If you have any questions about this Privacy Policy, or would like to access or seek correction of your Personal Data, or have a related complaint, then please email team@gitfund.io.

GitFund is a crowdfunding platform for open source projects. It is operated by Espians LLP (hereinafter referred to as "Espians", "we", "us", or "our"), a company incorporated in England and Wales.

We respect your privacy and will take all reasonable steps to safeguard and protect your information as if it was our own.

Scope

This Privacy Policy applies to gitfund.io, any APIs, communications and services we offer relating to GitFund (collectively referred to as the "Platform").

This Privacy Policy does not apply to any website, product or service of any third party, or other websites/platforms operated by Espians.

Agreement

By using the Platform, you are accepting the practices described in this Privacy Policy. If you do not agree:

  • Please close any accounts you may have on the Platform,

  • Delete this site and any associated cookies from your browser,

  • And do not visit or use the Platform again.

Any continued use of the Platform will signify your acceptance of this Privacy Policy.

Definitions

"Data Controller" means Espians, the company responsible for the use and processing of Personal Data.

"Personal Data" means information (whether by itself or in conjunction with other information in the possession of, or likely to come into the possession of, the Data Controller) that can be used to identify a specific living person.

Website Usage

Like most website operators, we collect non-personally-identifying information of the sort that web browsers and servers typically make available, such as:

  • Browser version

  • Language preferences

  • Referring site

  • Date and time of each visitor request

And certain Personal Data like:

  • Internet Protocol (IP) addresses

Our primary purpose in collecting such information is to better understand how our visitors use the Platform. And we may make some of this information available to the public in pseudo-anonymised forms or in aggregate, e.g. as a report on usage trends.

We may also associate some of that information with any other data that we have, personally-identifying or otherwise, for various purposes, e.g. fraud detection and prevention.

Marketing Emails

If you have signed up on the Platform or have shared your email address with us in some other way, we may occasionally send you marketing emails about promotions or new services.

You can opt out of these through the unsubscribe link included in such emails or through the "List-Unsubscribe" feature in supported mail agents.

Please note that opting out only stops us from sending marketing emails to you. You will still continue to receive certain emails relating to your account, e.g. password reset emails, etc.

Online Tracking

We use cookies to help us identify/track visitors and their usage of the Platform. Please see our Cookie Policy for more details.

We also use other client-side storage mechanisms like localStorage and IndexedDB to store information relating to visitors, e.g. what notifications have been seen, saving drafts while offline, etc.

In addition, we sometimes use web beacons and tracking links in our emails and other forms of communications to determine whether they have been opened/clicked.

Data Collection

In addition to the methods described above, we also receive, store and process information, including Personal Data, through a number of different ways. Examples include when you:

  • Interact on the Platform in any way, such as to upvote an issue.

  • Fill in any form on the Platform, such as when you sign up or fill in personal and financial information in order to sponsor a project.

  • Communicate with us.

  • Respond to any surveys we send out.

  • Link your account on a third party site (e.g. Twitter) to your account on the Platform.

Visitors can always refuse to supply information, including Personal Data, with the caveat that it may prevent them from engaging in certain activities, and potentially result in any account they have being closed.

We may also obtain information about you or your company from trusted third parties such as tax authorities, risk management services, regulators, etc.

Data Use

We use, store and process your information, including any Personal Data, for various reasons, including those necessary to:

  • Operate and improve the Platform.

  • Enable you to access and use the Platform.

  • Deliver an optimised user experience.

  • Detect and prevent any actual and potential fraud, and other harmful activities.

  • Conduct checks for risk assessment and harm prevention purposes.

  • Conduct investigations for troubleshooting or other purposes.

  • Provide customer support.

  • Send you messages through email and other media.

  • Comply with our legal and regulatory obligations.

  • Verify information provided by you.

  • Resolve any disputes that we may have.

  • Enforce our Terms of Service and other agreements we may have.

Publicly Displayed Personal Data

By signing up and using the Platform, you consent to the public display and sharing with third parties of any Personal Data that may be part of your public profile (hereinafter referred to as "Profile Information"):

  • Your name

  • Your profile picture

  • Your bio description

  • Your company name and logo

  • Your website link(s)

  • Your location

  • Your sponsorship profile (image, text, and link)

  • Your linked social media profiles (e.g. GitHub, Twitter, etc.)

Besides your name, none of the Profile Information is mandatory, and any information you do provide may be deleted, edited, changed or amended by you at any time.

In addition to your Profile Information, any Personal Data you post as part of user-generated content on the Platform is available to the public without any expectation of privacy or confidentiality.

This may include any Personal Data you post as part of comments, issues, project info, updates, testimonials or other features on the Platform that are visible to the general public.

All such publicly displayed Personal Data will be viewable by any and all visitors to the Platform, including search engines and users of our API. Please bear this in mind when deciding what to publish.

If you are unable to remove any Personal Data that you wish to remove from content that you have posted, please contact team@gitfund.io. We will let you know if we are unable to do so for any reason.

Please note that even if you remove Personal Data that has been publicly shared, copies of your Personal Data may remain viewable in caches, search engines, and archive copies that others may have made.

So please be extra cautious when sharing Personal Data.

Marketing Use

We may use parts of your publicly shared information, including your Profile Information that may contain some Personal Data, for display in other parts of the Platform for marketing purposes.

In addition to other endorsements, we may display testimonials of satisfied users on the Platform. With your consent we may post any testimonials you make, together with your Profile Information.

Cross Border Data Transfers

We may transfer, store, use and process your information, including any Personal Data, to territories located outside of your home country including the United States and possibly other countries. By using the Platform, you consent to transferring your data to these territories.

Sharing/Disclosure of Personal Data

We will share your Personal Data with third parties only in the ways that are described in this Privacy Policy. We do not sell or rent your Personal Data to third parties.

We may disclose Personal Data we collect about you to members of Espians, our employees, and trusted third parties that need to know that information in order to process it on our behalf or to provide the services available on the Platform.

These third parties may include our agents, related bodies corporate, contractors, financial institutions, payment processors, cloud service providers, verification services and regulators, as well as any third parties that you have directly authorised to receive your Personal Data.

In addition, other circumstances where your Personal Data may be transferred, stored, used, processed and disclosed are as follows:

  • As aggregated data:

    • We may aggregate your information with others, such that it can no longer be reasonably associated with a specific person, which we may then share with third parties or make publicly available.
  • With your consent:

    • We will disclose your information if you have explicitly agreed that we may do so. We will make this clear to you at the point at which we collect your information.
  • To report suspected illegal activity:

    • We may disclose your information to appropriate third parties, such as law enforcement and regulatory bodies, if we suspect that you might be involved in any form of illegal activity.
  • To protect our interests:

    • We may disclose your information if we feel this is necessary in order to protect or defend our legitimate rights and interests, or those of our users, employees, members of Espians, and/or to ensure the safety and security of the Platform, individuals, and/or the public at large.

    • We may also disclose your information in order to respond to claims asserted against us, or to enforce and administer our agreements with users, such as our Terms of Service and this Privacy Policy.

  • By regulators and certification bodies:

    • We may disclose your information with third parties as necessary to comply with the requirements of regulatory and/or certification bodies.
  • If required by law:

    • We will disclose your information if we believe in good faith that we are permitted or required to do so by law, including in response to a court order, subpoena or other legal demand or request, including those related to national security and law enforcement.
  • By service providers:

    • We use certain reputable third parties, some of whom may be located outside of your home country, to provide us with certain specialised services related to the Platform.

      These third parties will have access to certain information about you, but only where this is necessary in order for those third parties to provide their services to us.

  • To support the Platform:

    • We may disclose your information to third parties for the purposes of fraud prevention, risk assessment, investigation, customer support, product development, or troubleshooting.
  • By users of our API:

    • Any information you choose to make public on the Platform, including any Personal Data that may be part of your Profile Information or user-generated content that you have published, will be accessible to third parties through our developer API.
  • As part of our embeddable widgets:

    • Any information you choose to make public on the Platform may be embedded on third party websites and/or apps, through our embeddable widgets.

By using the Platform, you acknowledge, consent and agree that we may access, preserve and disclose your information, including your account information and Personal Data, for any of the purposes described in this Privacy Policy.

Use of Online Third Party Services

We make use of the following online third party services which may result in Personal Data about you being shared with them:

Where possible, we've striven to choose services that are compliant with privacy laws such as EU Data Protection regulations, and have a good reputation with regards data security.

Data Security

We maintain strict administrative, technical and physical procedures to help protect your Personal Data against unauthorised access, misuse, destruction or alteration.

For core team members (i.e. members of Espians, our employees, and contractors), we limit access to confidential information (through user/password credentials and software systems) to those who require it to perform their job functions.

We may store and process your Personal Data in locations outside of our direct control, for example, on servers or databases managed by cloud hosting providers.

We use the industry-standard Secure Socket Layer (SSL) encryption technology to safeguard sensitive information as it travels over the Internet to/from our application servers.

However, no method of transmission over the Internet, and no method of storing electronic information, can be 100% secure. Therefore, we cannot guarantee the absolute security of your transmissions to us and of your Personal Data that we store.

Data Breaches

We monitor our systems for potential data breaches, and, assuming we have a contact email address for you, will inform you of any breaches that we detect relating to your account or Personal Data.

We minimise the impact of such breaches by never storing certain highly sensitive data such as credit card numbers on our database or servers. They are instead stored at trusted third parties like Stripe.

Child Privacy

We do not knowingly collect or solicit Personal Data from anyone under the age of 13. If you are under 13 years old, please do not send any Personal Data to us.

If we learn that we have inadvertently collected Personal Data from a child under age 13, we will remove that information as quickly as possible. If you believe that we might have any Personal Data from or about a child under age 13, please contact us at team@gitfund.io.

Retention of Personal Data

Though we do not have this measure in place for this MVP, we will retain Personal Data for only as long as it is necessary for the purpose(s) it was collected for.

The exception to this will be in cases where we are obliged to retain the data, e.g. to comply with legal requirements, ensure transactions are appropriately processed, prevent fraud, resolve disputes, enforce our Terms of Service, etc.

Accordingly, even if you close your GitFund account we will retain certain information as necessary to meet our obligations. However, we will mark your account as "closed" and limit access to the available information for only specific purposes.

Accessing/Amending Personal Data

Please write to team@gitfund.io if you would like a copy of the Personal Data that we hold about you. We will provide you with a copy of the data in JSON format as soon as practicable.

If you would like the copy in paper form, then we may have to charge you a fee depending on where you live. We may also need proof of identification and authorisation in some cases.

If any of the Personal Data we hold about you is inaccurate or you would like to request the erasure of Personal Data about you, please let us know and we will make the changes on our system.

However, we may not be able to carry out your request in all circumstances, e.g. if we need to retain the historic data in order to comply with regulatory requirements, etc.

We aim to acknowledge receipt of all access and amendment requests within five business days and to resolve them within a month at the latest. We will let you know if this is not possible for some reason.

Business Transfers

In the event of a merger, acquisition, reorganisation, sale of assets, bankruptcy, or other similar events, certain information in our possession, including your Personal Data, may be transferred to our successor or assign.

You acknowledge that such transfers may occur, and that any successor or assign may continue to use your information, including your Personal Data, as set forth in this Privacy Policy.

Changes to this Policy

We may change this Privacy Policy at any time and without prior notice, at our sole discretion. We encourage visitors to frequently check this page for any such changes.

Your continued use of the Platform after any change in this Privacy Policy will constitute your acceptance of such change.

This document is adapted from Automattic's Privacy Policy, licensed under CC-BY-SA, and was last updated on 2017-05-02.