Skip to content
GitLab
Next
    • Why GitLab
    • Pricing
    • Contact Sales
    • Explore
  • Why GitLab
  • Pricing
  • Contact Sales
  • Explore
  • Sign in
  • Get free trial
  • GitLab.orgGitLab.org
  • GitLab FOSSGitLab FOSS
  • Issues
  • #46267

Privacy policy missing for GitLab Pages under gitlab.io, questionable for gitlab.com

Given that the EU is about to enforce GDPR, I believe that a privacy policy is necessary for GitLab Pages under gitlab.io: Are visitors' IP addresses recorded? If so, why and for how long?

Privacy by design would ask not to collect IP addresses at all. If that was not an option, what about offering project owners the option to disable logging of IP addresses for their subdomains?

IANAL, but GitLab's privacy policy does not seem sufficient: It informs that GitLab "collects potentially personally-identifying information like Internet Protocol (IP) addresses" but does neither state the purpose nor any of the following (from the Wikipedia article linked above): "The notice requirements remain and are expanded. They must include the retention time for personal data, and contact information for data controller and data protection officer has to be provided."

Assignee
Assign to
Time tracking