Privacy Policy
Last Updated: May 13, 2023
Your privacy is important to us. This Privacy Policy (“Policy”) applies to services provided by DeepSource (“we”, “us”, or “Company”) and our website, product pages, mobile or web applications, or other digital products that link to or reference this Policy (collectively, the “Services”) and explains what information we collect from users of our Services (a “user”, “you”, or “your”), including information that may be used to personally identify you (“Personal Information”) and how we use it. We encourage you to read the details below. This Policy applies to any visitor to or user of our Services. Any capitalized terms used herein but not defined shall have the meaning set forth in our Terms of Service.
We reserve the right to change this Policy at any time. We will notify you of any changes to this Policy by posting a new Policy to this page, and/or by sending notice to the primary email address specified in your account. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically reviewing this Policy to check for any changes. Changes to this Policy are effective when they are posted on this page. You acknowledge that your continued use of our Services after we publish or send a notice about our changes to this Policy means that the collection, use and sharing of your Personal Information is subject to the updated Policy.
Scope and Applicability
The Policy applies to your information when you visit our website or otherwise use the Services. If legally applicable, we may collect and process your information upon the following lawful bases: consent (where you have given consent), contract (where processing is necessary for the performance of a contract with you (e.g. to deliver the Services you have requested)), and, in some instances, for “legitimate interests” in the applicable jurisdiction. This Policy does not apply to websites, apps, products, or services that we do not own or control, including the websites, apps, products, and/or services of our Customers (defined below). This means that this Policy does not explain what our Customers do with your information that we provide to them or any information they collect directly from you and submit to us. Information provided by or to third parties, such as our Customers, are controlled by their respective privacy policies, which we encourage you to review for more information about their practices.
What Information Do We Collect?
Information We Collect Directly
When you use the Services or otherwise communicate with us, we collect information that you provide to us directly. For example, we collect information in the following circumstances: you (i) use or visit the Services, (ii) register your account to access the Services behalf (an “Account”), (iii) subscribe to newsletters; (iv) purchase a paid subscription to the Services; (vi) request technical or other customer support; (vii) otherwise use the Service where Personal Information is required for such use and/or participation, and (viii) when you contact us via the Services or when you otherwise communicate with us. You can choose not to provide information that is requested of you by us; however, this may limit your ability to use or access the Services.
The information you provide to us directly may include, without limitation, the following information that may, alone or in combination with other data, constitute Personal Information:
- Your account login information that are shared with us by the applicable third party account partner.
- Please see section title “Information Collected from Third-Party Sources” below for more details.
- Your responses to surveys that we may ask you to complete for research purposes or to help direct Company activities.
- Details of any financial transactions you participate in on the Services, including the amount, currency, and method of payment.
- Information you provide in order to subscribe to our marketing communications.
- Information you provide when communicating with us or that you otherwise voluntarily provide to us.
- If you are using our services as a customer (“Customer”), we may process Personal Information in the course of our business relationship with you, which may include User Content provided to us by you or your authorized end users in connection with the Services, as described above in this Policy (collectively referred to as “Customer Data”). Any Customer Data is controlled by the respective privacy policy of the Customer.
Information Automatically Collected
Furthermore, we may automatically collect in and through the Services the following “Technical Information”:
- Device data: including, but not limited to, the type of device you use, data on device advertising ID’s and similar hardware qualifiers, the browser you use, your operating system, and approximate geographic location data.
- Usage data: including, but not limited to, search terms entered, pages viewed, and other usage behavior identified by analytics events.
- Network and internet information: including, but not limited to, URLs, Internet Protocol addresses, bounce rates, use of spoofing, active (TCP/IP) ports, number of sessions initiated, click streams, location information and network/Wi-Fi access points.
- If you download and use the Software, DeepSource automatically collects information on the type of device You use, and the operating system version.
- Information we collect on the use of the Services via cookies and other tracking technologies: please see the “How Do We Use Tracking Technologies” section below for more information.
Information From Third Party Sources
DeepSource may also receive your Personal Information indirectly as follows: a) from third party account partners such as GitHub, GitLab, Bitbucket, Azure DevOps, our third party service provider with respect to financial transactions or your version control service provider, provided that you have authorized such disclosure or they are otherwise legally permitted or required to disclose share personal information with us; b) from other third party services where you have authorized DeepSource to connect with such third party services. DeepSource will access and store your username, name, email address(es), and other Information that the third-party service makes available to DeepSource, and use and disclose it in accordance with this Policy.
How Do We Use The Information We Collect?
We use the information we collect:
- To deliver and improve the Services and your overall user experience.
- To protect, investigate, and deter against fraudulent, unauthorized, or illegal activity.
- To link or combine user information with other Personal Information.
- To compare and verify information for accuracy and update our records.
- To email, message, or otherwise contact you with information and updates about us and the Services.
- To respond to your comments and questions and provide customer service.
- To send you information including confirmations, invoices, technical notices, updates, security alerts, and support and administrative messages.
- To analyze how you use the Services with tools such as Google Analytics, PostHog and other tools to help us understand traffic patterns and know if there are problems with the Services.
- Create targeted advertising to promote the Services and engage our users.
- In connection with a merger, acquisition, reorganization or similar transaction.
- When required by law or to respond to legal process.
- To protect our users, other individual lives, and/or the rights or property of Company.
- To maintain the security of the Services.
- For any other purpose with your consent.
Do We Share Your Personal Information?
In addition to the specific situations discussed elsewhere in this privacy policy, we disclose personal information in the following circumstances:
- With our corporate affiliates and subsidiaries.
- With third parties that perform services to support our core business functions and internal operations, which may include database administrators, cloud computing services, payment processors, analytics providers, advertising services, and application services providers.
- With third parties that we have partnered with, such as to jointly create and offer a product, service or joint promotion.
- To support our audit, compliance, and corporate governance functions.
- In connection with a change of ownership or control of all or part of our business (such as a merger, acquisition, reorganization, or bankruptcy).
- If we have a good-faith belief that access, use, preservation, or disclosure of such information is reasonably necessary to detect or protect against fraud or security issues.
- If required or permitted by applicable law or regulation, including laws and regulations of the United States and other countries, or in the good faith belief that such action is necessary to: (a) comply with a legal obligation or in response to a request from law enforcement or other public authorities wherever Company may do business; (b) protect and defend the rights or property of Company; (c) act in urgent circumstances to protect the personal safety of users, customers, and contractors/employees of Company or others; or (d) enforce our Terms of Service or otherwise protect against any legal liability.
- With your consent or at your direction.
How Do We Use Tracking Technologies?
Some of the features on the Services may require the use of “cookies” - small text files that are stored on your device’s hard drive. You may delete and block all cookies from our Services, but parts of the Services may not work. We want to be open about our cookie use. The following sets out how we may use different categories of cookies and your options for managing cookie settings:
They may also use cookies, action tags, web beacons, and/or GIF tags placed in various places on the Services and our online ads to collect information about your visit and your interaction with our ads. To limit collection of information from mobile devices, including location data, please visit your device’s settings to set the “Limit Ad Track”, “Location Based Services,” or other similar feature on your device. You can also make choices about data collection for certain companies by visiting an industry consumer choice platform such as the NAI (https://optout.networkadvertising.org/) or DAA (https://optout.aboutads.info/). If you opt-out of interest-based ads, you will still see ads on websites you visit, but those ads will not be based on your browsing behavior.
Our third party analytics services providers may use cookies and other tracking technologies to collect and store data Technical Information to be used for the purposes outlined in this Privacy Policy. For example:
- Google Analytics: We use Google Analytics to help collect and analyze certain information for the purposes discussed in this Policy. You may opt out of the use of cookies by Google Analytics at https://tools.google.com/dlpage/gaoptout.
- Posthog: PostHog is a product analytics tool used to better understand user behavior. For more information on the privacy practices of PostHog, please visit their privacy policy at: https://posthog.com/privacy.
How Do We Secure Your Personal Information?
We are dedicated to safeguarding the personal data of our customers and employees. In accordance with this commitment, we comply with the principles of the General Data Protection Regulation (GDPR) when collecting, utilizing, and handling personal data. This includes adherence to principles of legality, fairness, and transparency; limiting data collection to specific purposes; minimizing the amount of data collected; ensuring accuracy; limiting data storage; maintaining integrity and confidentiality; and being accountable for data protection.
We take reasonable steps to protect your Personal Information against unauthorized access, alteration, disclosure, misuse, or destruction. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. The safety and security of your Personal Information also depends on you. For your account used to access the Services, you are responsible for keeping your membership details confidential. We urge you to take steps to keep your Personal Information safe by not disclosing your password and by logging out of your account after each use. We further protect your Personal Information from potential security breaches by implementing certain technological security measures including encryption, firewalls and secure socket layer technology. However, these measures do not guarantee that your Personal Information will not be accessed, disclosed, altered or destroyed by breach of such firewalls and secure server software. By using the Services, you acknowledge that you understand and agree to assume these risks.
Data Retention
We retain your Personal Information while your account is in existence or as needed to provide the Services to you. This includes data you or others provided to us and data generated or inferred from your use of the Services. Please note that we may retain information that is otherwise deleted in anonymized and aggregated form, in archived or backup copies as required pursuant to records retention obligations, or otherwise as required by law. We may retain an archived copy of your records as required by law or for legitimate business purposes.
Managing Your Privacy
All users may submit requests regarding their Personal Information that has been collected directly by Company as described in this Privacy Policy by contacting us at privacy@deepsource.io. If your Personal Data has been collected by us on behalf of a Customer and you wish to exercise any rights you may have under applicable data protection laws, please inquire with the applicable Customer directly. If you wish to cancel your account, you may do so through your account page, and any personally identifiable information associated with your account will be deleted as soon as is reasonably practical or as required by applicable law. Please note that we may retain information that is otherwise deleted in anonymized and aggregated form, in archived or backup copies as required pursuant to records retention obligations, or otherwise as required by law. We may retain an archived copy of your records as required by law or for our legitimate business purposes.
We may use some of the information we collect for marketing purposes, including to send you promotional communications about new Company features, products, events, or other opportunities. If you wish to stop receiving these communications or to opt out of use of your information for these purposes, please follow the opt-out instructions, such as clicking “Unsubscribe” (or similar opt-out language) in those communications. You can also contact us at privacy@deepsource.io to opt out. Despite your indicated email preferences, we may send you service related communications, including notices of any updates to our terms of service or privacy policy.
Links to Third Party Websites
We may provide links to other websites. We have no control over these websites and they are subject to their own terms of use and privacy policies. As such, we do not endorse and are not responsible for the availability of, or for any content, advertising, products, or other materials on or available from, these third party websites.
By using the Services, you agree that we will not be liable for any damage or loss caused by your use of or reliance on any content, advertising, products, or other materials on or available from these third party websites.
How We Respond to Do Not Track Signals
Your browser settings may allow you to automatically transmit a Do Not Track signal to websites and other online services you visit. We do not alter our practices when we receive a Do Not Track signal from a visitor’s browser because we do not track our visitors to provide targeted advertising. To find out more about Do Not Track, please visit http://www.allaboutdnt.com.
Children Under 16
The Services are not directed to individuals who are under age of sixteen (16) and we do not solicit nor knowingly collect Personal Information from children under the age of sixteen (16). If you believe that we have unknowingly collected any Personal Information from someone under the age of sixteen (16), please contact us immediately at privacy@deepsource.io and the information will be deleted.
Third Party Direct Marketing
We currently do not share Personal Information with third parties for their direct marketing purposes without your consent.
A Note to Users Outside the United States
Our Company is based in the United States. The Services are controlled and operated by us from the United States and are not intended to subject us to the laws or jurisdiction of any state, country or territory other than that of the laws of the country(ies) where the Services are controlled. Your Personal Information may be stored and processed in any country where we have facilities or in which we engage service providers, and by using the Services you consent to the transfer of information to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Information.
EU Representative
Under Article 27 of the GDPR, we have appointed an EU Representative to act as our data protection agent. Our nominated EU Representative is: Instant EU GDPR Representative Ltd.
- Name: Adam Brogden
- E-mail: contact@gdprlocal.com
- Tel: +35 315 549 700
- Address: INSTANT EU GDPR REPRESENTATIVE LTD Office 2, 12A Lower Main Street, Lucan Co. Dublin K78 X5P8, Ireland
UK Representative
Under Article 27 of the UK Data Privacy Act, we have appointed a UK Representative to act as our data protection agent. Our nominated UK Representative is: GDPR Local Ltd.
- Name: Adam Brogden
- E-mail: contact@gdprlocal.com
- Tel: +44 1772 217800
- Address: 1st Floor Front Suite 27-29 North Street, Brighton England, BN1 1EB
Contact Us
If you have any questions about this Policy, your Personal Information, or the Services, you can contact privacy@deepsource.io.