Assessment of the role of Github as a sub-contractor in accordance with the DSGVO #114259
Replies: 1 comment
-
there is a similar law in the Philippines, though it will be different in specifics but I tried to ask Copilot too, as it is familiar with it answer from Copilot : The General Data Protection Regulation (GDPR), known as DSGVO in German (Datenschutz-Grundverordnung), is a regulation in EU law on data protection and privacy. It aims to give control to individuals over their personal data and to simplify the regulatory environment for international business. If you're using GitHub as part of your services to a customer, and if you're storing or processing personal data of EU citizens on GitHub, then yes, you may need to list GitHub as a subprocessor in your data processing agreement with your customer. This is because under the GDPR, if you're using third-party services to process personal data, you're required to have a legal agreement in place with those services. However, the specifics can depend on many factors, such as the nature of the data, how it's being processed, and the specific agreements between you, your customer, and GitHub. It's always a good idea to consult with a legal professional or a data protection officer to ensure you're in compliance with all relevant regulations. Please note that GitHub has its own Privacy Statement and Data Protection Addendum that outline how it collects, uses, and protects user data. You should review these documents and make sure they align with your own data protection policies and those of your customer. |
Beta Was this translation helpful? Give feedback.
-
Hello everyone,
Unfortunately, I have not yet been able to find a thread in the forum on the topic of commissioned data processing in accordance with the General Data Protection Regulation (DSGVO).
In this particular case, I would like to know whether my IT company has to list Github as a subcontractor in a data processing agreement with my customer, as Github stores and processes my customer's personal data.
Ultimately, we only use repositories that contain personal data such as the customer's name and address.
But does Github have an assessment of its role in such constellations?
Thx in advance
Sascha
Beta Was this translation helpful? Give feedback.
All reactions