This analysis describes what GitHub's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Users added to an organization's account may have their Personal Data shared with that organization without initiating the sharing themselves.
The updated terms now explicitly authorize GitHub to collect AI outputs generated within the platform alongside user-provided code and content, and to share personal data with Microsoft and other GitHub affiliates for purposes including training and improving artificial intelligence and machine learning technologies. The privacy statement indicates that aggregate and de-identified data will be used where feasible, but the updated language establishes broader authority for affiliate data sharing and AI model development than the previous version stated. The revised terms also remove specific disclosure of the conditions under which GitHub personnel may access private repositories, replacing that detail with a cross-reference to the Terms of Service, which means the scope of internal GitHub access to private repositories is now defined in a separate contract document rather than the privacy statement itself.
View change record →If an organization adds you to its GitHub account, your Personal Data may be disclosed to that organization.
How other platforms handle this
we may use, retain or share information with law enforcement or others in circumstances where a person's vital interests require protection, such as in the case of emergencies.
if you are accessing and using Lime Services under a corporate account...you acknowledge and agree that Lime may share certain of your usage information with whomever provided you with access to the Lime Services
Any such de-identified genetic information and phenotypic information we share with third parties for research purposes is done in accordance with Part 46 (beginning with Section 46.101) of Title 45 of the Code of Federal Regulations.
Monitoring
GitHub has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"If an organization adds you to their GitHub account, we might share Personal Data with that organization to fulfill the commercial relationship.— Excerpt from GitHub's GitHub Privacy Statement
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Users added to an organization's account may have their Personal Data shared with that organization without initiating the sharing themselves.
If an organization adds you to its GitHub account, your Personal Data may be disclosed to that organization.
ConductAtlas has identified this type of provision across 286 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by GitHub.