This document describes how we collect and use private information.
What information do we collect?
Account Information. When you create an account we may collect certain information that can be used to identify you, such as your name, email address and photograph ("Personally Identifiable Information" or "PII").
This information is used to create an identity for you on the Service.
Your email address is used to communicate with you, and to notify you of updates and changes to the Service. You can control what information you receive via email.
Third Party Account Information. If you choose to link your account to certain third-party accounts on services such as GitHub, Google or Facebook (each, a "Third-Party Account"), you may be prompted to grant us access to certain PII, such as your username and photo. We receive the information you agree to provide. We don't receive or store passwords for any of your Third-Party Accounts.
This information is used to authenticate your identity, and to simplify the account registration process by prefilling some of the fields.
Billing and Payment Information. If you register for our paid Service, you will be asked for your credit card or other payment information.
This information will be used only to process your payments for the Service.
Cookies. When you use our Service, we identify you by using "cookies," which are small text files that are saved and retransmitted by your browser.
Using cookies allows us to authenticate you, so you can log in and access information and services.
Access Logs. Our servers automatically record certain information about how visitors use our Service (we refer to this information as "Log Data"). Log Data includes information such as a user's Internet Protocol (IP) address, the account they were authenticated under, and the pages they visited.
We use this information to administer the Service and prevent abuse.
User Data. When you use our Service, you may submit or upload private or sensitive data, including documents, files, images, communication, encryption keys, passwords and source code.
We store this data to provide the Service, as many aspects of the Service relate to hosting, organizing, searching, retrieving and manipulating this data.
Who has access to information within Phacility?
You can find a report on internal access controls at L4 Phacility Data Use Policy.
What information do we share with third parties?
We will not share any PII that we have collected from you except as described below:
Payment Processing. To facilitate your payments for any paid Services, the credit card or other payment information you provide may be sent to our third-party payment processor, who is obligated not to use that information for any other purpose.
Acquisition or Bankruptcy. Information that we collect from our users, including PII, is considered to be a business asset. As a result, if we go out of business or enter bankruptcy or if we are acquired as a result of a transaction such as a merger, acquisition or asset sale, your PII may be disclosed or transferred to the third-party acquirer in connection with the transaction.
Information Disclosed for Our Protection and the Protection of Others. It is our policy to protect you from having your privacy violated through abuse of the legal systems, whether by individuals, entities or government, and to contest claims that we believe to be invalid under applicable law. However, it is also our policy to cooperate with government and law enforcement officials and private parties. Accordingly, we reserve the right to disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary: (i) to satisfy or comply with any applicable law, regulation or legal process or to respond to lawful requests, including subpoenas, warrants or court orders; (ii) to protect our property, rights and safety and the rights, property and safety of third parties or the public in general; and (iii) to prevent or stop activity we consider to be illegal or unethical.
Information We Disclose With Your Consent or at Your Request. We will share your PII with third-party sites or platforms if you have expressly requested that we do so.
The Security of Your Information
We take reasonable measures to protect the information that we collect from or about you (including your PII) from unauthorized access, use or disclosure. For example, users connect to our Service over SSL. Please be aware, however, that no method of transmitting information over the Internet or storing information is completely secure. Accordingly, we cannot guarantee the absolute security of any information.
Links to Other Sites
Modifying and Deleting Your Information
We will retain your data for as long as you use the Services. You can access and modify the PII associated with your account, or you may delete your PII and your account, by using the applicable profile updating workflows or account cancelation process provided on our Service. We'll take steps to delete your information as soon as is practicable, but some information may remain in archived/backup copies for our records or as otherwise required by law.
When you use a Phabricator instance within the Service, you may submit data to it (for example, by uploading documents or source code). When you submit data in this manner it is associated with the instance, not your personal account, and deleting your account does not delete this information.
This information can be deleted by deleting the instance, but you may not have the ability to do this unless you are also an instance administrator. In the most common case, the instance will be managed by your organization and they will have control over the documents and data you share within the organization.
Our Policy Toward Children
Our Service are not directed to children under 13 and we do not knowingly collect PII from children under 13. If we learn that we have collected PII of a child under 13 we will take steps to delete such information from our files as soon as possible.