Yes, we’ve updated ours too, but we want to talk to you about how we manage your data, the greater picture of privacy on the Internet, the European Union’s new GDPR legislation, and why this all matters to you, no matter where you are in the world.
GDPR: A new standard for privacy
On May 25th, the GDPR (General Data Protection Regulation) goes into effect in the EU. It gives users there an unprecedented level of control and insight into their personal information. Amongst other things:
- People must be able to change, delete, or request copies of their personally identifiable information
- Companies need a valid legal basis for the usage of that information (which may require getting consent for that use)
You must admit, that’s pretty nice. Though companies are not required to give these rights to non-EU residents, many (including us) are treating this as a new global standard.
Some parts of the GDPR are a bit vague and not all companies see eye-to-eye on the level of control you should have. We’re hoping our approach goes above and beyond.
Our new privacy guarantees
We’ve always collected as little data as needed. We don’t need much, except to provide services to you, to aid in team communication, and to make use of third-party services we trust who help us run our business and provide support to you.
Still, under the GDPR, there was more for us to do. So here’s what we’re promising:
- We’ll continue to give you control of your data, and handle deletion and alteration requests, as we always have.
- We’ve updated our services to request your consent (and give you full control over it at any time) for any optional usage of your personal information, and any usage we strictly require to run our services effectively will be clearly documented.
- We’ve never sold your information and never will.
- We’re extending the rights granted by the GDPR to all users of our products, everywhere.
- If you ever have any questions or concerns about your data, we’re always here to help.
To help, we’ve built a whole new privacy-focused framework in Djblets to help with privacy guarantees and consent requests. All our software will be using this and we’ll be encouraging Review Board extension authors to use it. We’ll talk about this in more detail in an upcoming post.
What to expect by May 25th
If you want to change, delete, or request any of your personal information from our servers, or want more information on all this, reach out to us at any time and we’ll help. You don’t need to wait for May 25th.