tier differences — risk unknown > Assign work to Copilot to research, plan, and write code — with or without a pull request - Interpretation (disclaimed): Describes the functional scope of the Cloud agent feature—assigning work to Copilot for research, planning, and code writing—establishing what is included or excluded per tier. - Tier: All - Location: “Cloud agent” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Assign%20work%20to,without%20a%20pull%20request ### tier differences — risk unknown > Free plan Anthropic Claude Haiku 4.5 - Interpretation (disclaimed): States that the Free plan includes access to Anthropic Claude Haiku 4.5, establishing a contractual model entitlement for free-tier users. - Tier: All - Location: “Available models” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Free%20plan%20Anthropic%20Claude%20Haiku%204.5%20 ### tier differences — risk unknown > OpenAI GPT-5.2 OpenAI GPT-5.2-Codex OpenAI GPT-5.3-Codex OpenAI GPT-5.4 OpenAI GPT-5.4 mini OpenAI GPT-5.5 Google Gemini 2.5 Pro - Interpretation (disclaimed): Lists multiple OpenAI GPT-5 series models and Google Gemini 2.5 Pro as available, establishing model access entitlements for the applicable plan tier. - Tier: All - Location: “OpenAI GPT-5 mini” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20OpenAI%20GPT-5.2%20OpenAI,Gemini%202.5%20Pro%20 ### tier differences — risk unknown > Google Gemini 3.1 Pro (Preview) Google Gemini 3.5 Flash - Interpretation (disclaimed): Lists Google Gemini 3.1 Pro (Preview) and Google Gemini 3.5 Flash as available models, establishing model access entitlements (including preview-status conditions) for the applicable plan tier. - Tier: All - Location: “Google Gemini 3 Flash (Preview)” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Google%20Gemini%203.1,Gemini%203.5%20Flash%20 ### tier differences — risk unknown > Anthropic Claude Sonnet 4.5 Anthropic Claude Sonnet 4.6 Anthropic Claude Opus 4.5 Anthropic Claude Opus 4.6 Anthropic Claude Opus 4.6 (fast mode) (Preview) Anthropic Claude Opus 4.7 Anthropic Claude Opus 4.8 - Interpretation (disclaimed): Lists multiple Anthropic Claude Opus and Sonnet models available under the Pro plan, defining the full set of model entitlements for that tier. - Tier: All - Location: “Anthropic Claude Sonnet 4” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Anthropic%20Claude%20Sonnet,Claude%20Opus%204.8%20 ### tier differences — risk unknown > OpenAI GPT-5.2 OpenAI GPT-5.2-Codex OpenAI GPT-5.3-Codex OpenAI GPT-5.4 OpenAI GPT-5.4 mini OpenAI GPT-5.5 Google Gemini 2.5 Pro - Interpretation (disclaimed): Lists multiple OpenAI GPT-5 variants and Google Gemini 2.5 Pro as models available under the Pro plan, defining the breadth of model access for that tier. - Tier: All - Location: “OpenAI GPT-5 mini” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20OpenAI%20GPT-5.2%20OpenAI,Gemini%202.5%20Pro%20 ### tier differences — risk unknown > Anthropic Claude Sonnet 4.5 Anthropic Claude Sonnet 4.6 Anthropic Claude Opus 4.5 Anthropic Claude Opus 4.6 Anthropic Claude Opus 4.6 (fast mode) (Preview) Anthropic Claude Opus 4.7 Anthropic Claude Opus 4.8 - Interpretation (disclaimed): Lists multiple Anthropic Claude Opus and Sonnet models available under the Pro+ plan, defining the full set of model entitlements for that tier. - Tier: All - Location: “Anthropic Claude Sonnet 4” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Anthropic%20Claude%20Sonnet,Claude%20Opus%204.8%20 ### tier differences — risk unknown > OpenAI GPT-5.2 OpenAI GPT-5.2-Codex OpenAI GPT-5.3-Codex OpenAI GPT-5.4 OpenAI GPT-5.4 mini OpenAI GPT-5.5 Google Gemini 2.5 Pro - Interpretation (disclaimed): Lists multiple OpenAI GPT-5 variants and Google Gemini 2.5 Pro as models available under the Pro+ plan, defining the breadth of model access for that tier. - Tier: All - Location: “OpenAI GPT-5 mini” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20OpenAI%20GPT-5.2%20OpenAI,Gemini%202.5%20Pro%20 ### tier differences — risk unknown > Google Gemini 3.1 Pro (Preview) Google Gemini 3.5 Flash - Interpretation (disclaimed): Lists 'Google Gemini 3.1 Pro (Preview)' and 'Google Gemini 3.5 Flash' as models available under the Pro+ plan, defining the model access entitlements for that tier. - Tier: All - Location: “Google Gemini 3 Flash (Preview)” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Google%20Gemini%203.1,Gemini%203.5%20Flash%20 ### tier differences — risk unknown > Anthropic Claude Sonnet 4.5 Anthropic Claude Sonnet 4.6 Anthropic Claude Opus 4.5 Anthropic Claude Opus 4.6 Anthropic Claude Opus 4.6 (fast mode) (Preview) Anthropic Claude Opus 4.7 Anthropic Claude Opus 4.8 - Interpretation (disclaimed): Lists multiple Anthropic Claude Opus and Sonnet models available under the Max plan, defining the full set of model entitlements for that tier. - Tier: All - Location: “Anthropic Claude Sonnet 4” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Anthropic%20Claude%20Sonnet,Claude%20Opus%204.8%20 ### tier differences — risk unknown > OpenAI GPT-5.2 OpenAI GPT-5.2-Codex OpenAI GPT-5.3-Codex OpenAI GPT-5.4 OpenAI GPT-5.4 mini OpenAI GPT-5.5 Google Gemini 2.5 Pro - Interpretation (disclaimed): Lists multiple OpenAI GPT-5 variants and Google Gemini 2.5 Pro as models available under the Max plan, defining the breadth of model access for that tier. - Tier: All - Location: “OpenAI GPT-5 mini” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20OpenAI%20GPT-5.2%20OpenAI,Gemini%202.5%20Pro%20 ### tier differences — risk unknown > GitHub Copilot Free is a new free pricing tier with limited functionality for individual developers. Users assigned a Copilot Business or Copilot Enterprise seat are not eligible for access. Users with access to Copilot Pro through a paid subscription, trial, or through an existing verified OSS, student, faculty, or MVP account may elect to use Free instead. - Interpretation (disclaimed): Segment defines eligibility restrictions for the GitHub Copilot Free tier, specifying that users with Business or Enterprise seats are excluded, and describes conditions under which Pro subscribers may elect to use Free instead, thereby creating a set of access restrictions and permissions that differentiate subscription tiers. - Tier: All - Location: “Who is eligible to access GitHub Copilot for free?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20Free,use%20Free%20instead.%20 ### tier differences — risk unknown > Switch to a less expensive model. Lightweight models use fewer credits per interaction and stretch your remaining allowance further. - Interpretation (disclaimed): Describes the administrative procedure for Business and Enterprise plans under which admins set usage limits, decide whether additional paid usage is allowed, and explains that Copilot pauses if additional paid usage is not enabled, with tracking alerts at 75%, 90%, and 100% of configured budgets. - Tier: All - Location: “What happens when I hit my usage limit?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Switch%20to%20a,remaining%20allowance%20further.%20 ### tier differences — risk unknown > If you're on the Free plan, you can upgrade to Pro through your Copilot settings page or directly on the Copilot marketing page . - Interpretation (disclaimed): Describes the procedure a Free-plan user must follow to upgrade to Copilot Pro, specifying the settings page and marketing page as the available upgrade paths. - Tier: All - Location: “How can I upgrade my GitHub Copilot Free license to Copilot Pro?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20If%20you%26%23x27%3Bre%20on,Copilot%20marketing%20page%20. ### tier differences — risk unknown > GitHub Copilot Autofix provides contextual explanations and code suggestions to help developers fix vulnerabilities in code, and is included in GitHub Advanced Security and available to all public repositories. - Interpretation (disclaimed): Section header framing the question of whether non-licensed users can use Copilot code review, introducing the permission and policy conditions described in the following segment. - Tier: All - Location: “Which plan includes GitHub Copilot Autofix?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20Autofix,to%20all%20public%20repositories. ### tier differences — risk unknown > We encourage admins to set up budgets to control spending on our metered products , especially customers who have not enabled the ‘Premium request paid usage’ policy in the past. You can track all premium request usage in your billing dashboard to monitor and control spending. - Interpretation (disclaimed): Section header introducing the definition of GitHub AI Credits and how they function as the payment mechanism for AI usage across plans. - Tier: All - Location: “Is Copilot code review usage from users without a Copilot license enabled by default? How do I control the cost?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20We%20encourage%20admins,monitor%20and%20control%20spending. ### tier differences — risk unknown > No. This capability is off by default and gives the enterprise admin control to enable or disable. An admin must explicitly enable two separate policies to activate: - Interpretation (disclaimed): Specifies that the non-licensed user code review capability is off by default and requires explicit admin activation of two separate policies, restricting automatic enablement and placing control with the enterprise admin. - Tier: All - Location: “Is Copilot code review usage from users without a Copilot license enabled by default? How do I control the cost?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20No.%20This%20capability,policies%20to%20activate%3A%20 ### tier differences — risk unknown > GitHub Copilot has multiple offerings for organizations and an offering for individual developers. All the offerings include both inline suggestion and chat assistance. The primary differences between the organization offerings and the individual offering are license management, policy management, and IP indemnity. Organizations can choose between GitHub Copilot Business and GitHub Copilot Enterprise. GitHub Copilot Business primarily features GitHub Copilot in the coding environment - that is the IDE, CLI and GitHub Mobile. GitHub Copilot Enterprise includes everything in GitHub Copilot Business. It also  adds an additional layer of customization for organizations and integrates into GitHub.com as a chat interface to allow developers to converse with GitHub Copilot throughout the platform. GitHub Copilot Enterprise can index an organization’s codebase for a deeper understanding of the customer’s knowledge for more tailored suggestions and will offer customers access to fine-tuned custom, private models for inline suggestions . GitHub Copilot Individual is designed for individual developers, freelancers, students, educators, and open source maintainers. The plan includes all the features of GitHub Copilot Business except organizational license management, policy management, and IP indemnity. - Interpretation (disclaimed): Defines the primary distinctions among Copilot plans (license management, policy management, IP indemnity, feature scope), establishing the legal rights and feature entitlements associated with each tier. - Tier: All - Location: “What are the differences between the GitHub Copilot Business, GitHub Copilot Enterprise, and GitHub Copilot Individual plans?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20has,management%2C%20and%20IP%20indemnity. ### tier differences — risk unknown > GitHub Copilot is entirely optional and requires you to opt in before gaining access. You can easily configure its usage directly in the editor, enabling or disabling it at any time. Additionally, you have control over which file types GitHub Copilot is active for. - Interpretation (disclaimed): Describes the administrative procedure by which enterprise administrators manage Copilot Business and Enterprise access, control preview features and models, set policies, and use network firewalls to control access, relevant to tier-specific governance rights. - Tier: All - Location: “What if I do not want GitHub Copilot?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20is,Copilot%20is%20active%20for. ### tier differences — risk unknown > Access to Copilot Business and Enterprise is managed by your GitHub Administrator. They can control access to preview features, models, and set GitHub Copilot policies for your organization. Additionally, you can use your network firewall to explicitly allow access to Copilot Business and/or block access to Copilot Pro or Free. For more details, refer to the documentation . - Interpretation (disclaimed): Section header asking about differences between Free, Pro, Pro+, Max, Business, and Enterprise plans; introduces the tier-difference definitional content that follows. - Tier: All - Location: “How do I control access to GitHub Copilot in my company?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Access%20to%20Copilot,to%20the%20documentation%20. ### tier differences — risk unknown > GitHub Copilot Free users are limited to 2000 completions and 50 chat requests (including Copilot Edits). - Interpretation (disclaimed): Imposes specific quantitative limits on Free plan users — 2000 completions and 50 chat requests — restricting the volume of service available under that tier. - Tier: All - Location: “What is included in GitHub Copilot Free?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20Free,requests%20(including%20Copilot%20Edits). ### tier differences — risk unknown > Organizations can now enable Copilot code review on all pull requests on github.com—including pull requests from users who are not assigned a Copilot license . This allows you to extend the quality and rich analysis of Copilot code review to all pull requests, regardless of its author, giving you complete coverage and confidence that pull requests have been reviewed. To enable this functionality, an enterprise/org admin must first have Copilot enabled and then enabled two policies. Note : This capability is not supported for Copilot code reviews in VS Code or other IDEs. - Interpretation (disclaimed): Grants organizations permission to enable Copilot code review for pull requests from users without a Copilot license, subject to admin enabling two policies, while also noting the restriction that this capability is not supported in VS Code or other IDEs. - Tier: All - Location: “Can users in my organization use Copilot code reviews for their pull requests if they don’t have a Copilot license?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Organizations%20can%20now,Code%20or%20other%20IDEs. ### tier differences — risk unknown > Usage from non-licensed users is billed directly to your organization as GitHub AI Credits. This flexible model allows you to get full review coverage on every PR without purchasing a full Copilot seat for non-development contributors who may not need Copilot. Usage from your existing licensed users continues to draw from their included monthly allowance as it does today. Beginning June 1, 2026, code review workflows also consume GitHub Actions minutes. - Interpretation (disclaimed): Establishes that usage from non-licensed users is billed as GitHub AI Credits to the organization, and that beginning June 1, 2026, code review workflows also consume GitHub Actions minutes, creating financial obligations tied to feature use across license tiers. - Tier: All - Location: “How does billing work for Copilot code review usage generated by users without a Copilot license?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Usage%20from%20non-licensed,consume%20GitHub%20Actions%20minutes. ### tier differences — risk unknown > We encourage admins to set up budgets to control spending on our metered products , especially customers who have not enabled the ‘Premium request paid usage’ policy in the past. You can track all premium request usage in your billing dashboard to monitor and control spending. - Interpretation (disclaimed): Recommends that admins set up budgets to control spending on metered products and describes how to track premium request usage in the billing dashboard, outlining a cost-management procedure tied to tier-based metered usage. - Tier: All - Location: “Is Copilot code review usage from users without a Copilot license enabled by default? How do I control the cost?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20We%20encourage%20admins,monitor%20and%20control%20spending. ### tier differences — risk unknown > When you've used your monthly allowance, you have a few options: Wait for your next cycle. Your included allowance resets every month. - Interpretation (disclaimed): Describes the option to wait for the next billing cycle when the monthly allowance is exhausted, establishing that the included allowance resets monthly as a standard procedure. - Tier: All - Location: “What happens when I hit my usage limit?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20When%20you%26%23x27%3Bve%20used,resets%20every%20month.%20 ### tier differences — risk unknown > Switch to a less expensive model. Lightweight models use fewer credits per interaction and stretch your remaining allowance further. - Interpretation (disclaimed): Describes the option to switch to a less expensive model to extend remaining allowance, outlining a cost-management procedure available to users at their usage limit. - Tier: All - Location: “What happens when I hit my usage limit?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Switch%20to%20a,remaining%20allowance%20further.%20 ### tier differences — risk unknown > If you are a government User or otherwise accessing or using any GitHub Service in a government capacity, this Government Amendment to GitHub Terms of Service applies to you, and you agree to its provisions. - Interpretation (disclaimed): Incorporates the Enterprise Cloud Addendum for users who have signed up for GitHub Enterprise Cloud, making its provisions binding and applicable as additional or supplemental terms for that tier. - Tier: All - Location: § 5 (Additional Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20If%20you%20are,agree%20to%20its%20provisions. ### tier differences — risk unknown > Google Gemini 3.1 Pro (Preview) Google Gemini 3.5 Flash - Interpretation (disclaimed): Lists 'Google Gemini 3.1 Pro (Preview)' and 'Google Gemini 3.5 Flash' as models available under the Pro plan, defining the model access entitlements for that tier. - Tier: All - Location: “Google Gemini 3 Flash (Preview)” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Google%20Gemini%203.1,Gemini%203.5%20Flash%20 ### tier differences — risk unknown > Organizations. The "owner" of an Organization that was created under these Terms has ultimate administrative control over that Organization and the Content within it. Within the Service, an owner can manage User access to the Organization’s data and projects. An Organization may have multiple owners, but there must be at least one Personal Account designated as an owner of an Organization. If you are the owner of an Organization under these Terms, we consider you responsible for the actions that are performed on or through that Organization. - Interpretation (disclaimed): Defines owner responsibilities for Organizations, establishes that owners bear responsibility for actions performed through the Organization, and requires at least one Personal Account as owner, creating distinct obligations for organizational account holders. - Tier: All - Location: § 1 (Account Controls) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Organizations.%20The%20%22owner%22,or%20through%20that%20Organization. ### tier differences — risk unknown > Payment Based on Usage Some Service features are billed based on your usage. A limited quantity of these Service features may be included in your plan for a limited term without additional charge. If you choose to use paid Service features beyond the quantity included in your plan, you pay for those Service features based on your actual usage in the preceding month. Monthly payment for these purchases will be charged on a periodic basis in arrears. See GitHub Additional Product Terms for Details . - Interpretation (disclaimed): This clause describes usage-based billing, establishes that a limited quantity of usage features is included in a plan, and obligates users to pay for overages based on actual usage from the preceding month billed in arrears, with reference to GitHub Additional Product Terms for further detail. - Tier: All - Location: § 3 (Billing Schedule; No Refunds) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Payment%20Based%20on,Terms%20for%20Details%20. ### tier differences — risk unknown > A machine account is an Account set up by an individual human who accepts the Terms on behalf of the Account, provides a valid email address, and is responsible for its actions. A machine account is used exclusively for performing automated tasks. Multiple users may direct the actions of a machine account, but the owner of the Account is ultimately responsible for the machine's actions. You may maintain no more than one free machine account in addition to your free Personal Account. - Interpretation (disclaimed): Restricts each person or legal entity to no more than one free Account, with a limited exception for machine accounts used solely for automated tasks, creating a quantitative account-tier limitation. - Tier: All - Location: § 3 (Account Requirements) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20A%20machine%20account,your%20free%20Personal%20Account. ### tier differences — risk unknown > “User,” “You,” and “Your” refer to the individual person, company, or organization that has visited or is using the Website or Service; that accesses or uses any part of the Account; or that directs the use of the Account in the performance of its functions. A User must be at least 13 years of age. Special terms may apply for business or government Accounts (See Section B(5): Additional Terms ). - Interpretation (disclaimed): Defines 'User,' 'You,' and 'Your' and establishes eligibility requirements including minimum age (13) and notes that special terms apply for business or government accounts, creating differentiated obligations by account type. - Tier: All - Location: § A (Definitions) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20%E2%80%9CUser%2C%E2%80%9D%20%E2%80%9CYou%2C%E2%80%9D%20and,B(5)%3A%20Additional%20Terms%20). ### tier differences — risk unknown > You may change your level of service at any time by choosing a plan option or going into your Billing settings . If you choose to downgrade your Account, you may lose access to Content, features, or capacity of your Account. Please see our section on Cancellation for information on getting a copy of that Content. - Interpretation (disclaimed): This clause permits users to change their service level at any time but imposes a restriction by warning that downgrading may result in loss of access to Content, features, or account capacity, and cross-references the Cancellation section for content recovery options. - Tier: All - Location: § 2 (Upgrades, Downgrades, and Changes) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20may%20change,copy%20of%20that%20Content. ### tier differences — risk unknown > Short version: Personal Accounts and Organizations have different administrative controls; a human must create your Account; you must be 13 or over; you must provide a valid email address; and you may not have more than one free Account. You alone are responsible for your Account and anything that happens while you are signed in to or using your Account. You are responsible for keeping your Account secure. - Interpretation (disclaimed): Summary provision distinguishing Personal Accounts from Organizations, stating age requirements, email requirements, single-free-account limits, and placing responsibility for Account security and activity on the user. - Tier: All - Location: § B (Account Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20Personal,your%20Account%20secure.%20 ### tier differences — risk unknown > If you upgrade to a higher level of service, we will bill you for the upgraded plan immediately. - Interpretation (disclaimed): This clause states that upgrading to a higher service level results in immediate billing for the upgraded plan, establishing the timing obligation for billing upon a service-level upgrade. - Tier: All - Location: § 2 (Upgrades, Downgrades, and Changes) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20If%20you%20upgrade,the%20upgraded%20plan%20immediately. ### tier differences — risk unknown > You must be age 13 or older. While we are thrilled to see brilliant young coders get excited by learning to program, we must comply with United States law. GitHub does not target our Service to children under 13, and we do not permit any Users under 13 on our Service. If we learn of any User under the age of 13, we will terminate that User’s Account immediately . If you are a resident of a country outside the United States, your country’s minimum age may be older; in such a case, you are responsible for complying with your country’s laws. - Interpretation (disclaimed): Restricts a single login to one person (no credential sharing) and limits paid Organizations to providing access to as many Personal Accounts as the subscription allows, creating tier-based access restrictions. - Tier: All - Location: § 3 (Account Requirements) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20You%20must%20be,with%20your%20country%E2%80%99s%20laws. ### tier differences — risk unknown > $70 monthly total credits for Pro+ - Interpretation (disclaimed): Section header indicating Max includes everything in Pro+ plus additional features, establishing cumulative entitlement structure for the highest tier. - Tier: All - Location: “4x+ included usage than Pro” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20%2470%20monthly%20total%20credits%20for%20Pro%2B%20 ### tier differences — risk unknown > If you change from a monthly billing plan to a yearly billing plan, GitHub will bill you for a full year at the next monthly billing date. - Interpretation (disclaimed): This clause specifies that switching from monthly to yearly billing results in GitHub billing for a full year at the next monthly billing date, defining the billing consequence and timing of that plan change. - Tier: All - Location: § 2 (Upgrades, Downgrades, and Changes) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20If%20you%20change,next%20monthly%20billing%20date. ### tier differences — risk unknown > GitHub may offer subscription-based access to our API for those Users who require high-throughput access or access that would result in resale of GitHub's Service. - Interpretation (disclaimed): Permits GitHub to offer subscription-based API access tiers for users requiring high-throughput access or resale-level access, establishing a differentiated commercial tier for the API. - Tier: All - Location: § H (API Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20GitHub%20may%20offer,resale%20of%20GitHub's%20Service. ### tier differences — risk unknown > Short version: Personal Accounts and Organizations have different administrative controls; a human must create your Account; you must be 13 or over; you must provide a valid email address; and you may not have more than one free Account. You alone are responsible for your Account and anything that happens while you are signed in to or using your Account. You are responsible for keeping your Account secure. - Interpretation (disclaimed): Short-version summary distinguishing Personal Accounts from Organizations, stating the user's sole responsibility for Account activity and security, and noting age and email requirements; functions as a definitional and obligation-setting introduction to the section. - Tier: All - Location: § B (Account Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Short%20version%3A%20Personal,your%20Account%20secure.%20 ### tier differences — risk unknown > One person or legal entity may maintain no more than one free Account (if you choose to control a machine account as well, that's fine, but it can only be used for running a machine). - Interpretation (disclaimed): Restricts individuals and legal entities to no more than one free Account, with a limited exception for a machine account used exclusively for automated tasks, differentiating free-tier usage. - Tier: All - Location: § 3 (Account Requirements) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20One%20person%20or,for%20running%20a%20machine). ### tier differences — risk unknown > If you have signed up for GitHub Enterprise Cloud, the Enterprise Cloud Addendum applies to you, and you agree to its provisions. - Interpretation (disclaimed): Incorporates the Enterprise Cloud Addendum by reference and makes it binding on users who have signed up for GitHub Enterprise Cloud, establishing additional obligations for that subscription tier. - Tier: All - Location: § 5 (Additional Terms) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20If%20you%20have,agree%20to%20its%20provisions. ### tier differences — risk unknown > Organizations. The "owner" of an Organization that was created under these Terms has ultimate administrative control over that Organization and the Content within it. Within the Service, an owner can manage User access to the Organization’s data and projects. An Organization may have multiple owners, but there must be at least one Personal Account designated as an owner of an Organization. If you are the owner of an Organization under these Terms, we consider you responsible for the actions that are performed on or through that Organization. - Interpretation (disclaimed): Defines the role of Organization 'owner,' grants that owner ultimate administrative control over the Organization and its Content, and imposes responsibility on the owner for actions performed on or through that Organization, distinguishing Organization-tier obligations. - Tier: All - Location: § 1 (Account Controls) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20Organizations.%20The%20%22owner%22,or%20through%20that%20Organization. ### tier differences — risk unknown > “User,” “You,” and “Your” refer to the individual person, company, or organization that has visited or is using the Website or Service; that accesses or uses any part of the Account; or that directs the use of the Account in the performance of its functions. A User must be at least 13 years of age. Special terms may apply for business or government Accounts (See Section B(5): Additional Terms ). - Interpretation (disclaimed): Defines 'User,' 'You,' and 'Your' and establishes eligibility requirements including a minimum age of 13, with a cross-reference to additional terms for business or government accounts, creating distinct tier conditions. - Tier: All - Location: § A (Definitions) - Source: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service - Snapshot SHA-256: `6dd75ad6a94942a04350fdc5da0723f64af0b6faaba9e50861a16cebd4ad3084` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#:~:text=%20%E2%80%9CUser%2C%E2%80%9D%20%E2%80%9CYou%2C%E2%80%9D%20and,B(5)%3A%20Additional%20Terms%20). ### tier differences — risk unknown > GitHub Copilot Free users are limited to 2000 completions and 50 chat requests (including Copilot Edits). - Interpretation (disclaimed): Limits GitHub Copilot Free users to 2000 completions and 50 chat requests per period, establishing quantitative usage caps that distinguish the Free tier from paid tiers. - Tier: All - Location: “What is included in GitHub Copilot Free?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20Free,requests%20(including%20Copilot%20Edits). ### tier differences — risk unknown > Keep working with paid usage. Set a dollar budget for additional usage and Copilot continues without interruption. Credits draw down at $0.01 each, so a $10 budget covers 1,000 credits. - Interpretation (disclaimed): Permits users to continue working beyond their included allowance by setting a dollar budget for paid usage, defining the credit draw-down rate and providing an illustrative calculation. - Tier: All - Location: “What happens when I hit my usage limit?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Keep%20working%20with,covers%201%2C000%20credits.%20 ### tier differences — risk unknown > GitHub Copilot has multiple offerings for organizations and an offering for individual developers. All the offerings include both code completion and chat assistance. The primary differences between the organization offerings and the individual offering are license management, policy management, and IP indemnity. Organizations can choose between GitHub Copilot Business and GitHub Copilot Enterprise. GitHub Copilot Business primarily features GitHub Copilot in the coding environment - that is the IDE, CLI and GitHub Mobile. GitHub Copilot Enterprise includes everything in GitHub Copilot Business. It also  adds an additional layer of customization for organizations and integrates into GitHub.com as a chat interface to allow developers to converse with Copilot  throughout the platform. GitHub Copilot Enterprise can index an organization’s codebase for a deeper understanding of the customer’s knowledge for more tailored suggestions and will offer customers access to fine-tuned custom, private models for code completion. GitHub Copilot Pro is designed for individual developers, freelancers, students, educators, and open source maintainers. The plan includes all the features of GitHub Copilot Business except organizational license management, policy management, and IP indemnity. GitHub Copilot Max is built for heavy Copilot usage, including sustained agent-driven workflows, and includes $100/month in GitHub AI Credits. - Interpretation (disclaimed): Repeats definitional content distinguishing organization and individual Copilot plan offerings, including differences in license management, policy management, IP indemnity, and feature scope across tiers. - Tier: All - Location: “What are the differences between the Free, Pro, Pro+, Max, Business, and Enterprise plans?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20has,in%20GitHub%20AI%20Credits. ### tier differences — risk unknown > GitHub Copilot has multiple offerings for organizations and an offering for individual developers. All the offerings include both code completion and chat assistance. The primary differences between the organization offerings and the individual offering are license management, policy management, and IP indemnity. Organizations can choose between GitHub Copilot Business and GitHub Copilot Enterprise. GitHub Copilot Business primarily features GitHub Copilot in the coding environment - that is the IDE, CLI and GitHub Mobile. GitHub Copilot Enterprise includes everything in GitHub Copilot Business. It also  adds an additional layer of customization for organizations and integrates into GitHub.com as a chat interface to allow developers to converse with Copilot  throughout the platform. GitHub Copilot Enterprise can index an organization’s codebase for a deeper understanding of the customer’s knowledge for more tailored suggestions and will offer customers access to fine-tuned custom, private models for code completion. GitHub Copilot Pro is designed for individual developers, freelancers, students, educators, and open source maintainers. The plan includes all the features of GitHub Copilot Business except organizational license management, policy management, and IP indemnity. GitHub Copilot Max is built for heavy Copilot usage, including sustained agent-driven workflows, and includes $100/month in GitHub AI Credits. - Interpretation (disclaimed): Defines the substantive differences between individual and organizational Copilot plans, explicitly identifying license management, policy management, and IP indemnity as distinguishing features between tiers, which has direct legal relevance to indemnity and license rights. - Tier: All - Location: “What are the differences between the Free, Pro, Pro+, Max, Business, and Enterprise plans?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20has,in%20GitHub%20AI%20Credits. ### tier differences — risk unknown > Usage from non-licensed users is billed directly to your organization as GitHub AI Credits. This flexible model allows you to get full review coverage on every PR without purchasing a full Copilot seat for non-development contributors who may not need Copilot. Usage from your existing licensed users continues to draw from their included monthly allowance as it does today. Beginning June 1, 2026, code review workflows also consume GitHub Actions minutes. - Interpretation (disclaimed): Section header introducing the opt-in nature and cost-control mechanisms for non-licensed-user Copilot code review, framing the procedure and restrictions in the segments that follow. - Tier: All - Location: “How does billing work for Copilot code review usage generated by users without a Copilot license?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Usage%20from%20non-licensed,consume%20GitHub%20Actions%20minutes. ### tier differences — risk unknown > Access to Haiku 4.5, GPT-5 mini, and more - Interpretation (disclaimed): Grants Free-tier users permission to access specific AI models (Haiku 4.5, GPT-5 mini, and more), defining the scope of model access for this tier. - Tier: All - Location: “2,000 completions per month” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Access%20to%20Haiku,mini%2C%20and%20more%20 ### tier differences — risk unknown > For everyday coding with agents in GitHub Copilot. $ 10 USD per user / month New plan sign-ups are temporarily paused as we ensure a high-quality experience. We appreciate your patience. Learn more - Interpretation (disclaimed): Section header indicating that the Pro plan includes everything in the Free plan plus additional features, establishing a cumulative entitlement structure across tiers. - Tier: All - Location: “Pro” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20For%20everyday%20coding,patience.%20Learn%20more%20 ### tier differences — risk unknown > GitHub AI Credits are how you pay for AI usage in GitHub Copilot. Every plan includes a monthly allowance: 1 AI credit = $0.01 USD. You use credits when you chat with Copilot, work with agents, or use Copilot CLI, Spaces, and Spark. Code completions and next edit suggestions don't use credits. They remain unlimited with every paid plan. How many credits an interaction uses depends on the model you choose and the complexity of the task. A quick question to a lightweight model costs a fraction of a credit. A longer agent session on a frontier model across many files costs more. - Interpretation (disclaimed): Continues the definition of GitHub AI Credits by explaining how credits are consumed across interaction types and models, establishing the economic structure of credit usage across tiers. - Tier: All - Location: “What are GitHub AI Credits?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20AI%20Credits,files%20costs%20more.%20 ### tier differences — risk unknown > Agent mode, code review, coding agent, Copilot CLI, and Copilot Chat use premium requests, with usage varying by model. Model options may vary by feature. Learn more about premium requests - Interpretation (disclaimed): Specifies that agent mode, code review, coding agent, Copilot CLI, and Copilot Chat consume premium requests with variable usage by model, and that model options may vary by feature — establishing a usage-cost and access restriction that differentiates plan consumption rights and incorporates a cross-reference to further premium request details. - Tier: All - Location: “Available models” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Agent%20mode%2C%20code,about%20premium%20requests%20 ### tier differences — risk unknown > For getting started with GitHub Copilot. $ 0 USD - Interpretation (disclaimed): Defines the price point of the Free plan at $0 USD and its purpose ('getting started'), establishing the commercial terms of this tier. - Tier: All - Location: “Free” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20For%20getting%20started,%24%200%20USD%20 ### tier differences — risk unknown > Max plan Anthropic Claude Haiku 4.5 - Interpretation (disclaimed): Identifies 'Anthropic Claude Haiku 4.5' as a model included in the Max plan, defining the model access entitlements for that subscription tier. - Tier: All - Location: “Raptor mini (Preview)” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Max%20plan%20Anthropic%20Claude%20Haiku%204.5%20 ### tier differences — risk unknown > Credits used when interacting with Copilot features. Chat, agent mode, code review, Copilot cloud agent, Copilot CLI, and Copilot Apps consume GitHub AI Credits. Free plan supports CLI and agent mode. Learn more - Interpretation (disclaimed): Defines which Copilot features (Chat, agent mode, code review, Copilot cloud agent, CLI, Apps) consume GitHub AI Credits and specifies that the Free plan is limited to CLI and agent mode, establishing feature-access restrictions by tier. - Tier: All - Location: “Total GitHub AI Credits” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Credits%20used%20when,mode.%20Learn%20more%20 ### tier differences — risk unknown > Pro+ plan Anthropic Claude Haiku 4.5 - Interpretation (disclaimed): Identifies 'Anthropic Claude Haiku 4.5' as a model included in the Pro+ plan, defining the model access entitlements for that subscription tier. - Tier: All - Location: “Raptor mini (Preview)” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Pro%2B%20plan%20Anthropic%20Claude%20Haiku%204.5%20 ### tier differences — risk unknown > GitHub Copilot has multiple offerings for organizations and an offering for individual developers. All the offerings include both inline suggestion and chat assistance. The primary differences between the organization offerings and the individual offering are license management, policy management, and IP indemnity. Organizations can choose between GitHub Copilot Business and GitHub Copilot Enterprise. GitHub Copilot Business primarily features GitHub Copilot in the coding environment - that is the IDE, CLI and GitHub Mobile. GitHub Copilot Enterprise includes everything in GitHub Copilot Business. It also  adds an additional layer of customization for organizations and integrates into GitHub.com as a chat interface to allow developers to converse with GitHub Copilot throughout the platform. GitHub Copilot Enterprise can index an organization’s codebase for a deeper understanding of the customer’s knowledge for more tailored suggestions and will offer customers access to fine-tuned custom, private models for inline suggestions . GitHub Copilot Individual is designed for individual developers, freelancers, students, educators, and open source maintainers. The plan includes all the features of GitHub Copilot Business except organizational license management, policy management, and IP indemnity. - Interpretation (disclaimed): Segment defines the primary distinctions among GitHub Copilot plans, explicitly identifying license management, policy management, and IP indemnity as differentiating features between organizational and individual offerings, and describes the scope of each tier's included capabilities. - Tier: All - Location: “What are the differences between the GitHub Copilot Business, GitHub Copilot Enterprise, and GitHub Copilot Individual plans?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20has,management%2C%20and%20IP%20indemnity. ### tier differences — risk unknown > GitHub Copilot Autofix provides contextual explanations and code suggestions to help developers fix vulnerabilities in code, and is included in GitHub Advanced Security and available to all public repositories. - Interpretation (disclaimed): Defines what GitHub Copilot Autofix does and specifies its inclusion in GitHub Advanced Security and availability to public repositories, establishing feature-level tier entitlements. - Tier: All - Location: “Which plan includes GitHub Copilot Autofix?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20Autofix,to%20all%20public%20repositories. ### tier differences — risk unknown > Given public sources are predominantly in English, GitHub Copilot will likely work less well in scenarios where natural language prompts provided by the developer are not in English and/or are grammatically incorrect. Therefore, non-English speakers might experience a lower quality of service. - Interpretation (disclaimed): This segment disclaims that GitHub Copilot's quality of service may be lower for non-English speakers due to the predominantly English training data, functioning as a disclaimer about differential service quality based on language use without creating a formal legal obligation or restriction. - Tier: All - Location: “Will GitHub Copilot work as well using languages other than English?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Given%20public%20sources,lower%20quality%20of%20service. ### tier differences — risk unknown > GitHub Copilot Autofix provides contextual explanations and code suggestions to help developers fix vulnerabilities in code, and is included in GitHub Advanced Security . - Interpretation (disclaimed): Defines that Copilot Autofix (contextual vulnerability fix suggestions) is included only in GitHub Advanced Security, establishing the tier boundary for this feature. - Tier: All - Location: “Which plan includes GitHub Copilot Autofix?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20Autofix,GitHub%20Advanced%20Security%20. ### tier differences — risk unknown > If you're on the Free plan, you can upgrade to Pro through your Copilot settings page or directly on the Copilot marketing page . - Interpretation (disclaimed): Describes the procedure by which Free plan users can upgrade to the Pro tier, establishing a path between service tiers with distinct entitlements. - Tier: All - Location: “How can I upgrade my GitHub Copilot Free license to Copilot Pro?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20If%20you%26%23x27%3Bre%20on,Copilot%20marketing%20page%20. ### tier differences — risk unknown > Pro plan Anthropic Claude Haiku 4.5 - Interpretation (disclaimed): Identifies 'Anthropic Claude Haiku 4.5' as a model included in the Pro plan, defining the model access entitlements for that subscription tier. - Tier: All - Location: “Raptor mini (Preview)” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Pro%20plan%20Anthropic%20Claude%20Haiku%204.5%20 ### tier differences — risk unknown > Google Gemini 3.1 Pro (Preview) Google Gemini 3.5 Flash - Interpretation (disclaimed): Lists 'Google Gemini 3.1 Pro (Preview)' and 'Google Gemini 3.5 Flash' as models available under the Max plan, defining the model access entitlements for that tier. - Tier: All - Location: “Google Gemini 3 Flash (Preview)” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Google%20Gemini%203.1,Gemini%203.5%20Flash%20 ### tier differences — risk unknown > ‘GitHub AI Credits paid usage’ must be enabled to allow enterprises to be charged for GitHub AI Credits exceeding their included usage. - Interpretation (disclaimed): States that the 'GitHub AI Credits paid usage' policy must be enabled to allow charges for AI Credits exceeding included usage, establishing a prerequisite obligation for paid overage billing. - Tier: All - Location: “Is Copilot code review usage from users without a Copilot license enabled by default? How do I control the cost?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20%E2%80%98GitHub%20AI%20Credits,exceeding%20their%20included%20usage. ### tier differences — risk unknown > GitHub Copilot is available on your favorite platforms: - Interpretation (disclaimed): Introduces the list of supported platforms where GitHub Copilot is available, defining the scope of platform compatibility relevant to all tiers. - Tier: All - Location: “Best value” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20is,on%20your%20favorite%20platforms%3A ### tier differences — risk unknown > Included AI credits are shared org-wide with admin controls for spending. - Interpretation (disclaimed): Defines pooled usage as org-wide sharing of included AI credits with admin controls for spending, establishing the governance mechanism for credit consumption in organizational accounts. - Tier: All - Location: “Pooled usage” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Included%20AI%20credits,admin%20controls%20for%20spending. ### tier differences — risk unknown > On GitHub Copilot Business and GitHub Copilot Enterprise, admins set usage limits and decide whether additional paid usage is allowed. If it isn't, Copilot pauses until the next cycle. You can track your usage and reset date in your Copilot settings, with alerts at 75%, 90%, and 100% of any configured budget. - Interpretation (disclaimed): Specifies that on Business and Enterprise plans, admins set usage limits and can restrict additional paid usage, causing Copilot to pause if limits are reached, and describes monitoring alerts at 75%, 90%, and 100% of configured budgets. - Tier: All - Location: “What happens when I hit my usage limit?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20On%20GitHub%20Copilot,any%20configured%20budget.%20 ### tier differences — risk unknown > Agent mode use in VS Code, Visual Studio, JetBrains, Eclipse, and Xcode - Interpretation (disclaimed): Defines the scope of Agent mode use by specifying the IDEs (VS Code, Visual Studio, JetBrains, Eclipse, and Xcode) where the feature is permitted, limiting or bounding its availability. - Tier: All - Location: “Agent mode” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Agent%20mode%20use,JetBrains%2C%20Eclipse%2C%20and%20Xcode ### tier differences — risk unknown > $0 - Interpretation (disclaimed): Defines the price point ($0) for the Free tier, establishing the consideration (or lack thereof) associated with this plan level. - Tier: All - Location: “Free” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20%240%20 ### tier differences — risk unknown > GitHub AI Credits are how you pay for AI usage in GitHub Copilot. Every plan includes a monthly allowance: 1 AI credit = $0.01 USD. You use credits when you chat with Copilot, work with agents, or use Copilot CLI, Spaces, and Spark. Code completions and next edit suggestions don't use credits. They remain unlimited with every paid plan. How many credits an interaction uses depends on the model you choose and the complexity of the task. A quick question to a lightweight model costs a fraction of a credit. A longer agent session on a frontier model across many files costs more. - Interpretation (disclaimed): Section header introducing what happens when a user's usage limit is reached, framing the options and limitations described in the following segments. - Tier: All - Location: “What are GitHub AI Credits?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20AI%20Credits,files%20costs%20more.%20 ### tier differences — risk unknown > User management in github.com - Interpretation (disclaimed): Identifies 'User management in github.com' as a feature, defining the administrative user management capability referenced in subsequent tier availability rows. - Tier: All - Location: “Max plan Not included” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20User%20management%20in%20github.com ### tier differences — risk unknown > Anthropic Claude Sonnet 4.5 Anthropic Claude Sonnet 4.6 Anthropic Claude Opus 4.5 Anthropic Claude Opus 4.6 Anthropic Claude Opus 4.6 (fast mode) (Preview) Anthropic Claude Opus 4.7 Anthropic Claude Opus 4.8 - Interpretation (disclaimed): Lists multiple Anthropic Claude models (Sonnet 4.5 through Opus 4.8) as available, establishing model access entitlements for the applicable plan tier, including preview-status models subject to additional conditions. - Tier: All - Location: “Anthropic Claude Sonnet 4” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Anthropic%20Claude%20Sonnet,Claude%20Opus%204.8%20 ### tier differences — risk unknown > GitHub Copilot Autofix provides contextual explanations and code suggestions to help developers fix vulnerabilities in code, and is included in GitHub Advanced Security . - Interpretation (disclaimed): Segment defines that GitHub Copilot Autofix is included in GitHub Advanced Security, specifying a tier-based feature allocation that determines what functionality is available under which plan. - Tier: All - Location: “Which plan includes GitHub Copilot Autofix?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20Autofix,GitHub%20Advanced%20Security%20. ### tier differences — risk unknown > GitHub Copilot Free is a new free pricing tier with limited functionality for individual developers. Users assigned a Copilot Business or Copilot Enterprise seat are not eligible for access. Users with access to Copilot Pro through a paid subscription, trial, or through an existing verified OSS, student, faculty, or MVP account may elect to use Free instead. - Interpretation (disclaimed): Defines eligibility conditions for the GitHub Copilot Free tier, specifying which user categories are excluded (Business/Enterprise seat holders) and which may elect to downgrade to Free, establishing the scope of tier access rights. - Tier: All - Location: “Who is eligible to access GitHub Copilot for free?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20GitHub%20Copilot%20Free,use%20Free%20instead.%20 ### tier differences — risk unknown > Organizations can now enable Copilot code review on all pull requests on github.com—including pull requests from users who are not assigned a Copilot license . This allows you to extend the quality and rich analysis of Copilot code review to all pull requests, regardless of its author, giving you complete coverage and confidence that pull requests have been reviewed. To enable this functionality, an enterprise/org admin must first have Copilot enabled and then enabled two policies. Note : This capability is not supported for Copilot code reviews in VS Code or other IDEs. - Interpretation (disclaimed): Section header introducing the billing treatment for Copilot code review usage generated by non-licensed users, framing the commercial obligation described in the following segment. - Tier: All - Location: “Can users in my organization use Copilot code reviews for their pull requests if they don’t have a Copilot license?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Organizations%20can%20now,Code%20or%20other%20IDEs. ### tier differences — risk unknown > $100 per month - Interpretation (disclaimed): Defines the price point ($100 per month) for the Max tier, establishing the recurring financial obligation associated with this plan. - Tier: All - Location: “Max” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20%24100%20per%20month%20 ### tier differences — risk unknown > Delegate tasks to third-party coding agents like Claude by Anthropic and OpenAI Codex (Preview) - Interpretation (disclaimed): Defines the feature of delegating tasks to third-party coding agents (Claude by Anthropic and OpenAI Codex in Preview), establishing the scope of third-party agent integration subject to tier-based access and implicating subprocessor relationships. - Tier: All - Location: “Max plan Included” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20Delegate%20tasks%20to,and%20OpenAI%20Codex%20(Preview) ### tier differences — risk unknown > A new Copilot code review policy ( ‘Allow members without a Copilot license to use Copilot code review in github.com’ ) must also be enabled. - Interpretation (disclaimed): States that a specific Copilot code review policy must also be explicitly enabled to allow non-licensed members to use the feature, imposing a procedural obligation on admins as a condition of access. - Tier: All - Location: “Is Copilot code review usage from users without a Copilot license enabled by default? How do I control the cost?” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20A%20new%20Copilot,must%20also%20be%20enabled. ### tier differences — risk unknown > No credit card required. Verified students have access to the GitHub Copilot Student plan. Learn more - Interpretation (disclaimed): States that no credit card is required for the Free plan, and creates a special exception granting verified students access to the GitHub Copilot Student plan, differentiating eligibility conditions by user category. - Tier: All - Location: “Copilot CLI” - Source: https://github.com/features/copilot/plans - Snapshot SHA-256: `3093f9e2a519be10993d953f0f92f99f1396d8ba974fcffe826d6382f5ddf98c` - Wayback: — - Deep link: https://github.com/features/copilot/plans#:~:text=%20No%20credit%20card,plan.%20Learn%20more%20 ### tier differences — risk unknown > If you live in Colorado, Connecticut, or Virginia you have some additional rights: - Interpretation (disclaimed): Introduces the scope of additional privacy rights available to residents of Colorado, Connecticut, and Virginia, establishing jurisdiction-specific applicability for the rights that follow. - Tier: All - Location: Privacy Policy › “Colorado/Connecticut/Virginia” - Source: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement - Snapshot SHA-256: `41aae0b52b175a72b1454549172f49289a3ab9df7b28aa96bbceb1a9c5674189` - Wayback: — - Deep link: https://docs.github.com/en/site-policy/privacy-policies/github-privacy-statement#:~:text=%20If%20you%20live,have%20some%20additional%20rights%3A --- # GRC Risk Assessment — Tabnine - Platform: **Tabnine** (tabnine) - Headline risk rating: **UNKNOWN** - Website: https://www.tabnine.com - Generated: 2026-06-14T10:18:02.032Z - Findings (verified, published): **187** > Every assertion is anchored to a verbatim quote with a SHA-256 snapshot hash and a Wayback archive URL for independent verification. Informational only; not legal advice. ## Control crosswalk (NIST AI RMF 1.0 + ISO/IEC 42001) | Surface | Risk | Confidence | NIST AI RMF | ISO/IEC 42001 | |---|---|---|---|---| | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | training use | unknown | high | MAP-2.3 / MEASURE-2.6 (data provenance & training use) | ISO 42001 A.7.4 (data for AI systems) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | output ownership | unknown | high | MAP-1.1 (IP & output rights) | ISO 42001 A.5.2 (AI policy / IP) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | commercial use | unknown | high | MANAGE-1.3 (use limitations) | ISO 42001 A.9.2 (intended use) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | medium | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | privacy data use | unknown | high | MEASURE-2.10 (privacy risk) | ISO 42001 A.7.5 (privacy) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | data retention | unknown | high | MANAGE-2.2 (data lifecycle) | ISO 42001 A.7.6 (data lifecycle) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | subprocessors data sharing | unknown | high | MAP-4.1 (third-party/supply-chain) | ISO 42001 A.10.2 (third parties) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | audit rights dpa residency | unknown | high | GOVERN-2.1 (accountability, audit) | ISO 42001 A.6.2 (internal audit) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | indemnity liability | unknown | high | GOVERN-6.1 (liability allocation) | ISO 42001 A.9.4 (responsibilities) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | confidentiality | unknown | high | MEASURE-2.7 (confidentiality) | ISO 42001 A.7.5 (information handling) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | governing law disputes | unknown | high | GOVERN-1.1 (legal/regulatory) | ISO 42001 A.5.2 (legal context) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | moderation enforcement | unknown | high | MANAGE-4.1 (enforcement) | ISO 42001 A.9.3 (operation controls) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | | tier differences | unknown | high | MAP-3.4 (context of use by tier) | ISO 42001 A.9.2 (intended use) | ## Evidence (verbatim, with provenance) ### training use — risk unknown > We collect Personal Information listed under Section f to improve and develop our Platform and Services and understand feedback on Tabnine’s Services and Platform and to help provide more information on the use of the Platform and Services quickly and easily. - Interpretation (disclaimed): Permits Tabnine to collect and use personal information (Section f data) to improve and develop the platform and services, including understanding feedback and informing users about platform use — directly implicating AI/platform training and development activities. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20We%20collect%20Personal,Services%20quickly%20and%20easily. ### training use — risk unknown > As part of the Services and provision of Suggested Code by Tabnine, you shall be entitled to choose whether such Suggested Language shall be provided by Tabnine by using: (a) Tabnine′s standard Suggested Code engine Services, or (b) Tabnine′s upgraded Suggested Code engine which utilizes your own code in order to make available to you a "tailor made" Suggested Code engine Services, which is meant to provide you with Suggested Codes results and suggestions after studying your own code (" Tailor Made Services" ). - Interpretation (disclaimed): This segment defines the 'Tailor Made Services' option, explaining that Tabnine can use the user's own code to create a personalized Suggested Code engine, establishing the framework for a service tier that involves processing of user code. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=As%20part%20of%20the,Tailor%20Made%20Services%22%20). ### training use — risk unknown > In connection with any Tailor Made Services, we note that: (a) no such Tailor Made Services will be provided unless explicitly asked by you, (b) as part of the Tailor Made Services, you will be required to grant Tabnine with access to your code, such code shall be used by Tabnine solely in order to adjust and upgrade the standard Services to provide you, and you only, with the Tailor Made Services. No other users shall be granted with any access to the Tailor Made Services provided to you, (c) following Tabnine′s adjustment and upgrade of the Services, any code provided by you to Tabnine shall not be stored and/or used by Tabnine, and (d) for the avoidance of doubt, except with respect to creating the Tailor Made Services, Tabnine shall not be granted any intellectual property rights in the code shared by you which was provided solely for the limited use by Tabnine for creating the Tailor Made Services. - Interpretation (disclaimed): This segment imposes obligations regarding Tailor Made Services: it requires explicit user consent before activation, restricts use of user code solely to adjusting the service for that user only, prohibits granting other users access, and specifies deletion of user code following adjustment, establishing both data use restrictions and deletion obligations. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=In%20connection%20with%20any,the%20Tailor%20Made%20Services. ### training use — risk unknown > It is further clarified that any code developed by you while using the Services hereunder, is used by Tabnine ONLY for the purpose of improving the Service provided specifically and solely to you (and not for any other purpose, including improving the Services provided to other Tabnine users). - Interpretation (disclaimed): This clause restricts Tabnine's use of user-developed code solely to improving the Service for that specific user, explicitly prohibiting use of user code to improve services provided to other users or for any other purpose, creating a narrow training-use limitation. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20It%20is%20further,other%20Tabnine%20users).%20 ### training use — risk unknown > "Tabnine Pre-Trained Model" means the machine learning model developed by Tabnine using a dataset containing open-source code developed and released under permissive licenses. - Interpretation (disclaimed): This segment defines 'Tabnine Pre-Trained Model' as a machine learning model developed by Tabnine using open-source code datasets, which is directly relevant to training data use and intellectual property provenance. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20%22Tabnine%20Pre-Trained%20Model%22,released%20under%20permissive%20licenses. ### output ownership — risk unknown > Tabnine′s Services include, without limitation (i) a software and/or a service for searching and sharing software code, and (ii) a software and/or a service which analyzes your code-development environment and the activities performed therein, and automatically suggests you relevant code portions which may be applicable to your uses (" Suggested Code(s) "). Tabnine shall not assume any responsibility to any content which is published, displayed and/or suggested through the Services, including without limitation with respect to any Suggested Code, its integrity, accuracy and/or reliability. Tabnine cannot guarantee that the Services will always function without disruptions, delay or errors. A number of factors may impact the quality of your communications and use of the Services, and may result in the failure of your communications including, without limitation, your local network, firewall, your internet service provider, the public internet and your power supply. Tabnine takes no responsibility for any disruption, interruption or delay caused by any failure of or inadequacy in any of these items or any other items over which we have no control. - Interpretation (disclaimed): This segment describes the Services including the Suggested Code functionality and disclaims any responsibility for the content, integrity, accuracy, or reliability of Suggested Code published or displayed through the Services, allocating risk away from Tabnine with respect to AI-generated outputs. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=Tabnine%E2%80%B2s%20Services%20include%2C%20without,we%20have%20no%20control. ### output ownership — risk unknown > Please note that though Tabnine strives that any Suggested Code provided through the Services shall be usable in accordance with its respective license terms, which may (but without obligation to do so) be provided by Tabnine together with such Suggested Code, the ultimate responsibility with respect to such Suggested Code, its usage and/or incorporation thereof into your source code or any of your software and/or products, lies solely with you, and, without derogating from Sections ‎12 and 14 below, Tabnine, its directors, officers, employees and consultants do not assume any responsibility or liability with respect to any Suggested Code, even if such Suggested Code and/or any use made by you thereof (i) infringes any intellectual property right of any third party, (ii) requires the distribution to the public of, or public access to, your (or any third party′s) source code or any of your software and/or products, (iii) restrict your ability to charge for distribution of, or use your (or any third party′s) source code or any of your software and/or products, or (iv) causes any damage to or imposes any liability on you and/or any third party. We recommend that you carefully read the applicable license of any Suggested Code you intend to use, prior to such usage. - Interpretation (disclaimed): This segment disclaims Tabnine's responsibility regarding the licensing compliance of Suggested Code, places ultimate responsibility for use, incorporation, and licensing compliance of AI-generated code outputs on the user, and limits Tabnine's liability for any issues arising from use of Suggested Code. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=Please%20note%20that%20though,prior%20to%20such%20usage. ### output ownership — risk unknown > Tabnine and/or its affiliates retain all rights in the Services′ materials (including, but not limited to, applications, software, designs, graphics, texts, information, pictures, video, sound, music, and other files, and their selection and arrangement) (collectively, "Services′ Materials"). The entire contents of the Services are protected by applicable copyright, trade dress, patent, and trademark laws, international conventions, and other laws protecting intellectual property and related proprietary rights. You shall not, nor shall you cause any other party to modify, decompile, disassemble, reverse engineer, copy, transfer, create derivative works from, rent, sub-license, distribute, reproduce framed, republish, scrape, download, display, transmit, post, lease or sell in any form or by any means, in whole or in part, use for any purpose other than for using the Services pursuant to these Terms or otherwise exploit any of the Services′ Materials without Tabnine′s explicit, prior written consent. All other uses of copyrighted or trademark material, including any derivative use, require explicit, prior written consent from Tabnine. Any reproduction or redistribution of materials not in accordance with these Terms is explicitly prohibited and may result in the termination of your Account as well as severe civil and criminal penalties. - Interpretation (disclaimed): This clause asserts that Tabnine and its affiliates retain all rights in the Services' Materials protected by IP law, and restricts users from modifying, decompiling, or otherwise exploiting those materials without authorization. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=Tabnine%20and%2For%20its%20affiliates,civil%20and%20criminal%20penalties. ### output ownership — risk unknown > Tabnine and/or its licensors and affiliates own all right, title, and interest, including copyrights and other intellectual property rights, in and to all the Services′ Materials. You hereby acknowledge that you do not acquire any ownership rights by using the Services or by accessing any of the Services′ Materials, or rights to any derivative works thereof.You are not required to provide Tabnine with any feedback or suggestions regarding the Services or any of the Services′ Materials. However, should you provide Tabnine with comments or suggestions for the modification, correction, improvement or enhancement of the Services and/or any of the Services′ Materials, then, subject to the terms and conditions of these Terms, you hereby grant Tabnine a non-exclusive, irrevocable, worldwide, royalty-free license, including the right to sublicense, to use and disclose such comments and suggestions in any manner Tabnine chooses and to display, perform, copy, have copied, make, have made, use, sell, offer to sell, and otherwise dispose of Tabnine′s and its sublicensees′ products and content embodying such comments or suggestions in any manner and via any media Tabnine chooses, but without reference to the source of such comments or suggestions. - Interpretation (disclaimed): This clause affirms Tabnine's ownership of all IP in Services' Materials and obligates users to acknowledge they acquire no ownership rights through use, while establishing that any feedback or suggestions voluntarily provided by users may be used by Tabnine without restriction or compensation. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=Tabnine%20and%2For%20its%20licensors,such%20comments%20or%20suggestions. ### output ownership — risk unknown > Subject to the foregoing, for the avoidance of any doubt, by using the Services Tabnine is not granted with any rights in and to any code and/or other intellectual property developed by you while using the Services in accordance with the provisions hereof and any code suggestions accepted by you while using the Services in accordance with these Terms of Use and incorporated by you into any code you generate shall be deemed as part of the code generated by you for all purposes and Tabnine hereby grants you a non-exclusive, perpetual and royalty-free license to use, within the code generated by you, any such code suggestions. - Interpretation (disclaimed): This clause clarifies that Tabnine acquires no rights in user-developed code, and grants users a non-exclusive, perpetual, royalty-free license to use code suggestions accepted from the Services as part of their own generated code, establishing user ownership and licensing terms for AI-generated output. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Subject%20to%20the,such%20code%20suggestions.%20 ### commercial use — risk unknown > Subject to your agreement and compliance with these Terms, Tabnine grants you a personal, non-exclusive, non-transferable, non-sublicensable, revocable, limited scope license to use the Services for your own internal purposes. You hereby acknowledge that your license to use the Services is limited by these Terms, and, if you violate or if, at any point, you do not agree to any of these Terms, your license to use the Services shall immediately terminate, and you shall immediately refrain from using the Services. If the Services or any part thereof is determined to be illegal under the laws of the country in which you are situated, you shall not be granted any license to use the Services, and must refrain from using the Services. - Interpretation (disclaimed): This segment grants users a personal, non-exclusive, non-transferable, non-sublicensable, revocable, limited-scope license to use the Services for internal purposes only, and specifies that the license immediately terminates upon violation of the Terms, establishing the scope and conditions of permitted use. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=Subject%20to%20your%20agreement,from%20using%20the%20Services. ### commercial use — risk unknown > Copy, rent, lease, sell, transfer, assign, sublicense, disassemble, reverse engineer or decompile (except if expressly authorized by Tabnine or by applicable statutory law), modify or alter any part of the Services; - Interpretation (disclaimed): This clause restricts users from copying, renting, leasing, selling, transferring, sublicensing, reverse engineering, decompiling, or modifying the Services except where expressly authorized by Tabnine or applicable law, limiting the scope of permissible use. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Copy%2C%20rent%2C%20lease%2C,part%20of%20the%20Services%3B ### commercial use — risk unknown > Make representations with respect to Tabnine not approved in advance and in writing by Tabnine. You shall obtain Tabnine′s prior written approval to the content of any marketing message, and with respect to any use of Tabnine′s trade name and/or trademarks and/or designs in connection with the Services; - Interpretation (disclaimed): This clause restricts users from making unapproved representations about Tabnine and requires prior written approval for use of Tabnine's trade name, trademarks, or designs in marketing or promotional materials. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Make%20representations%20with,connection%20with%20the%20Services%3B ### commercial use — risk unknown > Access or use an Account which has been rented, leased, sold, traded, gifted, bequeathed, or otherwise transferred from the Account creator without Tabnine′s prior written consent; - Interpretation (disclaimed): This clause restricts users from accessing accounts transferred through sale, rental, gift, or bequest without Tabnine's prior written consent, limiting account transferability and protecting platform integrity. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Access%20or%20use,Tabnine%E2%80%B2s%20prior%20written%20consent%3B ### commercial use — risk unknown > These Terms do not authorize you to, and you may not use any Third-Party Materials except as expressly permitted (by license or otherwise) by the owners of such Third-Party Materials and such owners may have the right to seek damages against you for any unauthorized use of their Third-Party Materials. - Interpretation (disclaimed): This clause restricts the user from using Third-Party Materials without express permission from the owners, clarifying that the Terms do not authorize such use and that third-party owners may seek damages for unauthorized use. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=These%20Terms%20do%20not,of%20their%20Third-Party%20Materials. ### commercial use — risk unknown > You may not use any Third-Party Materials for which you have not obtained appropriate approval to use. Tabnine cannot grant permission to use third-party content. - Interpretation (disclaimed): This segment restricts the user from using Third-Party Materials without appropriate approval, and clarifies that Tabnine cannot grant permission to use third-party content, reinforcing the restriction established in segment 97. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=You%20may%20not%20use,to%20use%20third-party%20content. ### privacy data use — risk unknown > How we use that information. - Interpretation (disclaimed): This segment states the policy explains how collected information is used, functioning as a definitional scope statement for data use practices. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20How%20we%20use%20that%20information. ### privacy data use — risk unknown > What information we collect and why we collect it. - Interpretation (disclaimed): This segment identifies that the policy explains what information is collected and why, functioning as a definitional scope statement for the data collection practices described in the policy. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20What%20information%20we,why%20we%20collect%20it. ### privacy data use — risk unknown > Welcome! We’re glad you’re here and want you to know that we respect your privacy and your right to control how we collect, use, and share your personal data. - Interpretation (disclaimed): This segment states Tabnine's commitment to respecting user privacy and the user's right to control collection, use, and sharing of personal data, establishing an overarching obligation to honor user privacy rights. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Welcome!%20We%E2%80%99re%20glad,share%20your%20personal%20data. ### privacy data use — risk unknown > Tabnine Ltd. ( " Tabnine " , " we " ) is committed to maintaining the privacy of its users (" user " " you "). The following information describes how Tabnine collects and processes information about you when you use our website (the " Website ") and Platform (as defined below). - Interpretation (disclaimed): This segment defines the parties ('Tabnine,' 'we,' 'user,' 'you'), the scope of the document (Website and Platform), and introduces the subject matter of data collection and processing, establishing key definitions used throughout the policy. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Tabnine%20Ltd.%20(,Platform%20(as%20defined%20below). ### privacy data use — risk unknown > Your rights with regard to the collection of such information. - Interpretation (disclaimed): This segment identifies that the policy covers the user's rights regarding information collection, establishing that data subject rights are addressed within the document. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Your%20rights%20with,collection%20of%20such%20information. ### privacy data use — risk unknown > By using our Website and Platform, you agree to this Privacy Policy. - Interpretation (disclaimed): This segment states that by using the Website and Platform, the user agrees to the Privacy Policy, incorporating the policy's terms as binding through continued use. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=By%20using%20our%20Website,to%20this%20Privacy%20Policy. ### privacy data use — risk unknown > Please note that the scope of this Privacy Policy is limited only to information collected by Tabnine through your use of its Website and Platform. Some information may be automatically collected, and some is collected when you interact with our Website and Platform. The type of information that may be automatically collected is non-personal information, which includes your session durations, the content you accessed on the Website and Platform, the frequency and scope of your use of the Website and Platform and information about your computer and internet connection including the operating system you use and browser type. - Interpretation (disclaimed): This segment defines the scope of the Privacy Policy (limited to information collected through Website and Platform use), identifies categories of automatically collected non-personal information (session durations, content accessed, frequency of use, device/connection data), and defines what constitutes non-personal information in this context. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Please%20note%20that,use%20and%20browser%20type. ### privacy data use — risk unknown > Information from which you can be personally identified may also be collected, including but not limited to your email address, applicable username, company, resume, LinkedIn profile URL, phone number, job title, details you choose to share when requesting a demo and the location of the computer through which you used the Website and Platform (hereinafter: "Personal Information" ). Personal Information shall be collected only if received voluntarily from you, including, without limitation, via the following ways: - Interpretation (disclaimed): This segment defines 'Personal Information' by listing categories of personally identifiable data collected (email, username, company, resume, LinkedIn URL, phone, job title, demo details, location), and establishes that Personal Information is collected only when voluntarily provided by the user, creating a restriction on involuntary collection. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Information%20from%20which,via%20the%20following%20ways%3A ### privacy data use — risk unknown > If you wish to sign up or log in to your account to use the Platform via the Website, we may also use a Single Sign-On account (" SSO "such as Google, Microsoft, GitHub or other available SSO services. Signing in via the SSO will provide us with access to information these SSO services obtain about you, and all in accordance with your specific SSO’s privacy settings. - Interpretation (disclaimed): This segment explains that sign-up/login via SSO (Google, Microsoft, GitHub, etc.) provides Tabnine access to information those SSO services hold about the user, subject to the user's SSO privacy settings, defining the SSO data collection mechanism and its scope. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20If%20you%20wish,specific%20SSO%E2%80%99s%20privacy%20settings. ### privacy data use — risk unknown > If you wish to sign up or log in to your account to use the Platform via the Website, we may also use a Single Sign-On account ("SSO" such as Google, Microsoft, GitHub or other available SSO services. Signing in via the SSO will provide us with access to information these SSO services obtain about you, and all in accordance with your specific SSO’s privacy settings. - Interpretation (disclaimed): This segment repeats the SSO sign-up/login data collection description, defining the scope of data access Tabnine obtains through SSO services subject to the user's privacy settings. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20If%20you%20wish,specific%20SSO%E2%80%99s%20privacy%20settings. ### privacy data use — risk unknown > If you wish to download certain professional and promotional materials provided over our Platform (" Materials "), we may monitor and collect data concerning your usage of the Materials, such as the number of pages you have read and how long you spend reading the Materials. - Interpretation (disclaimed): This segment describes that when users download Materials from the Platform, Tabnine monitors and collects usage data (pages read, time spent), defining a specific category of data collection and its scope. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20If%20you%20wish,spend%20reading%20the%20Materials. ### privacy data use — risk unknown > If you wish to add a Team Member to the Platform, we will collect the email you submit, and will contact them for the provision of the Services to them. You represent that you have all the necessary rights to provide such Team Member’s information to us, and in case required, applicable consents to enable us to contact such Team Member for the provision of the Service to them. - Interpretation (disclaimed): This segment establishes that when adding a Team Member, Tabnine collects the submitted email and will contact them; it imposes an obligation on the submitting user to represent they have necessary rights and consents to provide third-party personal information, creating a responsibility regarding lawfulness of third-party data sharing. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20If%20you%20wish,the%20Service%20to%20them. ### privacy data use — risk unknown > In case you are our Business Partner who provides us with the required information of its personnel or other relevant individuals who you wish to be provided with an authorization to use the Platform and Services, you represent that you have all the necessary rights to provide such Personal Information to us, and in case required applicable consents for the provision of the Service to them. - Interpretation (disclaimed): This segment establishes that Business Partners who provide personnel or individual data to Tabnine must represent they hold necessary rights and consents, imposing a legal obligation on business partners regarding lawfulness of personal data provision for platform access. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20In%20case%20you,the%20Service%20to%20them. ### privacy data use — risk unknown > If you wish to download certain professional and promotional materials provided over our Platform ("Materials"), we may monitor and collect data concerning your usage of the Materials, such as the number of pages you have read and how long you spend reading the Materials. - Interpretation (disclaimed): This segment describes Tabnine's collection of usage data when users download Materials (pages read, time spent), defining the scope and type of data collected in this specific interaction context. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20If%20you%20wish,spend%20reading%20the%20Materials. ### privacy data use — risk unknown > Tabnine uses various advertising practices in cooperation with third party services and products. We use certain data about you in order to improve our advertising practices and make the ads we deliver more effective, relevant and enjoyable, including by deploying interest-based advertising, as well as targeting and ad measurement and attribution systems. - Interpretation (disclaimed): This segment grants Tabnine permission to use data about users for advertising practices including interest-based advertising, targeting, and ad measurement in cooperation with third-party services, establishing a permitted use of personal data for commercial advertising purposes. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Tabnine%20uses%20various,measurement%20and%20attribution%20systems. ### privacy data use — risk unknown > Such data includes your computer advertising identifiers (e.g. IDFA or Advertising ID), to the extent available), data related to your connected Google, Microsoft or GitHub account (if any, such as your gender, region or country), and other demographic and interests-based information that we or our partners may have received from or about you. - Interpretation (disclaimed): This segment defines the categories of data used for advertising purposes (advertising identifiers, connected account data such as gender/region/country, demographic and interest-based information from Tabnine or partners), specifying the data types involved in advertising practices. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Such%20data%20includes,from%20or%20about%20you. ### privacy data use — risk unknown > The ads we or our partners deliver may be shown within our Platform and Website or through other channels, such as third party websites and applications. If you wish to prevent the use of your computer’s advertising ID or other identifiers for interest-based advertising, you may change your computer settings to reset such advertising ID or opt out of such advertising (typically, this is available under the "Privacy"or "Ads"section in your Device settings). - Interpretation (disclaimed): This segment describes where ads may be delivered (Platform, Website, third-party channels) and grants users the right to opt out of interest-based advertising by resetting advertising IDs through device settings, establishing a user opt-out right. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20The%20ads%20we,in%20your%20Device%20settings). ### privacy data use — risk unknown > Please note that if you reset your advertising ID or opt out of interest based advertising, you may still see advertisements on our Platform and Website, or on any other channels, but those ads will not be targeted based on the above mentioned identifiers. - Interpretation (disclaimed): This segment disclaims that opting out of interest-based advertising does not eliminate all advertisements, only targeted ones; it limits the effect of the user's opt-out right so Tabnine is not obligated to cease all advertising. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Please%20note%20that,the%20above%20mentioned%20identifiers. ### privacy data use — risk unknown > If you wish to register to our newsletter and be provided with information on the Services and special promotions, we will collect your email address and will send you the required materials. - Interpretation (disclaimed): This segment defines the data collected for newsletter subscription (email address) and the purpose for which it is collected (sending service information and promotional materials), establishing the scope of this specific data collection use. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20If%20you%20wish,you%20the%20required%20materials. ### privacy data use — risk unknown > We will collect your Personal Information when you wish to apply to a job at Tabnine. Such information includes your full name, phone number, email address, resume, LinkedIn profile URL and other related information. - Interpretation (disclaimed): Imposes an obligation on Tabnine to collect specific categories of personal information (name, phone, email, resume, LinkedIn URL) when a user applies for a job, defining the scope of data collection in the recruitment context. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20We%20will%20collect,and%20other%20related%20information. ### privacy data use — risk unknown > Request a Demo: - Interpretation (disclaimed): Labels and introduces the 'Request a Demo' data collection scenario, serving as a section header that defines the context for the data collection practices described in segment 42. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Request%20a%20Demo%3A ### privacy data use — risk unknown > If you wish to request a demo via the Website, we will collect your full name, email address, company name, job title, and the content you submitted to provide you with a relevant demo to use our Services. - Interpretation (disclaimed): Imposes an obligation on Tabnine to collect specific personal data categories (name, email, company, job title, submitted content) when a user requests a demo, defining the lawful basis and purpose of that collection. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20If%20you%20wish,to%20use%20our%20Services. ### privacy data use — risk unknown > We use Personal Information we collect from you for a range of different business purposes according to different legal bases of processing. We may use or process your Personal Information for the following purposes. One or more purposes may apply simultaneously. - Interpretation (disclaimed): States that Tabnine uses and processes personal information for a range of business purposes according to different legal bases, establishing the general framework for lawful processing and notifying users that multiple purposes may apply simultaneously. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=We%20use%20Personal%20Information,purposes%20may%20apply%20simultaneously. ### privacy data use — risk unknown > We collect Personal Information listed in Sections a-j above, to provide you with the Services you contracted to receive. - Interpretation (disclaimed): Establishes an obligation to collect personal information (as enumerated in Sections a–j) specifically for the purpose of providing contracted services, defining the scope of permissible data use. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20We%20collect%20Personal,you%20contracted%20to%20receive. ### privacy data use — risk unknown > Such collection of information will enable us to provide you with technical and professional assistance, with regard to the Services you use or intend to use. - Interpretation (disclaimed): States that the collected information will be used to provide technical and professional assistance related to services, confirming the lawful purpose and obligating Tabnine to use data for service delivery. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Such%20collection%20of,or%20intend%20to%20use. ### privacy data use — risk unknown > We process the Personal Information where it is necessary for the adequate performance of the contract regarding the provision of the Platform and requested Services. - Interpretation (disclaimed): Identifies contractual necessity as the legal basis for processing personal information in connection with platform provision and requested services, establishing the legal justification for processing. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20We%20process%20the,Platform%20and%20requested%20Services. ### privacy data use — risk unknown > We collect Personal Information for ongoing review and improvement of the information provided on our Website and Platform to ensure it is user friendly. - Interpretation (disclaimed): Permits Tabnine to collect personal information for ongoing review and improvement of website and platform content to ensure user-friendliness, establishing a legitimate interest basis for this processing activity. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20We%20collect%20Personal,it%20is%20user%20friendly. ### privacy data use — risk unknown > We collect Personal Information to improve the management and administration of our business and maintain compliancy with our internal policies and procedures. - Interpretation (disclaimed): Permits Tabnine to collect personal information to improve business management, administration, and internal policy compliance, establishing an additional lawful purpose for data processing. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20We%20collect%20Personal,internal%20policies%20and%20procedures. ### privacy data use — risk unknown > We conduct surveys and research, test features in development, and analyze the information we have to evaluate and improve our Services, develop new features, and conduct audits and troubleshooting activities. - Interpretation (disclaimed): Permits Tabnine to conduct surveys, research, feature testing, and data analysis to evaluate and improve services, develop new features, and conduct audits and troubleshooting — broad permission for internal data use. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20We%20conduct%20surveys,audits%20and%20troubleshooting%20activities. ### privacy data use — risk unknown > We process this information in light of our legitimate interest in improving the Services, to allow our users to have the best experience. - Interpretation (disclaimed): Identifies legitimate interest in service improvement as the legal basis for processing personal information under segments 50–53, satisfying GDPR Art. 6(1)(f) notification requirements. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20We%20process%20this,have%20the%20best%20experience. ### privacy data use — risk unknown > We collect the Personal Information listed under Sections g-h to provide you with our marketing materials. - Interpretation (disclaimed): Permits Tabnine to collect and use personal information (Sections g–h) to provide marketing materials to users, establishing marketing as a lawful processing purpose. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20We%20collect%20the,with%20our%20marketing%20materials. ### privacy data use — risk unknown > If you have used Tabnine’s Services in the past, we have a legitimate business interest for matching the data we collect with other data we had already collected. - Interpretation (disclaimed): Asserts a legitimate business interest in matching newly collected data with previously collected data for users of past services, establishing a legal basis for cross-referencing personal information datasets. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20If%20you%20have,we%20had%20already%20collected. ### privacy data use — risk unknown > This enables us to understand your needs and interests, optimize the content we send you and make it more suitable and relevant to your needs. - Interpretation (disclaimed): Permits Tabnine to use combined personal information to understand user needs and interests and to optimize communications, defining the purpose and scope of data use for personalization. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20This%20enables%20us,relevant%20to%20your%20needs. ### privacy data use — risk unknown > This also enables us to improve your experience on the Website and Platform by providing you with personalized content, recommendations, and features. - Interpretation (disclaimed): Permits Tabnine to use personal information to improve the user experience by providing personalized content, recommendations, and features on the website and platform. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20This%20also%20enables,content%2C%20recommendations%2C%20and%20features. ### privacy data use — risk unknown > We process this information in light of our legitimate interest to personalize your experience and customize our content - Interpretation (disclaimed): Identifies legitimate interest in personalization and content customization as the legal basis for the marketing and personalization processing described in segments 63–66. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=We%20process%20this%20information,and%20customize%20our%20content ### privacy data use — risk unknown > Object to the processing of your Personal Information for direct marketing purposes. - Interpretation (disclaimed): Grants data subjects the right to object to processing of their personal information for direct marketing purposes, creating a legal entitlement that restricts how the platform may use personal data. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Object%20to%20the,for%20direct%20marketing%20purposes. ### privacy data use — risk unknown > Object to the processing of your Personal Information where our legal basis for that processing is that such processing is necessary for our legitimate interests. - Interpretation (disclaimed): Grants data subjects the right to object to processing where the legal basis is legitimate interests, establishing a user right that can override or restrict the platform's data processing activities. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Object%20to%20the,for%20our%20legitimate%20interests. ### privacy data use — risk unknown > Object to an automated decision-making (including profiling) in certain circumstances. - Interpretation (disclaimed): Grants data subjects the right to object to automated decision-making including profiling in certain circumstances, limiting the platform's ability to make automated decisions without recourse. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Object%20to%20an,profiling)%20in%20certain%20circumstances. ### privacy data use — risk unknown > Receive your Personal Information, or ask us to transfer it to another organization that you have provided to us, which we process by automated means, where our processing is either based on your consent or is necessary for the performance of a contract with you. - Interpretation (disclaimed): Grants data subjects the right to data portability — to receive or transfer their personal information processed by automated means under consent or contract — establishing a user entitlement over their data. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Receive%20your%20Personal,a%20contract%20with%20you. ### privacy data use — risk unknown > If you wish to file a request regarding any of the above, you may contact us at: support@tabnine.com. Generally, with regard to Personal Information that with respect to which Tabnine is considered a "Data Controller" please contact us if you wish to exercise the above-mentioned rights, and we will make our best efforts to fulfill your request. - Interpretation (disclaimed): Establishes the procedure for data subjects to exercise their rights by contacting support@tabnine.com, specifying that Tabnine as Data Controller will make best efforts to fulfill requests. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=If%20you%20wish%20to,to%20fulfill%20your%20request. ### privacy data use — risk unknown > You can be rest assured that we do not sell your Personal Information. - Interpretation (disclaimed): Asserts that Tabnine does not sell personal information, disclaiming any sale activity and effectively representing that the opt-out right under California Privacy Laws is not currently exercisable because no sale occurs. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20You%20can%20be,sell%20your%20Personal%20Information. ### privacy data use — risk unknown > This section is designated for California residents and is provided under the California Consumer Privacy Act, as amended by the California Privacy Rights Act of 2020 ("California Privacy Laws"). It explains your privacy rights, provides "notice at collection" and provides certain mandated disclosures about how we handle your Personal Information. This section uses certain terms that have the meanings given to them by the California Privacy Laws, unless otherwise specified. Please note that some of the disclosure obligations required under the California Privacy Laws are satisfied within other sections of this Privacy Policy. The California Privacy Laws permit some users to request to exercise certain rights. If these rights are applicable to you, you are afforded with the following rights: - Interpretation (disclaimed): Incorporates the California Consumer Privacy Act as amended by the California Privacy Rights Act of 2020 as the governing framework for this section, defines applicable terms by reference to California Privacy Laws, and establishes that other sections of the document satisfy some CCPA disclosure obligations. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=This%20section%20is%20designated,with%20the%20following%20rights%3A ### privacy data use — risk unknown > Right of access: - Interpretation (disclaimed): Section header defining and introducing the scope of the California right of access as a distinct legal right under California Privacy Laws. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Right%20of%20access%3A ### privacy data use — risk unknown > You can request Tabnine for certain information about our practices with respect to your Personal Information. In particular, you can request to receive information on the following: - Interpretation (disclaimed): Establishes the data subject's right to request information about Tabnine's personal information practices under California Privacy Laws, granting an access entitlement. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20You%20can%20request,information%20on%20the%20following%3A ### privacy data use — risk unknown > The categories and specific pieces of your Personal Information that we have collected. - Interpretation (disclaimed): Specifies a component of the California right of access, entitling the data subject to receive the categories and specific pieces of personal information collected about them. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20The%20categories%20and,that%20we%20have%20collected. ### privacy data use — risk unknown > The categories of sources from which we collected your Personal Information. - Interpretation (disclaimed): Specifies a component of the California right of access, entitling the data subject to receive information about the categories of sources from which their personal information was collected. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20The%20categories%20of,collected%20your%20Personal%20Information. ### privacy data use — risk unknown > The business or commercial purposes for which we collected your Personal Information. - Interpretation (disclaimed): Specifies a component of the California right of access, entitling the data subject to receive disclosure of the business or commercial purposes for which their personal information was collected. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20The%20business%20or,collected%20your%20Personal%20Information. ### privacy data use — risk unknown > Right to Opt Out of Sale of your Personal Information: - Interpretation (disclaimed): Section header introducing and defining the California right to opt out of the sale of personal information as a distinct legal right under California Privacy Laws. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Right%20to%20Opt,of%20your%20Personal%20Information%3A ### privacy data use — risk unknown > Right to Limit Use and Disclosure of Sensitive Personal Information: - Interpretation (disclaimed): Section header introducing and defining the California right to limit use and disclosure of sensitive personal information as a distinct legal entitlement under California Privacy Laws. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Right%20to%20Limit,of%20Sensitive%20Personal%20Information%3A ### privacy data use — risk unknown > We do not share sensitive Personal Information for cross-context behavioral advertising and we do not sell sensitive Personal Information. - Interpretation (disclaimed): Asserts that Tabnine does not share sensitive personal information for cross-context behavioral advertising and does not sell sensitive personal information, disclaiming practices that would trigger the limitation right. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20We%20do%20not,sell%20sensitive%20Personal%20Information. ### privacy data use — risk unknown > Exercising your California Law Rights : - Interpretation (disclaimed): Section header introducing the procedures and conditions governing the exercise of California Privacy Law rights, scoping the following procedural provisions. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Exercising%20your%20California%20Law%20Rights%20%3A ### privacy data use — risk unknown > Please note that we will be required to verify your identity and request before an action is taken to exercise your rights. As a part of this process, government identification may be required. Moreover, you may designate an authorized agent to make a request on your behalf. We make our best efforts to respond to a verifiable consumer request within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. Any disclosures we provide, will only cover the 12 months period preceding your verifiable request’s receipt. If, for some reason, we cannot reply within such time frame, our response will include an explanation for our inability to comply. If you wish to exercise your California Privacy Laws rights, please contact us at: . - Interpretation (disclaimed): Establishes the procedure for exercising California Privacy Law rights, including identity verification requirements, the possibility of authorized agents, a 45-day response window extendable to 90 days with notice, and a 12-month lookback period for disclosures. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Please%20note%20that,contact%20us%20at%3A%20. ### privacy data use — risk unknown > Right of No Retaliation Following Opt-Out or Exercise of your Rights: - Interpretation (disclaimed): Section header introducing the non-retaliation right following opt-out or exercise of California Privacy Law rights. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Right%20of%20No,Exercise%20of%20your%20Rights%3A ### privacy data use — risk unknown > If you choose to exercise your rights, we will not charge you different prices or provide different quality of our Services, unless those differences are related to your provision of your Personal Information. We will not discriminate against you for exercising any of your rights and unless permitted by the California Privacy Laws, we will not: - Interpretation (disclaimed): Obligates Tabnine not to discriminate against users who exercise their California Privacy Law rights, prohibiting differential pricing or service quality except where tied to the provision of personal information, and incorporating the non-discrimination requirements of California Privacy Laws. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20If%20you%20choose,Laws%2C%20we%20will%20not%3A ### privacy data use — risk unknown > Deny you goods or services. - Interpretation (disclaimed): Restricts Tabnine from denying goods or services to users as retaliation for exercising their California Privacy Law rights. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Deny%20you%20goods%20or%20services. ### privacy data use — risk unknown > Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties. - Interpretation (disclaimed): Restricts Tabnine from charging different prices or rates, including through discounts or penalties, as retaliation for users exercising their California Privacy Law rights. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Charge%20you%20different,benefits%2C%20or%20imposing%20penalties. ### privacy data use — risk unknown > Provide you with a different level or quality of goods or services. - Interpretation (disclaimed): Restricts Tabnine from providing a different level or quality of goods or services as retaliation for users exercising their California Privacy Law rights. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Provide%20you%20with,of%20goods%20or%20services. ### privacy data use — risk unknown > Suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services. - Interpretation (disclaimed): Restricts Tabnine from suggesting that users may receive differential pricing, rates, or service quality as a consequence of exercising their California Privacy Law rights. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Suggest%20that%20you,of%20goods%20or%20services. ### privacy data use — risk unknown > We may use "cookies" and/or other technologies or files (collectively, " cookies ") to identify how visitors make use of this Website and Platform. This aggregated tracking information may be used to help us improve and enhance the Website and Platform experience for all of our visitors. In addition, cookies are used for adjusting the Website and Platform to your personal preferences. Cookies contain information such as the pages you visited, the length of time you stayed on the Website and Platform, the location from which you accessed the Website and Platform and more. If you would prefer not to have cookies stored on your computer, you may modify your browser settings to reject most cookies, or manually remove cookies that have been placed on your computer. However, by rejecting the cookies, you may be unable to fully access the offerings on this Website and Platform. To find out more about cookies, visit https://www.allaboutcookies.org/ or Tabnine's Cookie Policy. - Interpretation (disclaimed): Grants Tabnine the permission to use cookies and similar technologies to identify visitor usage patterns, improve the platform experience, and personalize website settings, while disclosing the types of information collected through cookies. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=We%20may%20use%20%22cookies%22,Tabnine's%20Cookie%20Policy.%20 ### privacy data use — risk unknown > You are always in control of your data, and if you choose to receive information from us, or others, you can change your mind later. If, at any time, you would like to stop receiving such information or opt out of a feature, you may notify us by writing to . You should be aware, however, that it is not always possible to completely remove or modify information in our databases and servers, although we will always make reasonable efforts to do so upon your request. - Interpretation (disclaimed): Grants data subjects the right to opt out of communications and data features, while also disclosing a limitation that complete removal from databases may not always be possible, though reasonable efforts will be made upon request. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=You%20are%20always%20in,so%20upon%20your%20request. ### privacy data use — risk unknown > We deploy industry standard measures to ensure the security, confidentiality, integrity and availability of the Personal Information we process. We maintain physical, technical and administrative safeguards, and test and update these periodically. We endeavor to restrict access to Personal Information on a ’need to know’basis for the provision of Website, Platform and Services to you. No such measures are perfect or impenetrable. In the event of a security breach, we will take all reasonable action to minimize any harm. Although we will do our best to protect Personal Information, we cannot guarantee the security of data transmitted to us and transmission is at the users own risk. - Interpretation (disclaimed): Imposes an obligation on Tabnine to deploy industry-standard security measures, maintain physical, technical, and administrative safeguards, restrict access on a need-to-know basis, and take reasonable action to minimize harm in the event of a breach, while disclaiming a guarantee of perfect protection. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=We%20deploy%20industry%20standard,the%20users%20own%20risk. ### privacy data use — risk unknown > The Services not intended for children under the age of 16. We do not, knowingly or intentionally, collect information about children who are under 16 years of age. - Interpretation (disclaimed): Restricts the use of the services to individuals aged 16 and over, and states that Tabnine does not knowingly collect personal information from children under 16, limiting the scope of permissible data collection. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=The%20Services%20not%20intended,16%20years%20of%20age. ### privacy data use — risk unknown > IF YOU ARE UNDER THE AGE OF 16 YOU MAY NOT USE THE SERVICE, UNLESS PARENTAL CONSENT IS PROVIDED ACCORDINGLY. - Interpretation (disclaimed): Prohibits children under 16 from using the service unless parental consent is provided, creating an enforceable age-based access restriction. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20IF%20YOU%20ARE,IS%20PROVIDED%20ACCORDINGLY.%20 ### privacy data use — risk unknown > We reserve the right to revise, amend, or modify this Privacy Policy at any time. When changing the policy, we will update this posting accordingly. Please review this Privacy Policy often so that you will remain updated regarding our current policies. - Interpretation (disclaimed): Reserves Tabnine's right to revise, amend, or modify the Privacy Policy at any time and requires posting updates, establishing unilateral modification authority and placing an informal notice obligation on the company. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=We%20reserve%20the%20right,regarding%20our%20current%20policies. ### privacy data use — risk unknown > Welcome! We’re glad you’re here and want you to know that we respect your privacy and your right to control how we collect, use, and share your personal data. - Interpretation (disclaimed): This segment states Tabnine's commitment to respecting user privacy and the user's right to control collection, use, and sharing of personal data, establishing a baseline obligation regarding data handling practices. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Welcome!%20We%E2%80%99re%20glad,share%20your%20personal%20data. ### privacy data use — risk unknown > In order to register to our Services, you may be asked, if and as applicable, to sign-in using your relevant authentication provider service. During the process of creating an account in order to access the Services (" Account "), you may be required to select a password or to allow us to access your Account information from an authentication service (the "Login Information"). The following rules govern the security of your Account and Login Information. For the purposes of these Terms, references to Account and Login Information shall include any account and account information, including user names, passwords or security questions, whether or not created for the purpose of using the Services, that are used to access the Services (for example, account information for a social network service account from which the Services are accessed): - Interpretation (disclaimed): This segment defines 'Account,' 'Login Information,' and describes the account creation process including authentication provider access, establishing definitions used throughout the account security provisions. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=In%20order%20to%20register,the%20Services%20are%20accessed)%3A ### privacy data use — risk unknown > Any personal information you provide to us when creating or updating your Account or when we access your Account information from a social network service, which may include your name, e-mail address, profile picture and any such other information, will be held and used in accordance with Tabnine′s Privacy Policy available at " Privacy Policy " which constitutes an integral part of these Terms. You agree that you will supply accurate and complete information to us, and that you will update that information promptly after it changes. You represent and warrant that you have full right and authority to provide Tabnine with the foregoing information, including, without limitation, any third party′s consent (to the extent required under any applicable law). - Interpretation (disclaimed): This segment specifies what personal information is collected during account creation, incorporates the Privacy Policy as an integral part of the Terms by reference, requires users to provide accurate information, and obligates users to ensure they have authority to provide any third-party information submitted. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=Any%20personal%20information%20you,under%20any%20applicable%20law). ### privacy data use — risk unknown > It is your responsibility to ensure your computer or mobile device meets all the necessary technical specifications to enable you to access and use the Services. Tabnine does not provide you with the equipment to access and/or use our Services. You are responsible for all fees charged by third parties related to your access and use of the Services (e.g., charges by Internet service providers or air time charges). - Interpretation (disclaimed): This segment repeats the user's responsibility to ensure technical compatibility, disclaims Tabnine's obligation to provide access equipment, and assigns user responsibility for third-party access fees, functioning as a reinforcement of user obligations in the data protection context. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=It%20is%20your%20responsibility,or%20air%20time%20charges). ### privacy data use — risk unknown > Attempt to obtain passwords or other private information from other members including personally identifiable information (whether in text, image or video form), identification documents, or financial information; - Interpretation (disclaimed): This clause restricts users from attempting to obtain passwords, personally identifiable information, identification documents, or financial information from other users, protecting member privacy data. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Attempt%20to%20obtain,documents%2C%20or%20financial%20information%3B ### privacy data use — risk unknown > Upload or transmit (or attempt to upload or to transmit), without Tabnine′s express consent, any material that acts as a passive or active information collection or transmission mechanism, including, without limitation, clear graphics interchange formats ("gifs"), 1x1 pixels, web bugs, cookies or other similar devices (sometimes referred to as "spyware", "passive collection mechanisms" or "pcms"); - Interpretation (disclaimed): This clause restricts users from uploading or transmitting passive or active data collection mechanisms such as spyware, tracking pixels, or cookies without Tabnine's express consent, limiting unauthorized privacy data collection. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Upload%20or%20transmit,collection%20mechanisms%22%20or%20%22pcms%22)%3B ### data retention — risk unknown > Request the erasure of your Personal Information in certain circumstances, such as where processing is no longer necessary for the purpose it was originally collected for, and there is no compelling reason for us to continue to process or store it; - Interpretation (disclaimed): Grants data subjects the right to request erasure of personal information when processing is no longer necessary, directly restricting data retention practices and obligating deletion under specified conditions. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Request%20the%20erasure,process%20or%20store%20it%3B ### data retention — risk unknown > Generally, Tabnine does not retain information longer than necessary to provide its Services and for its reasonable business and lawful needs. If you withdraw your consent to us processing your Personal Information, we will erase your Personal Information from our systems, unless the Personal Information is required for Tabnine to establish, exercise or defend against legal claims or it is necessary for the performance of the requested Services. - Interpretation (disclaimed): Establishes Tabnine's obligation not to retain personal information longer than necessary for its services and business needs, and to erase personal information upon withdrawal of consent, subject to exceptions for legal claims or service performance requirements. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=Generally%2C%20Tabnine%20does%20not,of%20the%20requested%20Services. ### data retention — risk unknown > You are solely responsible to preserve the originals of any content you provide and/or upload to the Services. Tabnine does not guarantee that any content will always be available through the Services. Do not rely upon the Services as a storage space for such content. - Interpretation (disclaimed): This clause disclaims any obligation on Tabnine to preserve or guarantee availability of user-uploaded content, placing sole responsibility for content preservation on the user and explicitly warning against reliance on the Services as storage. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=You%20are%20solely%20responsible,space%20for%20such%20content. ### subprocessors data sharing — risk unknown > We reasonably attempt to ensure that we never intentionally disclose any of your Personal Information, to any third party without having received your permission, except as provided for herein and in this Privacy Policy or otherwise as permitted or required under law. In order to perform our contractual and other legal responsibilities or purposes, we may, from time to time, need to share your Personal Information with third parties. We may as well share your Personal Information with our affiliates, subsidiaries (such as Tabnine inc.) or any third party service providers and individuals to facilitate our Services or any portion thereof, such as marketing, data management or maintenance services. We share your Personal Information with third party payment processors who assure that your payment information is processed in accordance with the highest data security standard. We may also share your information with analytics service providers for analytics services. Such analytics service providers set their own cookies or other identifiers on your computer, through which they can collect information about your usage of our Platform and Website. This helps us compile aggregated statistics about the effectiveness of our Platform, Website and Services. The above mentioned third parties may be located in countries other than your own, and we may send them information we receive. When such third party service providers process your Personal Information on our behalf, we will assure that they comply with obligations similar to those which are set forth in this Privacy Policy. - Interpretation (disclaimed): Restricts Tabnine from intentionally disclosing personal information to third parties without permission, while carving out exceptions for contractual, legal, and policy-permitted disclosures — including sharing with affiliates, subsidiaries, and third-party service providers for facilitation purposes. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=We%20reasonably%20attempt%20to,this%20Privacy%20Policy.%20 ### subprocessors data sharing — risk unknown > We will also assure that they will abide by our data privacy and security requirements, and will be allowed to use the Personal Information solely for the purposes we set. We will transfer your Personal Information while using appropriate and suitable safeguards, while using a variety of legal mechanisms, including contracts, to ensure your rights and protections travel with your data. We may also transfer your information, including Personal Information, in connection with a corporate merger, consolidation, the sale of related assets or corporate division or other fundamental corporate changes. Furthermore, information about you may also be released in order to comply with any valid legal obligation or inquiry or process such as a search warrant, subpoena, statute or court order. We will also release specific information in special cases, such as if you use the Website and/or Services to perform an unlawful act or omission or take any act or omission that may damage Tabnine, its property and goodwill, or if there is an attempted breach of the security of the Website and/or Platform or a physical or property threat to you or others. The authority supervising such activities is the Israeli Privacy Protection Authority, and you have the right to file a complaint to it or any other relevant supervisory authority. - Interpretation (disclaimed): Obliges Tabnine to ensure that third-party recipients comply with data privacy and security requirements and limits their use of personal information to stated purposes; also establishes obligations to use appropriate safeguards and legal mechanisms (including contracts) for data transfers, and addresses personal data handling in corporate restructuring events. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=We%20will%20also%20assure,other%20relevant%20supervisory%20authority. ### subprocessors data sharing — risk unknown > Please note that certain data protection laws and regulations, such as the GDPR or the CCPA/CPRA (as defined below) typically distinguish between two main roles for parties processing Personal Information: the " Data Controller " (or under the CCPA/CPRA, " Business "), who determines the purposes and means of processing; and the " Data Processor "(or under the CCPA/CPRA, "Service Provider"), who processes the data on behalf of the Data Controller (or Business). Please see the below explanation where we elaborate on how these roles apply to our Services, to the extent that such laws and regulations apply. - Interpretation (disclaimed): Defines the legal roles of 'Data Controller,' 'Business,' 'Data Processor,' and 'Service Provider' under GDPR and CCPA/CPRA frameworks, establishing the definitional foundation for the role-based processing responsibilities applied to Tabnine's services. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=Please%20note%20that%20certain,laws%20and%20regulations%20apply. ### subprocessors data sharing — risk unknown > If you utilize the Services on your own behalf and for your own purposes, Tabnine is considered the "Data Controller"of your Personal Information and will process such Personal Information for the provision of the Website and Services to you. With respect to such Personal Information, we assume the responsibilities of the Data Controller (solely to the extent applicable under the law), as set forth in this Privacy Policy. In such instances, our service providers processing such data will assume the role of "Data Processors" - Interpretation (disclaimed): Establishes that when users utilize services for their own purposes, Tabnine assumes the role and legal responsibilities of Data Controller, with service providers acting as Data Processors — creating binding role-based obligations under applicable data protection law. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20If%20you%20utilize,role%20of%20%22Data%20Processors%22 ### subprocessors data sharing — risk unknown > If you utilize the Services on behalf of an organization you are associated with, as such organization is considered Tabnine’s Business Partner, Tabnine is considered the "Data Processor"of your Personal Information and processes the Personal Information on behalf of its Business Partner (who is the "Data Controller"of such Personal Information). Our service providers who process such user Personal Information on our behalf are the "Sub-processors"of such Personal Information. - Interpretation (disclaimed): Establishes that when users act on behalf of a Business Partner organization, Tabnine assumes the role of Data Processor acting on behalf of the Business Partner as Data Controller, and designates Tabnine's service providers as Sub-processors — defining accountability and data flow obligations. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20If%20you%20utilize,%22Sub-processors%22of%20such%20Personal%20Information. ### subprocessors data sharing — risk unknown > For the avoidance of doubt, and as mentioned above, each Business Partner is solely responsible for providing adequate notice to the its authorized Platform users whose Personal Information may be processed by Tabnine for the provision of the Services. This includes, to the extent required, sufficient reference to the processing of their Personal Information via the Platform, and any other information necessary to comply with all applicable privacy and data protection laws and obtaining all approvals and consents from individuals as required under the applicable laws. - Interpretation (disclaimed): Imposes sole responsibility on Business Partners to provide adequate privacy notice to authorized platform users, obtain required consents, and comply with applicable data protection laws regarding Tabnine's processing of user personal information on their behalf. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=For%20the%20avoidance%20of,under%20the%20applicable%20laws. ### subprocessors data sharing — risk unknown > If we are a Data Processor with respect to your Personal Information, we will notify the relevant Business Partner about your request and make our best efforts to enable them to allow you to exercise your rights. - Interpretation (disclaimed): Describes the procedure Tabnine follows as a Data Processor when receiving data subject rights requests, obligating it to notify the relevant Business Partner and enable the exercise of those rights. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=If%20we%20are%20a,to%20exercise%20your%20rights. ### subprocessors data sharing — risk unknown > The categories of third parties with which we shared your Personal Information. - Interpretation (disclaimed): Specifies a component of the California right of access, entitling the data subject to receive disclosure of the categories of third parties with whom their personal information was shared. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20The%20categories%20of,shared%20your%20Personal%20Information. ### subprocessors data sharing — risk unknown > Monitor third-party email marketing services for compliance, if one is used. - Interpretation (disclaimed): Obligates Tabnine to monitor third-party email marketing service providers for CAN-SPAM compliance when such services are used, establishing an oversight duty over subprocessors involved in email marketing. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Monitor%20third-party%20email,if%20one%20is%20used. ### subprocessors data sharing — risk unknown > "Third-Party Model" means a machine learning model developed, provided, or offered by a third party. - Interpretation (disclaimed): This clause defines 'Third-Party Model' as a machine learning model developed, provided, or offered by a third party, establishing the scope of what constitutes third-party involvement relevant to data sharing and subprocessor obligations. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20%22Third-Party%20Model%22%20means,by%20a%20third%20party. ### subprocessors data sharing — risk unknown > "Third-Party Supplier" means the supplier and licensor of a Third-Party Model. - Interpretation (disclaimed): This segment defines 'Third-Party Supplier' as the supplier and licensor of a Third-Party Model, identifying the third-party entity whose terms and conditions govern use of the model. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20%22Third-Party%20Supplier%22%20means,of%20a%20Third-Party%20Model. ### subprocessors data sharing — risk unknown > "Third-Party Terms and Conditions" means the license and terms of use terms provided by a Third-Party Supplier and applicable to the use of a Third-Party Model. - Interpretation (disclaimed): This clause defines 'Third-Party Terms and Conditions' as the license and terms of use provided by a Third-Party Supplier applicable to a Third-Party Model, establishing the legal instrument that governs customer interaction with third-party models. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20%22Third-Party%20Terms%20and,of%20a%20Third-Party%20Model. ### subprocessors data sharing — risk unknown > Third-Party Terms and Conditions apply to Customer's use of Third-Party Models and may include provisions related to software license terms, intellectual property rights, privacy rights, data security, and other material provisions related to Customer's interaction with the Third-Party Supplier and Third-Party Models. Customer is responsible for reviewing Third-Party Terms and Conditions to determine if they are acceptable to Customer. Third-Party Terms and Conditions are subject to change without notice and Tabnine bears no responsibility for monitoring or notifying Customer of any changes. - Interpretation (disclaimed): This clause obligates the Customer to review and comply with Third-Party Terms and Conditions, which may cover IP rights, privacy, and data security, while disclaiming Tabnine's responsibility for monitoring or notifying customers of changes to such terms. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=Third-Party%20Terms%20and%20Conditions,Customer%20of%20any%20changes. ### audit rights dpa residency — risk unknown > You have the right at any time to request to access or modify your information. To exercise these options, please contact us at support@tabnine.com. - Interpretation (disclaimed): Grants users the right to request access to or modification of their personal information at any time, and specifies the procedure for exercising that right via a support email address. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=You%20have%20the%20right,us%20at%20support%40tabnine.com.%20 ### audit rights dpa residency — risk unknown > In some jurisdictions, in particular those located within the European Union (the " EU ") or within the European Economic Area (the " EEA "), you may be afforded specific rights regarding your Personal Information. Subject to such eligibility, you may have the following rights to: - Interpretation (disclaimed): Establishes that individuals in jurisdictions including the EU and EEA are afforded specific data subject rights regarding their personal information, subject to eligibility under applicable law. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=In%20some%20jurisdictions%2C%20in,the%20following%20rights%20to%3A ### audit rights dpa residency — risk unknown > Request a rectification of your Personal Information where the information we hold about you is incorrect or incomplete. - Interpretation (disclaimed): Grants eligible data subjects the right to request rectification of inaccurate or incomplete personal information held by Tabnine, consistent with GDPR Article 16 and similar data protection frameworks. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Request%20a%20rectification,is%20incorrect%20or%20incomplete. ### audit rights dpa residency — risk unknown > We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact for the following regions: - Interpretation (disclaimed): Identifies Prighter Group and its local partners as Tabnine's appointed privacy representative for specified regions, establishing the procedural mechanism for data subjects to exercise their rights and defining the representative's role under applicable data protection law. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=We%20value%20your%20privacy,for%20the%20following%20regions%3A ### audit rights dpa residency — risk unknown > Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative, Prighter or make use of your data subject rights, please visit the following website: https://prighter.com/q/12401264210 - Interpretation (disclaimed): Describes the procedure by which data subjects may exercise privacy rights (e.g., access or erasure) through Tabnine's appointed representative Prighter, including the specific URL for submitting requests, thereby operationalizing the data subject rights mechanism. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=Prighter%20gives%20you%20an,following%20website%3A%20https%3A%2F%2Fprighter.com%2Fq%2F12401264210%20 ### indemnity liability — risk unknown > We note that as part of the development of the Services, Tabnine uses certain "Free and Open Source Software" or "FOSS." In that respect Tabnine represents that its use of such FOSS is in compliance with the license terms thereof (however Tabnine makes no other representations and/or warranties in connection with such FOSS. - Interpretation (disclaimed): This segment represents that Tabnine uses FOSS in compliance with applicable license terms but makes no other warranties or representations about FOSS, limiting Tabnine's liability regarding open-source software incorporated into the Services. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=We%20note%20that%20as,connection%20with%20such%20FOSS. ### indemnity liability — risk unknown > It is your responsibility to ensure your computer or mobile device meets all the necessary technical specifications to enable you to access and use the Services. Tabnine does not provide you with the equipment to access and/or use our Services. You are responsible for all fees charged by third parties related to your access and use of the Services (e.g., charges by Internet service providers or air time charges). - Interpretation (disclaimed): This segment places responsibility on the user to ensure technical compatibility of their devices, disclaims Tabnine's obligation to provide access equipment, and makes the user responsible for all third-party fees incurred in connection with use of the Services. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=It%20is%20your%20responsibility,or%20air%20time%20charges). ### indemnity liability — risk unknown > If you were charged by Tabnine for any Services, you may file a request for a refund with Tabnine at any time in the event that such Services provided to you do not function properly and/or are not as described in the Tabnine website. In such case, Tabnine may, at its sole discretion, refund you and/or credit your Account. - Interpretation (disclaimed): This clause grants users the right to request a refund when Services malfunction or are not as described, while giving Tabnine sole discretion over whether to grant a refund or account credit, limiting the user's enforceable remedy. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20If%20you%20were,credit%20your%20Account.%20 ### indemnity liability — risk unknown > Suggested code; - Interpretation (disclaimed): This segment specifies that Tabnine makes no warranty or representation regarding Suggested Code, identifying a specific category of output as excluded from any warranty coverage. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Suggested%20code%3B ### indemnity liability — risk unknown > You agree that your use of the Services shall be at your sole risk. To the fullest extent permitted by law (but without derogating from Tabnine′s representation in respect of its use of FOSS as provided under Section 2 above), Tabnine, its officers, directors, employees, and agents disclaim all warranties, explicit or implied, in connection with the Services and your use thereof including implied warranties of merchantability, title, fitness for a particular purpose or non-infringement, usefulness, authority, accuracy, completeness, and timeliness. Tabnine makes no warranties or representations about the accuracy or completeness of the content of the Services, of the content of any sites linked to the Services, of any Third-Party Materials (as defined below) and assumes no liability or responsibility for any: - Interpretation (disclaimed): This clause disclaims all express and implied warranties (merchantability, fitness, accuracy, etc.) to the fullest extent permitted by law, limiting Tabnine's legal exposure for service quality and performance. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=You%20agree%20that%20your,or%20responsibility%20for%20any%3A ### indemnity liability — risk unknown > Errors, mistakes, inaccuracies, non-suitability or non-conformity of any content, including, without limitation, any Suggested Code; - Interpretation (disclaimed): This clause disclaims any warranty regarding errors, mistakes, inaccuracies, non-suitability, or non-conformity of content including Suggested Code, limiting Tabnine's responsibility for output quality. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Errors%2C%20mistakes%2C%20inaccuracies%2C,limitation%2C%20any%20Suggested%20Code%3B ### indemnity liability — risk unknown > Direct, indirect, special, incidental, punitive or consequential damages including without derogating personal injury, property damages and/or monetary damages, of any nature whatsoever, arising out of the use of or the inability to use the Services; - Interpretation (disclaimed): This segment disclaims liability for direct, indirect, special, incidental, punitive, or consequential damages arising from use or inability to use the Services, limiting the scope of recoverable damages. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Direct%2C%20indirect%2C%20special%2C,to%20use%20the%20Services%3B ### indemnity liability — risk unknown > Any unauthorized access to or use of Third-Party Materials, secure servers and/or any and all personal information and/or financial information stored therein; - Interpretation (disclaimed): This clause disclaims any warranty or liability for unauthorized access to third-party materials, secure servers, or personal and financial information stored therein, limiting Tabnine's responsibility for security breaches. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Any%20unauthorized%20access,financial%20information%20stored%20therein%3B ### indemnity liability — risk unknown > Any interruption or cessation of transmission to or from the Services; - Interpretation (disclaimed): This segment disclaims liability for any interruption or cessation of transmission to or from the Services, limiting Tabnine's responsibility for service availability. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Any%20interruption%20or,or%20from%20the%20Services%3B ### indemnity liability — risk unknown > Any bugs, viruses, Trojan horses, or the like which may be transmitted to or through the Services by any third party; or - Interpretation (disclaimed): This clause disclaims liability for bugs, viruses, Trojan horses, or similar malicious software transmitted through the Services by third parties, limiting Tabnine's responsibility for third-party-introduced security threats. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Any%20bugs%2C%20viruses%2C,any%20third%20party%3B%20or ### indemnity liability — risk unknown > Any errors or omissions in any content or for any loss or damage of any kind incurred as a result of the use of any content posted, e-mailed, transmitted, or otherwise made available via the Services, including, without limitation, any Suggested Code. - Interpretation (disclaimed): This segment disclaims liability for errors, omissions, or any loss or damage resulting from use of content available via the Services including Suggested Code, limiting Tabnine's responsibility for content-related harms. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Any%20errors%20or,limitation%2C%20any%20Suggested%20Code. ### indemnity liability — risk unknown > Without derogating from the abovementioned, in no event will Tabnine, its directors, officers, agents, contractors, partners, consultants and/or employees, be liable to you or any third person for any special, direct, indirect, incidental, special, punitive, or consequential damages whatsoever including any lost profits or lost data arising from your use of the Services or other materials on, accessed through or downloaded from the Services, whether based on warranty, contract, tort, or any other legal theory, and whether or not Tabnine has been advised of the possibility of these damages. The foregoing limitation of liability shall apply to the fullest extent permitted by law in the applicable jurisdiction. You specifically acknowledge that Tabnine shall not be liable for any user submissions and/or defamatory, offensive and/or illegal conduct by any third party, and that the risk of harm or damage from and/or associated with the foregoing rests entirely with you. - Interpretation (disclaimed): This clause limits Tabnine's liability by precluding any recovery for special, direct, indirect, incidental, punitive, or consequential damages including lost profits or lost data arising from use of the Services under any legal theory, regardless of notice of potential damages. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=Without%20derogating%20from%20the,rests%20entirely%20with%20you. ### indemnity liability — risk unknown > You agree to indemnify and hold Tabnine, and each of its directors, officers, agents, contractors, partners and employees, harmless from and against any loss, liability, claim, demand, damages, costs and expenses, including reasonable attorney′s fees, arising out of or in connection with any of the following: - Interpretation (disclaimed): This clause imposes an obligation on the user to indemnify and hold harmless Tabnine, its directors, officers, agents, contractors, partners, and employees from losses, liabilities, claims, demands, damages, costs, and expenses including attorney's fees arising from specified user conduct. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=You%20agree%20to%20indemnify,any%20of%20the%20following%3A ### indemnity liability — risk unknown > Your use of and access to the Services, including, without limitation, any Suggested Code; - Interpretation (disclaimed): This segment specifies that the indemnity obligation covers losses arising from the user's use of and access to the Services including Suggested Code, defining a trigger condition for the indemnity obligation. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Your%20use%20of,limitation%2C%20any%20Suggested%20Code%3B ### indemnity liability — risk unknown > Your violation of any term of these Terms; - Interpretation (disclaimed): This clause extends the indemnity obligation to cover losses arising from the user's violation of any term of the Terms of Service, creating a contractual enforcement mechanism. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Your%20violation%20of,term%20of%20these%20Terms%3B ### indemnity liability — risk unknown > Your violation of any third-party right, including without limitation any copyright, property, or privacy right;or - Interpretation (disclaimed): This segment extends the indemnity obligation to cover losses arising from the user's violation of any third-party right including copyright, property, or privacy rights, protecting Tabnine from third-party infringement claims caused by users. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Your%20violation%20of,property%2C%20or%20privacy%20right%3Bor ### indemnity liability — risk unknown > Any claim that any user submission made by you has caused damage to a third party; - Interpretation (disclaimed): This clause extends the indemnity obligation to cover claims that any user submission has caused damage to a third party, making the user responsible for third-party harm caused by their submitted content. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Any%20claim%20that,to%20a%20third%20party%3B ### indemnity liability — risk unknown > You may be able to access, review, display or use third-party services, resources, content, data, information, software code (including, without limitation, any Suggested Code) and/or links to other websites or resources ("Third-Party Materials") via the Services. You acknowledge sole responsibility for and assume any and all risks arising from your access to, use of or reliance upon any such Third-Party Materials, and Tabnine disclaims any liability that you may incur arising from your access to, use of or reliance upon such Third-Party Materials through the Services. You acknowledge and agree that Tabnine: (i) is not responsible for the availability, accuracy integrity, quality or lawfulness of such Third-Party Materials or the products or services on or available from such Third-Party Materials; (ii) has no liability to you or any third party for any harm, injuries or losses suffered as a result of your access to or use of such Third-Party Materials; and (iii) does not make any promises to remove Third-Party Materials from being accessed through the Services. Your ability to access or link to Third-Party Materials or third-party services does not imply any endorsement by Tabnine of Third-Party Materials or any such third-party services. - Interpretation (disclaimed): This clause acknowledges the user's sole responsibility for and assumption of all risks from accessing third-party materials via the Services, and disclaims any liability Tabnine may have for the user's reliance on such materials. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=You%20may%20be%20able,any%20such%20third-party%20services. ### indemnity liability — risk unknown > Tabnine disclaims all liability arising from Customer’s use of Third-Party Models. Any and all indemnity obligations of Tabnine, including any indemnity obligations related to infringement of intellectual property rights set forth in the Agreement, do not apply to allegations arising from Third-Party Models, including but not limited to allegations related to any code or suggestions generated through use of the Products. - Interpretation (disclaimed): This clause disclaims all of Tabnine's liability arising from Customer's use of Third-Party Models and explicitly carves out all indemnity obligations — including IP infringement indemnities established elsewhere in the Agreement — when allegations arise from use of Third-Party Models or suggestions generated thereby. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Tabnine%20disclaims%20all,of%20the%20Products.%20 ### indemnity liability — risk unknown > The following applies to use of Tabnine Products with Third-Party models: to the maximum extent permitted by applicable law, Tabnine Products are provided "as is", with all faults and without warranty of any kind, and Tabnine and its licensors (collectively referred to as "Tabnine" for purposes of this addendum) hereby disclaim all warranties and conditions with respect to the Tabnine Products, either express, implied, or statutory, including, but not limited to, the implied warranties of merchantability, of satisfactory quality, of fitness for a particular purpose, of accuracy, of quiet enjoyment, and non-infringement of third-party rights. Tabnine does not warrant against interference with your enjoyment of the Tabnine Products, that the functions contained in the Tabnine Products will meet customer's requirements, that the operation of the Tabnine Products will be uninterrupted or error-free, or that defects in the Tabnine Products will be corrected. - Interpretation (disclaimed): This clause disclaims all express, implied, and statutory warranties (including merchantability, fitness for purpose, accuracy) for Tabnine Products used with Third-Party models to the maximum extent permitted by law, eliminating warranty-based liability for Tabnine and its licensors. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=The%20following%20applies%20to,Products%20will%20be%20corrected. ### indemnity liability — risk unknown > Customer assumes all risks of using third-party models. Tabnine does not assume any liability of any kind for any input, output, suggestions, or code, made or generated using third-party models. Customer agrees to look solely to agreements customer may have with third-party suppliers of third-party models to resolve any disputes relating to customer's use of such third-party models. - Interpretation (disclaimed): This clause limits Tabnine's liability to zero for any input, output, suggestions, or code generated using third-party models, places all risk of use on the customer, and directs the customer to seek recourse solely from third-party model suppliers rather than Tabnine, constituting a liability exclusion and dispute resolution restriction. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=Customer%20assumes%20all%20risks,of%20such%20third-party%20models. ### confidentiality — risk unknown > This Website and Platform may provide links to other websites. Please be aware that these other websites are not covered by our Privacy Policy. This Privacy Policy does not cover the information practices exercised by other providers of products or services, advertisers or other websites, companies or individuals, which are not owned or controlled by Tabnine. We suggest that when linking to another website, you always read that website’s privacy policy before volunteering any personally identifiable information - Interpretation (disclaimed): Disclaims that Tabnine's Privacy Policy does not cover third-party websites linked from the platform, thereby limiting Tabnine's responsibility for the information practices of those external sites and advising users to review third-party privacy policies before submitting personal information. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=This%20Website%20and%20Platform,any%20personally%20identifiable%20information ### confidentiality — risk unknown > You are solely responsible for maintaining the confidentiality of the Login Information, and you will be responsible for all uses of your Login Information, including purchases, whether or not authorized by you; - Interpretation (disclaimed): This segment places sole responsibility on the user for maintaining Login Information confidentiality and makes the user liable for all uses of their Login Information including unauthorized purchases, establishing accountability for credential security. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20You%20are%20solely,not%20authorized%20by%20you%3B ### confidentiality — risk unknown > You shall not share your Account or Login Information, nor let anyone else access your Account or do anything else that might jeopardize the security of your Account. - Interpretation (disclaimed): This segment restricts users from sharing their Account or Login Information with others and prohibits any action that would jeopardize account security, establishing a confidentiality obligation for user credentials. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20You%20shall%20not,security%20of%20your%20Account. ### confidentiality — risk unknown > In the event you become aware of or reasonably suspect any breach of security, including, without limitation, any loss, theft, or unauthorized disclosure of your Login Information or unauthorized access to your Account, you must immediately notify Tabnine and modify your Login Information; - Interpretation (disclaimed): This segment imposes an obligation on users to immediately notify Tabnine of any security breach, loss, theft, or unauthorized disclosure of Login Information or account access, establishing a breach notification procedure. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20In%20the%20event,modify%20your%20Login%20Information%3B ### governing law disputes — risk unknown > This Privacy Policy will be governed and interpreted pursuant to the laws of the State of Israel without giving effect to its choice of law rules. You expressly agree that the exclusive jurisdiction for any claim or action arising out of or relating to this Privacy Policy shall be submitted to the competent courts in Tel Aviv, Israel, to the exclusion of any other jurisdiction. - Interpretation (disclaimed): Specifies that the Privacy Policy is governed by Israeli law, and requires users to submit any claims exclusively to the competent courts in Tel Aviv, Israel, establishing choice-of-law and exclusive jurisdiction provisions binding on both parties. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=This%20Privacy%20Policy%20will,of%20any%20other%20jurisdiction. ### governing law disputes — risk unknown > These Terms of Use (" Terms " or " Terms of Use ") you are reading are a legally binding agreement between Tabnine Ltd.(" Tabnine ", " we " or " us ") and yourself (" you "). By downloading and installing product offered by Tabnine, including the Tabnine product, and/or by clicking on the "I Agree" or such similar button provided by Tabnine prior to accessing any of Tabnine′s (i) services and/or (ii) website and/or (iii) any application which runs on your device and suggests Suggested Codes (as defined below), and/or (iv) additional components to code development environment provided by Tabnine (collectively, the " Services ) you agree that you have read, understood, accept and agree to be bound by these Terms. If you do not agree to these Terms, do not use the Services. Please note that the term "you" also includes the company or other entity/organization that is our customer and on whose behalf (as applicable) you are accepting these Terms. - Interpretation (disclaimed): This segment defines key parties ('Tabnine,' 'we,' 'us,' 'you'), defines 'Suggested Codes,' and establishes the legally binding nature of the agreement upon download, installation, or clicking 'I Agree,' constituting the foundational formation clause of the contract. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=These%20Terms%20of%20Use,are%20accepting%20these%20Terms. ### governing law disputes — risk unknown > Tabnine reserves the right, in its sole discretion, to revise or modify these Terms at any time, and you agree to be bound by such revisions or modifications. Users are responsible for viewing these Terms periodically. Your continued use of the Services after a change or modification of these Terms has been made will constitute your acceptance of the revised Terms. If you do not agree to the Terms, your only remedy is to discontinue your use of the Services and to cancel any Account(s) (as defined below) you have created for use of the Services. - Interpretation (disclaimed): This segment grants Tabnine the right to revise the Terms at any time in its sole discretion, imposes an obligation on users to periodically review the Terms, and establishes that continued use constitutes acceptance of revisions; it also specifies that the sole remedy for disagreement is to discontinue use and cancel accounts. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=Tabnine%20reserves%20the%20right%2C,use%20of%20the%20Services. ### governing law disputes — risk unknown > By using or visiting the Services, you agree that the laws of the State of Israel, without regard to principles of conflict of laws and regardless of your location, will govern these Terms and any dispute of any sort that might arise between you and Tabnine. Any claim or dispute between you and Tabnine that arises in whole or in part from your use of the Services shall be decided exclusively by a court of competent jurisdiction located in Tel-Aviv, Israel, to the exclusion of any other courts, and you hereby consent to, and waive all defenses of lack of personal jurisdiction and forum non-convenient with respect to venue and jurisdiction in the courts of Tel-Aviv, Israel. Tabnine reserves the right to amend these Terms at any time and without notice, and it is your responsibility to review these Terms regularly for any changes. Your use of the Services following any amendment of these Terms will signify your assent to and acceptance of its revised terms. YOU AND TABNINE AGREE THAT ANY CAUSE OF ACTION ARISING OUT OF OR RELATED TO THE SERVICES MUST COMMENCE WITHIN ONE (1) YEAR AFTER THE CAUSE OF ACTION ACCRUES. OTHERWISE, SUCH CAUSE OF ACTION IS PERMANENTLY BARRED. - Interpretation (disclaimed): This clause establishes Israeli law as the governing law, designates Tel Aviv courts as the exclusive venue for disputes, and requires the user to consent to personal jurisdiction and waive forum non conveniens defenses, creating binding procedural and substantive obligations. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=By%20using%20or%20visiting,ACTION%20IS%20PERMANENTLY%20BARRED. ### moderation enforcement — risk unknown > We may use your information to detect and prevent fraud, abuse and security incidents in the following ways: - Interpretation (disclaimed): Permits Tabnine to use personal information to detect and prevent fraud, abuse, and security incidents, establishing a lawful purpose for processing data in a security context. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20We%20may%20use,in%20the%20following%20ways%3A ### moderation enforcement — risk unknown > Verify and authenticate your identity and prevent unauthorized or illegal activity; - Interpretation (disclaimed): Permits Tabnine to use personal information to verify and authenticate user identity and prevent unauthorized or illegal activity, establishing a specific security-related processing permission. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Verify%20and%20authenticate,unauthorized%20or%20illegal%20activity%3B ### moderation enforcement — risk unknown > Enhance the safety and security of our Platform and Website; - Interpretation (disclaimed): Permits Tabnine to use personal information to enhance the safety and security of its platform and website, establishing a security-related lawful purpose for data processing. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Enhance%20the%20safety,our%20Platform%20and%20Website%3B ### moderation enforcement — risk unknown > Conduct security investigations and risk assessments; - Interpretation (disclaimed): Permits Tabnine to use personal information to conduct security investigations and risk assessments, establishing a specific enforcement-related data processing permission. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Conduct%20security%20investigations%20and%20risk%20assessments%3B ### moderation enforcement — risk unknown > Prevent or take action against activities that are, or may be, in breach of our terms of service or applicable law. - Interpretation (disclaimed): Permits Tabnine to use personal information to prevent or take action against activities breaching terms of service or applicable law, granting an enforcement right tied to platform moderation. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Prevent%20or%20take,service%20or%20applicable%20law. ### moderation enforcement — risk unknown > We process this information in light of our legitimate interest in improving our Services and enabling our users to browse in a secure environment. - Interpretation (disclaimed): Identifies legitimate interest in service improvement and user security as the legal basis for the security-related processing described in segments 56–60, fulfilling the transparency obligation under applicable data protection law. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20We%20process%20this,in%20a%20secure%20environment. ### moderation enforcement — risk unknown > The CAN-SPAM Act is a Federal US law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out strict penalties for violations. - Interpretation (disclaimed): Incorporates the CAN-SPAM Act as the governing federal law framework for Tabnine's commercial email practices, defining its requirements and identifying recipient rights and penalties under that statute. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=The%20CAN-SPAM%20Act%20is,strict%20penalties%20for%20violations. ### moderation enforcement — risk unknown > To be in accordance with CAN-SPAM, Tabnine agrees to the following: - Interpretation (disclaimed): Introduces Tabnine's commitment to comply with CAN-SPAM Act requirements, framing the following list items as binding obligations accepted by Tabnine. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=To%20be%20in%20accordance,agrees%20to%20the%20following%3A ### moderation enforcement — risk unknown > Not use false or misleading subjects or email addresses. - Interpretation (disclaimed): Obligates Tabnine not to use false or misleading subjects or email addresses in commercial messages, implementing a CAN-SPAM Act compliance requirement. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Not%20use%20false,subjects%20or%20email%20addresses. ### moderation enforcement — risk unknown > Identify the commercial message sent to you as an advertisement when required. - Interpretation (disclaimed): Obligates Tabnine to identify commercial messages as advertisements when required by law, implementing a CAN-SPAM Act disclosure obligation. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Identify%20the%20commercial,an%20advertisement%20when%20required. ### moderation enforcement — risk unknown > Include the physical address of our business or site headquarters. - Interpretation (disclaimed): Obligates Tabnine to include its physical business or headquarters address in commercial email messages as required by the CAN-SPAM Act. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Include%20the%20physical,business%20or%20site%20headquarters. ### moderation enforcement — risk unknown > Honor opt-out/unsubscribe requests quickly. - Interpretation (disclaimed): Obligates Tabnine to promptly honor opt-out and unsubscribe requests from email recipients, implementing a CAN-SPAM Act compliance requirement. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Honor%20opt-out%2Funsubscribe%20requests%20quickly. ### moderation enforcement — risk unknown > Allow users to unsubscribe by using the link at the bottom of each email. - Interpretation (disclaimed): Grants users the right to unsubscribe from commercial emails via a link at the bottom of each email, implementing the CAN-SPAM Act's opt-out mechanism requirement. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=%20Allow%20users%20to,bottom%20of%20each%20email. ### moderation enforcement — risk unknown > If at any time you would like to unsubscribe from receiving future emails, you can email us at and we will promptly remove you from ALL correspondence. - Interpretation (disclaimed): Establishes the procedure for users to unsubscribe from all correspondence by emailing Tabnine, and obligates Tabnine to promptly remove the user from all correspondence upon such request. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/privacy-policy/ - Snapshot SHA-256: `42a53301dd3017e79891f5b82451ac5b94df1b151f78825c832bb97a49997c1b` - Wayback: — - Deep link: https://www.tabnine.com/privacy-policy/#:~:text=If%20at%20any%20time,you%20from%20ALL%20correspondence. ### moderation enforcement — risk unknown > If you violate the Terms, Tabnine reserves the right to issue you a warning regarding the violation or to immediately terminate or suspend all or part of the Accounts you have created for using the Services. You agree that Tabnine does not need to provide you notice before terminating or suspending your Account(s), but it may provide such notice in its sole discretion. - Interpretation (disclaimed): This segment grants Tabnine the right to issue warnings, terminate, or suspend user accounts upon violation of the Terms without prior notice, establishing an enforcement remedy mechanism for Tabnine against violating users. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=If%20you%20violate%20the,in%20its%20sole%20discretion. ### moderation enforcement — risk unknown > Create an Account with or access the Services if you are barred from receiving the Services under the provisions of these Terms or any applicable law; - Interpretation (disclaimed): This clause restricts users who are legally barred from receiving the Services from creating an account or accessing the Services, enforcing eligibility compliance obligations. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Create%20an%20Account,or%20any%20applicable%20law%3B ### moderation enforcement — risk unknown > You agree that Tabnine may change any part of the Services, including its content, at any time or discontinue the Services or any part thereof, for any reason, without notice to you and without liability. You declare that by acceptance of these Terms and/or by using the Services you are of legal age to form a binding contract with Tabnine or under the strict and continuous supervision of a parent or any other qualified legal guardian, and in any case, at least 18 years of age. You may not use the Services and may not accept these Terms if you are a person barred from receiving the Services under the laws of the country in which you are resident or from which you use the Services. - Interpretation (disclaimed): This segment restricts use of the Services to persons of legal age (at least 18) or those under qualified supervision, gives Tabnine the right to change or discontinue the Services without notice or liability, and bars use by persons legally prohibited from receiving the Services. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=You%20agree%20that%20Tabnine,you%20use%20the%20Services. ### moderation enforcement — risk unknown > You are responsible for anything that happens through your Account, whether or not such actions were taken by you, including, for the avoidance of doubt, actions taken by third parties. You therefore acknowledge that your Account may be terminated if someone else uses it to engage in any activity that violates these Terms or is otherwise improper or illegal; - Interpretation (disclaimed): This segment holds users responsible for all actions taken through their Account regardless of authorization, and acknowledges that Accounts may be terminated if used by third parties to violate the Terms, establishing broad user accountability and an enforcement mechanism. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20You%20are%20responsible,otherwise%20improper%20or%20illegal%3B ### moderation enforcement — risk unknown > You undertake to monitor your Account and restrict use by any individual barred from accepting these Terms and/or receiving the Services, under the provisions listed herein or any applicable law. You shall accept full responsibility for any unauthorized use of the Services by any of the above mentioned; - Interpretation (disclaimed): This segment requires users to monitor their Accounts and restrict access by persons barred from using the Services under the Terms or applicable law, and imposes full responsibility on users for unauthorized use by such persons. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20You%20undertake%20to,of%20the%20above%20mentioned%3B ### moderation enforcement — risk unknown > Tabnine reserves the right to remove or reclaim any usernames at any time and for any reason, including but not limited to claims by a third party that a username violates such third party′s rights. - Interpretation (disclaimed): This segment grants Tabnine the right to remove or reclaim usernames at any time and for any reason including third-party rights claims, establishing a broad enforcement right over user-selected identifiers. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Tabnine%20reserves%20the,such%20third%20party%E2%80%B2s%20rights. ### moderation enforcement — risk unknown > You undertake that you shall not defraud, or attempt to defraud, Tabnine or other users, and that you shall not act in bad faith in your use of the Services. If Tabnine determines that you have acted in bad faith and/or in violation of these Terms, or if Tabnine determines that your actions fall outside of reasonable community standards, Tabnine may, at its sole discretion, terminate your Account and prohibit you from using the Services. You agree that your use of the Services shall be lawful and that you will comply with the usage rules. In furtherance of the foregoing, and as an example and not as a limitation, you agree that you shall not: - Interpretation (disclaimed): This clause restricts users from defrauding or acting in bad faith toward Tabnine or other users, and grants Tabnine sole discretion to terminate accounts and prohibit use where violations or conduct outside community standards are determined. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=You%20undertake%20that%20you,that%20you%20shall%20not%3A ### moderation enforcement — risk unknown > Tabnine may refuse access to the Services or may terminate your Account without notice for any reason, including, but not limited to, a suspected violation of these Terms, illegal or improper use of your Account, or illegal or improper use of the Services, products, or Tabnine′s intellectual property as determined by Tabnine in its sole discretion. You may lose your user name as a result of Account termination, without responsibility on the part of Tabnine for any damage that may result from the foregoing. If you have more than one Account, Tabnine may terminate all of your Accounts. - Interpretation (disclaimed): This clause grants Tabnine the right to refuse access or terminate user accounts without notice at its sole discretion for violations, illegal use, or improper use of intellectual property, and to terminate all accounts held by a single user, with no liability for resulting damages. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=Tabnine%20may%20refuse%20access,all%20of%20your%20Accounts. ### moderation enforcement — risk unknown > In addition to the foregoing, Tabnine may selectively remove, revoke or garnishee Benefits associated with your Account. "Benefits" mean licensed rights granted, awarded, gifted, provided to and/or purchased by you to access and/or use online or offline elements or features of the Services, and include but are not limited to customer content, digital and/or virtual assets. If your Account, or a particular subscription for a Service associated with your Account, is terminated, suspended and/or if any Benefits are selectively removed, revoked or garnisheed from your Account, no refund will be granted, no Benefits will be credited to you or converted to cash or other forms of reimbursement, and you will have no further access to your Account or Benefits associated with your Account or such particular Service. - Interpretation (disclaimed): This clause restricts users from receiving refunds upon account termination, suspension, or removal of Benefits, and defines 'Benefits' as licensed rights including content and digital assets, establishing that such enforcement actions carry no financial remedy for the user. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=In%20addition%20to%20the,or%20such%20particular%20Service. ### moderation enforcement — risk unknown > You acknowledge that Tabnine is not required to provide you notice before suspending or terminating your Account or selectively removing, revoking or garnisheeing Benefits associated with your Account. In the event that Tabnine terminates your Account, you may not participate nor make use of the Services again without Tabnine′s express consent. Tabnine reserves the right to refuse to keep Accounts for, and provide access to the Services to any individual. You may not allow individuals whose Accounts have been terminated by us to use your Account. If you believe that any action has been taken against your Account in error, please contact us at: support@tabnine.com. - Interpretation (disclaimed): This clause imposes an acknowledgment obligation on users that no prior notice is required before account suspension or termination, prohibits re-registration without Tabnine's consent, reserves Tabnine's right to refuse service, and prohibits users from sharing accounts with terminated users. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=You%20acknowledge%20that%20Tabnine,us%20at%3A%20support%40tabnine.com.%20 ### moderation enforcement — risk unknown > The Services may provide communication channels such as forums, communities, or chat areas ("Communication Channels") designed to enable you to communicate with other users of the Services. Tabnine is under no obligation to monitor these communication channels but may do so, and reserves the right to review materials posted to the Communication Channels and to remove any materials, at any time, with or without notice for any reason, at its sole discretion. Tabnine may also terminate or suspend your access to any Communication Channels at any time, without notice, for any reason. You acknowledge that chats, postings, or materials posted by users on the Communication Channels are neither endorsed nor controlled by Tabnine, and these communications should not be considered reviewed or approved by Tabnine. You will be solely responsible for your activities within the Communication Channels and under no circumstances will Tabnine be liable for any activity within the Communication Channels. You agree that all your communications within the Communication Channels are public, and you have no expectation of privacy regarding your use of the Communication Channels. Tabnine is not responsible for information that you choose to share on the Communication Channels, or for the actions of other users. - Interpretation (disclaimed): This clause grants Tabnine the discretionary right to monitor, review, and remove materials from Communication Channels, and to terminate or suspend user access to those channels at any time without notice, while acknowledging no obligation to monitor. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=The%20Services%20may%20provide,actions%20of%20other%20users. ### moderation enforcement — risk unknown > You represent and warrant that you have full right and authority to use the Services and to be bound by these Terms. You agree that you will comply fully with these Terms and all applicable domestic and international laws, regulations, statutes, ordinances that govern your use of such Services. Without limiting the foregoing and in recognition of the global nature of the Internet, you agree to comply with all local and international rules regarding online conduct. You also agree to comply with all applicable laws affecting the transmission of content or the privacy of persons. - Interpretation (disclaimed): This clause imposes obligations on users to represent and warrant their authority to use the Services and to comply fully with the Terms and all applicable domestic and international laws, regulations, and statutes governing their use. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=You%20represent%20and%20warrant,the%20privacy%20of%20persons. ### moderation enforcement — risk unknown > Promote, host, display or implement the Services on any websites that: (i) contain indecent, obscene or pornographic material, hate speech, highly explosive subject matter (as determined by Tabnine at its sole discretion), defamatory, libelous, obscene, gambling related, discriminatory, deceptive, abusive spyware, adware, or other malicious programs or code, unsolicited mass distribution of email, or any illegal subject matter or activities or otherwise offensive content, or content addressed to individuals under the age of 18; (ii) incorporate any materials that infringe or assists others to infringe on any copyright, trademark or other intellectual property rights; (iii) are an incentive-based website, such as a lottery or sweepstakes site which rewards users for clicking on links; (iv) engage in activities that violate Tabnine′s Privacy Policy; (v) openly encourage users to click on banner ads or other sponsored links to support the site; or (vi) infringe any right of any third party or violate any applicable law or regulation; - Interpretation (disclaimed): This clause restricts users from promoting, hosting, or implementing the Services on websites containing prohibited content categories including adult content, hate speech, malicious code, infringing material, or content targeting minors. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Promote%2C%20host%2C%20display,applicable%20law%20or%20regulation%3B ### moderation enforcement — risk unknown > Upload, post, transmit or otherwise disseminate any material that is vulgar, indecent, obscene, pornographic, sexual or that is, in a reasonable person′s view, otherwise offensive or objectionable; - Interpretation (disclaimed): This clause restricts users from uploading, posting, transmitting, or disseminating material that is vulgar, obscene, pornographic, or otherwise offensive, imposing a conduct restriction on content shared through the Services. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Upload%2C%20post%2C%20transmit,otherwise%20offensive%20or%20objectionable%3B ### moderation enforcement — risk unknown > Libel, ridicule, defame, mock, stalk, intimidate, threaten, harass, or abuse anyone, hatefully, racially, ethnically or in any other manner; - Interpretation (disclaimed): This clause restricts users from engaging in harassment, defamation, stalking, intimidation, or hate-based abuse of any person through the Services. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Libel%2C%20ridicule%2C%20defame%2C,in%20any%20other%20manner%3B ### moderation enforcement — risk unknown > Upload or transmit (or attempt to upload or transmit) files that contain viruses, Trojan horses, worms, time bombs, cancelbots, corrupted files or data, or any other similar software or programs that may damage the operation of the Services or the computers of other users of the Services; - Interpretation (disclaimed): This clause restricts users from uploading or transmitting malicious files including viruses, trojans, worms, or other harmful software that could damage the Services or other users' systems. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Upload%20or%20transmit,users%20of%20the%20Services%3B ### moderation enforcement — risk unknown > Advertise, solicit or transmit any commercial advertisements, including chain letters, junk e-mail or repetitive messages (spim or spam) to anyone; - Interpretation (disclaimed): This clause restricts users from sending commercial advertisements, spam, chain letters, or repetitive messages to any person through the Services. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Advertise%2C%20solicit%20or,or%20spam)%20to%20anyone%3B ### moderation enforcement — risk unknown > Violate the contractual, personal, intellectual property or other rights of any party including by using, uploading, transmitting, distributing, or otherwise making available any information or material made available through the Services in any manner that infringes any copyright, trademark, patent, trade secret, or other right of any party (including rights of privacy or publicity); - Interpretation (disclaimed): This clause restricts users from violating intellectual property, privacy, or other rights of third parties when using, uploading, or distributing information through the Services, incorporating a broad IP and privacy compliance obligation. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Violate%20the%20contractual%2C,of%20privacy%20or%20publicity)%3B ### moderation enforcement — risk unknown > Create false personas, multiple identities, multiple user Accounts, set up an Account on behalf of someone other than yourself, use bots or other automated software programs to defraud or which otherwise violate these Terms and/or the terms of service of any third-party applications or social networks through which the Services is accessed; - Interpretation (disclaimed): This clause restricts users from creating false identities, multiple accounts, operating bots, or setting up accounts on behalf of others, preventing fraudulent or automated misuse of the Services. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Create%20false%20personas%2C,the%20Services%20is%20accessed%3B ### moderation enforcement — risk unknown > Improperly use support channels or complaint buttons to make false reports to Tabnine; - Interpretation (disclaimed): This clause restricts users from misusing support channels or complaint mechanisms to file false reports against Tabnine or other users, maintaining integrity of the enforcement and complaint process. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Improperly%20use%20support,false%20reports%20to%20Tabnine%3B ### moderation enforcement — risk unknown > Develop and distribute "auto" software programs, "macro" software programs or other "cheat utility" software programs or applications; - Interpretation (disclaimed): This clause restricts users from developing or distributing automated, macro, or cheat utility software programs in connection with the Services. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Develop%20and%20distribute,software%20programs%20or%20applications%3B ### moderation enforcement — risk unknown > Encourage any third party to: (i) directly or indirectly generate usage, queries, impressions, or clicks through any automated, deceptive, fraudulent or other invalid means; (ii) edit or modify any tag, or remove, obscure or minimize any tag in any way; or (iii) engage in any action or practice that reflects poorly on Tabnine or otherwise disparages or devalues Tabnine′s reputation or goodwill; - Interpretation (disclaimed): This clause restricts users from encouraging third parties to generate fraudulent usage metrics, tamper with tracking tags, or engage in conduct that disparages Tabnine's reputation or goodwill. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Encourage%20any%20third,Tabnine%E2%80%B2s%20reputation%20or%20goodwill%3B ### moderation enforcement — risk unknown > Engage in any fraudulent activity with respect to payment methods or advertiser tracking mechanisms; - Interpretation (disclaimed): This clause restricts users from engaging in fraudulent activity related to payment methods or advertiser tracking mechanisms, imposing a financial conduct obligation. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Engage%20in%20any,or%20advertiser%20tracking%20mechanisms%3B ### moderation enforcement — risk unknown > Violate any applicable laws or regulations, or encourage or promote any illegal activity including, but not limited to, copyright infringement, trademark infringement, defamation, invasion of privacy, identity theft, hacking, cracking or distribution of counterfeit software, or cheats or hacks for the Services; - Interpretation (disclaimed): This clause restricts users from violating applicable laws or promoting illegal activities including IP infringement, defamation, privacy invasion, identity theft, and software piracy. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Violate%20any%20applicable,hacks%20for%20the%20Services%3B ### moderation enforcement — risk unknown > Attempt to use the Services on or through any service that is not authorized by Tabnine. Any such use is at your own risk and may subject you to additional or different terms. Tabnine takes no responsibility for your use of the Services through any service that is not authorized by it; - Interpretation (disclaimed): This clause restricts users from using the Services through unauthorized platforms and disclaims Tabnine's responsibility for such unauthorized use, placing the risk and compliance burden on the user. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Attempt%20to%20use,not%20authorized%20by%20it%3B ### moderation enforcement — risk unknown > Attempt to interfere with, hack into or decipher any transmissions to or from the servers for the Services; - Interpretation (disclaimed): This clause restricts users from attempting to hack, interfere with, or decipher transmissions to or from the Services' servers, protecting platform security and integrity. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Attempt%20to%20interfere,servers%20for%20the%20Services%3B ### moderation enforcement — risk unknown > and/or Interfere with the ability of others to enjoy using the Services, including disruption, overburden or aid the disruption or overburdening of the Services′ servers, or take actions that interfere with or materially increase the cost to provide the Services for the enjoyment of all its users. - Interpretation (disclaimed): This clause restricts users from disrupting or overburdening the Services' servers or interfering with other users' enjoyment of the Services, including through actions that materially increase service delivery costs. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20and%2For%20Interfere%20with,of%20all%20its%20users. ### moderation enforcement — risk unknown > Without derogating from any of Tabnine′s rights and remedies under these Terms and/or under law, Tabnine will be entitled, at its sole discretion, to immediately discontinue the Services or any part thereof, including the termination of your Account, in the event of any alleged infringement, misappropriation or violation of any rights of any third parties in connection with the Third Party Materials. - Interpretation (disclaimed): This clause grants Tabnine the right to immediately discontinue Services or terminate an account at its sole discretion in the event of alleged infringement or violation of third-party rights in connection with Third-Party Materials, providing an enforcement remedy. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=Without%20derogating%20from%20any,the%20Third%20Party%20Materials. ### tier differences — risk unknown > Please note that since Tabnine acquired the Tabnine code prediction tool (the " TabNine Product "), in the event that you have commenced your use of the Tabnine Product prior to 30 August, 2020 (the " Cut-Off Date "), Tabnine will continue to provide you with the Tabnine Product and the following Term of Use shall NOT apply to you. In the event that you have commenced your use of the Tabnine Product following the Cut-Off Date, the following Term of Use shall APPLY to your use of the Tabnine product as well. - Interpretation (disclaimed): This segment creates a temporal exception for users who began using the Tabnine Product before the Cut-Off Date of August 30, 2020, specifying that the current Terms of Use do not apply to pre-acquisition users, thereby establishing different treatment based on when the user commenced use. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=Please%20note%20that%20since,Tabnine%20product%20as%20well. ### tier differences — risk unknown > Tabnine may offer its users access to certain Services through various subscription plans, of which some may be free of charge and some premium plans may be offered at different rates as shall be detailed on the Services from time to time. Access to these Services and use of selected features of these Services is subject to timely payment of applicable fees, if any. Tabnine reserves the right to terminate your use of the Services in case of any failure on your part to timely pay any fees due by you to Tabnine (if any). Tabnine may, at its sole discretion, add, remove or change the features and services it offers or the fees (including the amount or the type of fees) Tabnine charges at any time. You agree that you are responsible for checking the Tabnine website regularly to confirm whether there are any new fees and their effective date(s). Tabnine is not responsible for any charges or expenses you incur as a result from being billed by Tabnine in accordance with these Terms. All fees payable by you are exclusive of any applicable taxes and duties, including, without limitation, VAT and applicable sales tax. Fees are quoted and payable in United States dollars, and fees are based on Services purchased and not actual usage. - Interpretation (disclaimed): This segment describes subscription plan tiers (free and premium), conditions access to premium features on timely payment, reserves Tabnine's right to terminate service for non-payment, and grants Tabnine discretion to add, remove, or change features, establishing payment obligations and service tier differentiation. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=Tabnine%20may%20offer%20its,and%20not%20actual%20usage. ### tier differences — risk unknown > In case you′d like to stop using our Services, you may do so by writing to us at support@tabnine.com and as long as such notice was provided to us during the first 30 days of receipt of Services, you will get a full refund on your subscription, but if such termination of Services notice was made following such 30-day period, no refund shall be provided (the latter means that for monthly users a full month of subscription will be charged for the partial month during which you have notified us that you′d like to terminate the subscription and Services and for yearly users, we′ll terminate the subscription but without any refund and access to the Services shall be cancelled). - Interpretation (disclaimed): This clause establishes the procedural conditions for obtaining a full refund (within 30 days of service receipt) versus no refund (after 30 days), and specifies billing implications for monthly and yearly subscribers upon termination, creating tier-specific financial obligations. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=In%20case%20you%E2%80%B2d%20like,Services%20shall%20be%20cancelled). ### tier differences — risk unknown > Kindly note that except for an evaluation period, our free of charge subscription plan is not intended for commercial or business use. We therefore kindly ask you to use the paid subscription plan for a continuous commercial or business use of Tabnine. - Interpretation (disclaimed): This clause restricts the free subscription tier from commercial or business use beyond an evaluation period and directs continuous commercial users to the paid subscription plan, creating a tier-based use limitation. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20Kindly%20note%20that,business%20use%20of%20Tabnine. ### tier differences — risk unknown > The following addendum applies to use of third-party models as defined below: - Interpretation (disclaimed): This segment incorporates the Multi-Model Addendum by reference, specifying that it applies to use of third-party models as defined therein, and signals additional terms applicable to a specific product tier or feature. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20The%20following%20addendum,as%20defined%20below%3A%20 ### tier differences — risk unknown > By electing to use third-party models, including through API or model-switching functionality offered by Tabnine, you agree to be bound by the terms of this addendum. If you do not agree, do not access, install, or use the model-switching API or functionality of the software and do not use or attempt to use third-party models with Tabnine. The terms of this addendum shall form part of the agreement (the "agreement") that applies to your use of Tabnine products and services. If you are an individual acting on behalf of an entity, you warrant and represent that you have the authority to accept and enter into this addendum on behalf of that entity. - Interpretation (disclaimed): This clause conditions the use of third-party models and related API/model-switching functionality on acceptance of the addendum's terms, binds individuals acting on behalf of entities, and incorporates the addendum into the overarching agreement, creating a binding obligation upon election to use the feature. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20By%20electing%20to,of%20that%20entity.%20 ### tier differences — risk unknown > Tabnine's generative AI code engine software, software as a service offerings ( "SaaS Services" ), and related products and services (referred to collectively in this Addendum as the "Products" ) utilize Tabnine Pre-Trained Models to generate suggestions and suggested code snippets to assist developers in developing code. Subject to the terms and conditions of this Addendum, Customer may also use the Products in conjunction with Third-Party Models as defined below. Use of the Products with a Third-Party Model is subject to the terms and conditions of this Addendum and the terms and conditions published by the owner of the Third-Party Model at the time of use. - Interpretation (disclaimed): This clause defines the scope of Tabnine's Products within the addendum context, describes their function (generating code suggestions via Pre-Trained Models), and establishes the conditional permission for customers to use Products with Third-Party Models subject to the addendum's terms. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=Tabnine's%20generative%20AI%20code,the%20time%20of%20use. ### tier differences — risk unknown > "Customer" means the individual or entity that has entered into an Agreement with Tabnine for the use of Tabnine Products and includes any individual or entity that has been provided access to conduct an evaluation or trial of the Products. - Interpretation (disclaimed): This segment defines 'Customer' as the individual or entity that entered into an Agreement with Tabnine for use of its Products, including trial or evaluation users, establishing the scope of who is bound by the addendum. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20%22Customer%22%20means%20the,trial%20of%20the%20Products. ### tier differences — risk unknown > "Tabnine" means the Tabnine entity that is party to the Agreement and for purposes of this Addendum includes Tabnine, Ltd., Tabnine, Inc., and their respective affiliates. - Interpretation (disclaimed): This clause defines 'Tabnine' for purposes of the addendum to include Tabnine Ltd., Tabnine Inc., and their respective affiliates, establishing the scope of the obligated entity. - Tier: All - Location: text-fragment link only — source has no section structure - Source: https://www.tabnine.com/terms-of-use/ - Snapshot SHA-256: `ad220e61ee2a4edb4fbb6b337a8417b2f6a8405938ffc7c4532eadf5333ea45f` - Wayback: — - Deep link: https://www.tabnine.com/terms-of-use/#:~:text=%20%22Tabnine%22%20means%20the,and%20their%20respective%20affiliates.