GitHub limits its financial liability to you. If you lose data, profits, or experience damages from using the service, GitHub is generally not responsible for those losses.
This analysis describes what GitHub's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The clause operates to define the scope of GitHub's potential financial exposure by carving out entire categories of harm from recoverable damages. This establishes the boundary of GitHub's assumed liability risk under the agreement, affecting the economic structure of the service relationship.
Interpretive note: Enforceability of the limitation of liability for data breaches and unauthorized access may vary by jurisdiction, particularly in EU/EEA consumer contexts and under GDPR.
GitHub's updated Terms of Service now include an explicit section governing AI features, including Copilot. The new section establishes specific contractual terms for how user data may be collected, used, and retained for developing and improving AI and machine learning models, and identifies what controls are available to users. The practical effect is that AI-related data practices are now consolidated under dedicated contractual language rather than dispersed across general service terms.
View change record →GitHub's Terms of Service update on April 19, 2026 involved substantial revisions across 54 sentences, with 40 sentences removed and 4 added. The extent of change suggests modifications to core service provisions; however, without access to the specific language that was modified, removed, or added, the precise operational implications for users cannot be determined. Users should review the updated Terms directly to understand how the changes affect their usage rights, account obligations, or dispute resolution procedures.
View change record →Users cannot recover lost profits, data, or goodwill from GitHub under this clause, even if service disruption or unauthorized data access causes those losses. This provision is operationally significant for businesses that host production-critical code or workflows on GitHub.
How other platforms handle this
In no event will either party's aggregate liability arising out of or related to this Agreement exceed the total fees paid or payable by Customer in the twelve (12) months preceding the claim. In no event will either party be liable for any indirect, incidental, special, consequential, or punitive d...
IN NO EVENT WILL DEEPSEEK OR ITS AFFILIATES BE LIABLE UNDER ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, TORT, NEGLIGENCE, PRODUCTS LIABILITY, OR OTHERWISE, FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, EXEMPLARY, OR PUNITIVE DAMAGES OR LOST PROFITS, EVEN IF DEEPSEEK OR ITS AFFILIATES HAVE ...
TO THE MAXIMUM EXTENT PERMITTED BY LAW, IN NO EVENT WILL PERPLEXITY, ITS AFFILIATES, LICENSORS, SERVICE PROVIDERS, EMPLOYEES, AGENTS, OFFICERS, OR DIRECTORS BE LIABLE FOR ANY INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR EXEMPLARY DAMAGES, INCLUDING WITHOUT LIMITATION DAMAGES FOR LOSS O...
Monitoring
GitHub has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"You understand and agree that we will not be liable to you or any third party for any loss of profits, use, goodwill, or data, or for any incidental, indirect, special, consequential or exemplary damages, however arising, that result from: the use, disclosure, or display of your User-Generated Content; your use or inability to use the Service; any modification, price change, suspension or discontinuance of the Service; the Service generally or the software or systems that make the Service available; unauthorized access to or alterations of your transmissions or data; statements or conduct of any third party on the Service; any other user interactions that you input or receive through your use of the Service; or any other matter relating to the Service.— Excerpt from GitHub's GitHub Terms of Service
REGULATORY LANDSCAPE: Limitation of liability clauses in consumer contracts may face enforceability challenges under EU consumer protection law, including the Unfair Contract Terms Directive, which may render clauses excluding liability for negligence or breach of statutory duty unenforceable in consumer contracts. In the U.S., consequential damages waivers are standard commercial practice but may face scrutiny where they apply to paid services and the limitation would leave users without meaningful remedy. State-specific consumer protection statutes in California and other jurisdictions may limit the scope of enforceable liability caps. GOVERNANCE EXPOSURE: Medium. The clause is standard in platform terms of service but is operationally significant for enterprise customers with data loss or business continuity exposure. The exclusion of liability for unauthorized access to user data is particularly notable for organizations with regulated data hosted on the platform. JURISDICTION FLAGS: EU/EEA users in consumer contexts may have protections that limit GitHub's ability to exclude liability for gross negligence or data breaches. California consumers may have additional statutory rights under state consumer protection law that cannot be waived by contract. Organizations subject to GDPR should assess whether the liability limitation affects their ability to recover damages for data breaches involving GitHub-hosted data. CONTRACT AND VENDOR IMPLICATIONS: Enterprise procurement teams should negotiate liability caps and indemnification provisions in enterprise agreements that are appropriate for the organization's data risk profile. The standard ToS liability limitation should not be assumed to represent the full scope of available remedies under applicable law. Vendor risk assessments should account for the financial exposure created by GitHub's limitation on recoverable damages in the event of a service incident. COMPLIANCE CONSIDERATIONS: Legal teams should assess whether the liability limitation is enforceable under applicable local law for their user population, particularly in EU/EEA jurisdictions. Organizations in regulated industries should confirm that their GitHub deployment arrangements include contractual protections beyond the standard ToS, including data breach liability and indemnification provisions.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The clause operates to define the scope of GitHub's potential financial exposure by carving out entire categories of harm from recoverable damages. This establishes the boundary of GitHub's assumed liability risk under the agreement, affecting the economic structure of the service relationship.
Users cannot recover lost profits, data, or goodwill from GitHub under this clause, even if service disruption or unauthorized data access causes those losses. This provision is operationally significant for businesses that host production-critical code or workflows on GitHub.
ConductAtlas has identified this type of provision across 227 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by GitHub.