本文档译自英文。 如果本文档的此版本与英文版本之间有任何冲突、不确定性或明显的不一致,以英文版为准。 如果您有改进我们翻译的建议,请在我们的网站政策仓库中开一个议题

此版本的 GitHub Enterprise 将停止服务 此版本的 GitHub Enterprise 已停止服务 2020-11-12. 即使针对重大安全问题,也不会发布补丁。 要获得更好的性能、改进的安全性和新功能,请升级到 GitHub Enterprise 的最新版本。 如需升级方面的帮助,请联系 GitHub Enterprise 支持

GitHub Insights and data protection for your organization

GitHub Insights analyzes your GitHub Enterprise Server data. This data could include personal data of individuals in your organization who may have the right to understand how such personal data is being used.

GitHub Insights 可用于 GitHub One。 更多信息请参阅“GitHub 的产品”。

本文内容

此文档对您有帮助吗?

帮助我们创建出色的文档!

所有 GitHub 文档都是开源的。看到错误或不清楚的内容了吗?提交拉取请求。

做出贡献

或, 了解如何参与。

For more information about the terms that govern GitHub Insights, see your GitHub One subscription agreement.

For the avoidance of doubt, none of the foregoing information should be considered legal advice provided by GitHub. You are responsible for securing your own legal analysis of the information provided herein and for your compliance with privacy and data protection laws. It is up to you whether to use GitHub Insights to process your employees’ and users’ data, and if you do so, you are solely responsible for conducting such processing in compliance with applicable law.

The organization’s roles and responsibilities

When using GitHub Insights, your organization is the data controller because your organization determines whether, how, and why GitHub Insights will process any individual’s personal data. Your organization is solely responsible for ensuring that you are complying with all applicable laws in processing data with GitHub Insights.

Data privacy recommendations

You have full control over which metrics, reports, repositories, and contributors to include before beginning use of GitHub Insights. The data you process with GitHub Insights can only be pulled from your installation of GitHub Enterprise Server. Consider balancing the risks versus the benefits of analyzing personal data.

  • Develop a clear analysis plan: You must understand clearly what you want to analyze and why, and then consider how GitHub Insights may help you find those answers.

  • Consider a data protection impact assessment: If your proposed use of GitHub Insights involves processing personal data, consider completing a data protection impact assessment or otherwise completing formal legal analysis of your planned use.

Decide what data to use

  • Decide which repositories to include: Before you start an analysis in GitHub Insights, consider which repositories to include. Administrators can include repositories when adding organizations and can enable and disable repositories at any time. For more information on adding organizations to GitHub Insights, see "Managing organizations." For more information on enabling and disabling repositories, see "Managing repositories."

  • Decide which metrics and reports to include: Administrators can enable and disable metrics and reports available for all users at any time. Administrators control the GitHub Insights data that users have access to in your installation of GitHub Enterprise Server. For more information, see "Managing available metrics and reports."

  • Decide which contributors to include: Administrators can disable a specific contributor’s data from being processed in the metrics and reports. For more information on managing contributor data, see "Managing contributors and teams."

User rights

Under various data protection regulations, such as the General Data Protection Regulation (GDPR), users may have the right to request exclusion from processing, access, and correction, or to request deletion of their personal data. As the data controller, your organization should evaluate whether a particular user request is valid and, if appropriate, take action to fulfill the request.

  • Exclusion of processing: Users may have the right to have their personal data excluded from being processed. Administrators have the ability to remove a contributor’s data from being processed in GitHub Insights, and the resulting reports and metrics will exclude the contributor’s data accordingly. For more information, see "Managing contributors and teams."

  • Access: Users may have the right to demand to see what personal data is being processed. Each metric and report has a detailed description of what personal data is being processed. For more information, see "Metrics available with GitHub Insights." Raw data is available through the GitHub Enterprise API. Your organization is responsible for any decisions to process personal data and for fulfilling any such requests.

  • Correction and deletion: Users may have the right to rectify or delete their personal data. The data used in GitHub Insights is derived from the existing data you add to or generate from your GitHub Enterprise Server installation. Correction and deletion should follow your organization's existing process to correct and delete data from GitHub Enterprise Server.

  • Transparency regarding processing: Each metric and report has a detailed description of what personal data is being processed. For more information, see "Metrics available with GitHub Insights."

此文档对您有帮助吗?

帮助我们创建出色的文档!

所有 GitHub 文档都是开源的。看到错误或不清楚的内容了吗?提交拉取请求。

做出贡献

或, 了解如何参与。