Buildt Analytics LLC Privacy Policy

Last updated: 9 June 2020

Buildt Analytics LLC (“Buildt”, “we”, and “us”) provides services that help software software development teams aggregate and analyze their build data to identify and address inefficiencies quickly.

This Privacy Policy describes the types of Personal Data we collect through through Buildt and other related products, applications, communications, and services (“Services”) and via our online presence, which includes our main website at buildt.dev, as well as services and websites that we enable Internet users to access (collectively, our “Sites”). Personal Data is any information that relates to an identified or identifiable individual. This Privacy Policy does not apply to third-party websites, products, or services, even if they link to us, and you should consider the privacy practices of those third-parties carefully.

Overview

Buildt obtains Personal Data about you from various sources to provide our Services and to manage our Sites. “You” may be a visitor to one of our websites or a user of one or more of our Services (“User”). We only collect the information you choose to give us, and we process it with your consent, or on another legal basis; we only require the minimum amount of Personal Data that is necessary to fulfill the purpose of your interaction with us; we don't sell it to third parties; and we only use it as this Privacy Policy describes.

Personal Data We Collect

When you visit our website We collect basic information about all visitors to our website, including the visitor's browser type, device, operating system, and country.

When you sign in with your GitHub account In order to use Buildt, you will be asked to authorize Buildt to access information about your GitHub account using OAuth 2.0. If you grant us access, we collect your name, profile photo, username, and email address associated with your GitHub account. We will use a cookie to track your authentication state.

When you install our GitHub App In order to use Buildt, you will be asked to install the Buildt GitHub App to your GitHub organization. Installing the GitHub App grants us read-only API access to your GitHub members, build data, metadata, and source code. We collect the names, profile photos, and usernames of members of your GitHub organizations. We are required to request access to your source code in order to retrieve build information for certain services, such as GitHub Checks.

Unintentionally collected data We do not intentionally collect Personal Data that may be contained in your GitHub builds and source code commits. Personal Data in your GitHub repositories belongs to you, and you are responsible for it, including complying with any regulatory controls regarding that data.

How We Use Personal Data

We limit our use of your Personal Data to the purposes listed in this Privacy Policy. If we need to use your Personal Data for other purposes, we will ask your permission first.

  • We need your Personal Data to create your account and provide Services you request.
  • We use your email address to respond to your inquiries and provide customer support.
  • We use your name, username, and email address to identify you to other Users who are members of your organization.
  • We use your Personal Data for internal purposes, such as to maintain logs for security reasons, for training purposes, and for legal documentation.

Our legal basis for processing information Under certain international laws (including GDPR), Buildt is required to notify you about the legal basis on which we process Personal Data. Buildt processes Personal Data on the following legal bases:

  • When you set up a Buildt account, you authorize us to access your name, username, and email address associated with your GitHub account, as well as the names and usernames of other users in your GitHub organization. We require these data elements for you to enter into the Terms of Service agreement with us, and we process those elements on the basis of performing that contract. If you have a paid account with us, there will be other data elements we must collect and process on the basis of performing that contract. Buildt does not collect or process credit card numbers, but our third-party payment processor does.
  • Generally, the remainder of the processing of Personal Data we perform is necessary for the purposes of our legitimate interests. For example, for security purposes, we must keep logs of IP addresses that access Buildt, and in order to improve the performance and effectiveness of our product, we may analyze your usage.

How We Disclose Personal Data

Buildt does not sell or rent Personal Data to marketers or unaffiliated third parties. We share your Personal Data in specific cases as outlined below.

a. Service providers. We share User Personal Information with a limited number of third party service providers that provide services on our behalf, such as payment processing, server hosting, customer support ticketing, and other email delivery. These service providers may need to access Personal Data to perform their services. We authorize such service providers to use or disclose the Personal Data only as necessary to perform services on our behalf or comply with legal requirements. We require such service providers to contractually commit to protect the security and confidentiality of Personal Data they process on our behalf. While Buildt processes all Personal Data in the United States, our third party vendors may process data outside of the United States or the European Union. If you would like to know who our third party vendors are, please see our page on Subprocessors .

b. Our Users and third parties authorized by our Users. We share Personal Data with Users as necessary to maintain a User account and provide the Services. We share data with parties directly authorized by a User to receive Personal Data. The use of Personal Data by an authorized third party is subject to the third party's privacy policy.

c. Aggregated Statistics. We share certain aggregated, non-personally identifying information with others about how our users, collectively, use Buildt. For example, we may compile statistics on the number of builds analyzed across Buildt. However, we do not sell this information to advertisers or marketers.

d. Corporate transactions. We may share Personal Data if we are involved in a merger, sale, or acquisition. If any such change of ownership happens, we will ensure that it is under terms that preserve the confidentiality of Personal Data, and we will notify you on our website or by email before any transfer of your Personal Data. The organization receiving any Personal Data will have to honor any promises we have made in our Privacy Policy or in our Terms of Service.

e. Compliance and harm prevention. We share Personal Data as we believe necessary: (i) to comply with applicable law, or payment method rules; (ii) to enforce our contractual rights; (iii) to protect the rights, privacy, safety and property of Buildt, you or others; and (iv) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include authorities outside your country of residence.

Your Rights and Choices

You have choices regarding our use and disclosure of your Personal Data:

a. Opting out of receiving electronic communications from us. If you no longer want to receive marketing-related emails from us, you may opt-out via the unsubscribe link included in such emails. We will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out of receiving marketing-related emails from us, we may still send you important administrative messages that are required to provide you with our Services.

b. How you can see or change your account Personal Data. If you would like to review, correct, or update Personal Data that You have previously disclosed to us, you may do so by contacting us.

c. Your data protection rights. Depending on your location and subject to applicable law, you may have the following rights with regard to the Personal Data we control about you:

  • The right to request confirmation of whether Buildt processes Personal Data relating to you, and if so, to request a copy of that Personal Data;
  • The right to request that Buildt rectifies or updates your Personal Data that is inaccurate, incomplete or outdated;
  • The right to request that Buildt erase your Personal Data in certain circumstances provided by law;
  • The right to request that Buildt restrict the use of your Personal Data in certain circumstances, such as while Buildt considers another request that you have submitted (including a request that Buildt make an update to your Personal Data); and
  • The right to request that we export to another company, where technically feasible, your Personal Data that we hold in order to provide Services to you.

Where the processing of your Personal Data is based on your previously given consent, you have the right to withdraw your consent at any time. You may also have the right to object to the processing of your Personal Data on grounds relating to your particular situation.

d. Process for exercising data protection rights. In order to exercise your data protection rights, you may contact Buildt as described in the Contact Us section below. We take each request seriously. We will comply with your request to the extent required by applicable law. We will not be able to respond to a request if we no longer hold your Personal Data. If you feel that you have not received a satisfactory response from us, you may consult with the data protection authority in your country.

For your protection, we may need to verify your identity before responding to your request, such as verifying that the email address from which you send the request matches your email address that we have on file. If we no longer need to process Personal Data about you in order to provide our Services or our Sites, we will not maintain, acquire or process additional information in order to identify you for the purpose of responding to your request.

Security and Retention

We make reasonable efforts to ensure a level of security appropriate to the risk associated with the processing of Personal Data. We maintain organizational, technical and administrative measures designed to protect Personal Data within our organization against unauthorized access, destruction, loss, alteration or misuse.

Our security measures include:

  • Written incident response and data breach notification processes;
  • Encrypting Data at rest using AES-256, block-level storage encryption;
  • Transmitting Data using HTTPS and SSL/TLS, including transmissions between Buildt and GitHub; and
  • Not storing credit card information on our systems. Instead, we depend on Stripe, a company dedicated to this task. Stripe is certified to PCI Service Provider Level 1, the most stringent level of certification available.

Unfortunately, no method of transmission, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security. In the event of a data breach that affects your Personal Data, we will act promptly to mitigate the impact of a breach and notify any affected users without undue delay.

If you are a Buildt User, we retain your Personal Data as long as we are providing the Services to you. We may retain certain Personal Data indefinitely, unless you delete it or request its deletion. Where we retain data, we do so in accordance with any limitation periods and records retention obligations that are imposed by applicable law.

International Data Transfers

We store and process the information that we collect in the United States (our sub processors may store and process data outside the United States).

We may transfer Personal Data that we maintain about you to recipients in countries other than the country in which the Personal Data was originally collected, including to the United States. Those countries may have data protection rules that are different from those of your country. However, we will take measures to ensure that any such transfers comply with applicable data protection laws and that your Personal Data remains protected to the standards described in this Privacy Policy. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Data.

Use by Minors

If you're a child under the age of 16, you may not use Buildt. Buildt does not knowingly collect information from or direct any of our content specifically to children under 16. If we learn or have reason to suspect that you are a user who is under the age of 16, we will close your account.

Links to Other Websites

Buildt may provide the ability to connect to other websites. These websites may operate independently from us and may have their own privacy notices or policies, which we strongly suggest you review. If any linked website is not owned or controlled by us, we are not responsible for its content, any use of the website or the privacy practices of the operator of the website.

Dispute Resolution

If you have concerns about the way Buildt is handling your Personal Data, please let us know immediately. You may contact us as described in the Contact Us section below. We will respond promptly — within 45 days at the latest.

We are subject to the jurisdiction of the Federal Trade Commission.

Updates to this Privacy Policy

We may change this Privacy Policy from time to time to reflect new services, changes in our Personal Data practices or relevant laws. The “Last updated” legend at the top of this Privacy Policy indicates when this Privacy Policy was last revised. Any changes are effective when we post the revised Privacy Policy on the Services. We may provide you with disclosures and alerts regarding the Privacy Policy or Personal Data collected by posting them on our website and, if you are a User, by contacting you through your email address.

Contact Us

If you have any questions or complaints about this Privacy Policy, please email us at privacy@buildt.dev or send physical mail to:

Buildt Analytics LLC
969-G Edgewater Blvd.
Suite 115
Foster City, CA 94404-3760