Last edited: 24 Februari 2021
This Radicle website (radicle.blog) is maintained on a voluntary basis by the Radicle Foundation (the “Foundation”). The Foundation is a Swiss foundation whose purpose is to support the development of resilient and humane software infrastructures. The Foundation is committed to supporting projects and people that develop non-extractive peer-to-peer technologies that promote internet freedom, including, among others, the Radicle project. While the Foundation previously assisted in the development and deployment of the Radicle Network, the Foundation does not own, manage, or control or act as an administrator of the Radicle Network. The Radicle Network presently operates in a fully decentralized and autonomous manner and has an opt-in Ethereum protocol integration. The Foundation is neither involved in nor in any way responsible for the ongoing operation, running, or functioning of the Radicle Network and/or any of the interactions, collaborations or contractual relationships between Users on the Radicle Network.
This policy applies to all of the Foundation’s data processing activities where it acts as a data controller. In this policy, "Foundation" refers to Radicle Foundation, a foundation incorporated in Switzerland with its registered address at Suurstoffi 37, 6343 Rotkreuz. For more information about the Foundation, see the Imprint or the “Contact” section of this policy.
The Foundation may make changes to this policy every so often. When changed, the Foundation will change the “Last edited” date at the top of the page. You are encouraged to review this policy regularly in order to stay informed about the Foundation’s information practices. If you do not agree to the revised policy, do not use, access, or interact with the Radicle Network, the Radicle Technology Stack, the Radicle blog, and any other Radicle communication outlet (and unsubscribe where applicable).
- Data in P2P and Blockchain Infrastructures
- How Personal Data is Used
- How Third Party Applications are Used
- Storing Your Personal Data
- Transferring Data Outside the EU
- User Rights Under GDPR
Data in P2P and Blockchain Infrastructures
How Personal Data is Used
- your email address
- the date and time of registration
- your IP address
- your browser type
- your language
- the preferred email format
- your email address
- the date and time you opened the email
- your location, as indicated by your IP address
How Third Party Applications are Used
Storing Your Personal Data
Transferring Data Outside the EU
User Rights Under GDPR
While you could use Radicle software to privately edit your own code on your computer, without sharing to the Radicle Network, all code that you publish to the Radicle Network is to be considered public. Because any contribution on the Radicle Network is linked to a public key, all contributions can be verified as coming from a public key. If your public key is linked to personally identifiable information, like your git username or email, this information will also be publicly accessible.
Data is disseminated through the Radicle Network via a process called gossip. That is, participants in the Radicle Network share and spread data they are "interested" in by keeping redundant copies locally and sharing deltas with peers. In the Radicle Network, data is replicated across connected code repositories according to a “social graph” of contributors and maintainers, enabling source code and changesets to be disseminated according to use and value: the more peers who are interested in a certain project, the more available this project is made to the Radicle Network.
It’s important to understand that any information you publish onto the Radicle Network is public by design. Because of the way gossip works, once you contribute to code on or share a repository with the Radicle Network, any information that is held in git (potentially your name, email, or public key) will be exposed. It is not possible to remove, revoke or rectify this information from the Radicle Network. This is because the Radicle Network is a decentralized (public) peer-to-peer network (not operated by us) which stores data committed to it around the world. Your use of a client and interaction with Radicle Network will lead you to interact with other Radicle Network participants; you should note that other participants on the Radicle Network may be able to determine certain things about you through your use of the Radicle Network. Radicle Foundation does neither collect this data from you nor process it in any way.
When subscribing to the Radicle newsletter:
When you subscribe to the Radicle newsletter, the Foundation collects personal data via its newsletter service provider MailChimp. This data may include:
This data is collected and processed for the purpose of subscribing you to and sending you Radicle’s newsletter (via radicle.blog) with updates on the project’s development as well as ensuring the security and reliability of the newsletter service.
The legal basis for this processing is your consent as provided in the double opt-in confirmation part of the Radicle newsletter sign-up process. This data will be stored as long as the Foundation has your consent to send you a newsletter. If you wish to unsubscribe from the Radicle newsletter, you can do so by clicking on the link at the end of each newsletter or by sending the Foundation an email. You can read more about MailChimp’s data access as well as their legitimate interests in and purposes for collecting this data here.
When receiving the Radicle newsletter:
If you have subscribed to the Radicle newsletter, each time you receive and open a newsletter, a third-party service provider MailChimp collects data, including:
This data is collected and processed by the Foundation for the purpose of ensuring the security and reliability of the newsletter service as well as the Foundation’s legitimate interest in the effectiveness of and general user interest in the Radicle newsletter. Because the Radicle newsletter service is hosted by MailChimp, you can view more information about the data they collect and their legitimate interests in and purposes for collecting this data here.
When browsing the Radicle blog:
If you go to the Radicle blog, the Foundation does not collect any of your information as you browse. However, because the Radicle blog is hosted by Github, user personal information from visitors to the Radicle blog, including logs of visitor IP addresses, may be collected by Github to comply with legal obligations, and to maintain the security and integrity of the website and the service.
When downloading Radicle:
When you download Radicle binary files, Buildkite and Google Cloud servers may collect and save information regarding your computer, network, browser, and IP address. The Foundation does not collect, store, or process the information collected by Buildkite and Google Cloud. Regarding your use of Radicle Technology Stack, the Foundation does not process any of your personal data (see above: Data in P2P and Blockchain Infrastructures).
When you join the Radicle Matrix server:
If you want to join Radicle’s Matrix server to chat with the Radicle community, you will need to join it via a client. You have the option of creating a Matrix account on Radicle's server, hosted by Ungleich; if you do, the Foundation, via Ungleich, collects your user name, display name, email address (if you provided one to the client), and your IP address each time you access the Radicle Matrix server. When you join a chat room on the Radicle Matrix server, whether you have an account on Radicle’s server or not, the Foundation will collect your user name and display name. This information is collected in order to deliver the chat service and enable its features, as well as ensure the security and reliability of the service.
When you contribute to the Radicle Matrix server:
Once you’ve joined Radicle’s Matrix server, you can participate in the public chat room by contributing messages and files. When you contribute to Radicle’s Matrix server, everyone who has joined the room will collect: your username, display name, message content, message files, and message date/time. When you communicate directly with another user via a private room, the user will collect: your username, display name, message content, message files, and message date/time. This information, collected in public chat rooms or in private rooms, is stored on Radicle’s Matrix homeserver, which is hosted by Ungleich.
This data is collected and processed by Ungleich for the purpose of delivering the chat service and features, as well as ensuring the security and reliability of the chat service. You can view more information about how they handle this data here. If you wish to leave the Radicle Matrix server and delete all the data that was contributed by you, you can do so by sending the Foundation an email (firstname.lastname@example.org).
The Foundation uses Buildkite servers to store Radicle binary files. For further information and the applicable data protection provisions of Buildkite, visit this site.
The Foundation uses Google Cloud Storage to store Radicle binary files. The Foundation’s Google Cloud Storage is hosted on servers across the EU. For further information and the applicable data protection provisions of Google Cloud, visit this site.
The Radicle blog, radicle.blog, is hosted by Github, on Github Pages. User personal information from visitors to the Radicle blog, including logs of visitor IP addresses, may be collected by Github to comply with legal obligations, and to maintain the security and integrity of the Website and the Service. For further information and the applicable data protection provisions of Github, visit this site.
The Foundation uses Ungleich to host an instance of Matrix and Radicle’s Matrix homeserver. A username and display name is collected to give a user access to the chat room on Radicle’s Matrix homeserver, then all contributions by the user to the Radicle chat room are stored on Radicle’s homeserver. Optionally, a user can create a Matrix account on Radicle’s homeserver, in which case Ungleich may store an email for the purpose of recovering their password as well as the user’s IP address. Radicl’s Matrix homeserver is hosted in Ungleich’s own datacenter in Switzerland. For further information about how Ungleich handles security and privacy concerns, visit this site.
Links to Social Media:
On the Radicle blog (radicle.blog), there are links to social media profiles. Those services might also collect personal data. Please refer to their privacy policies for more information.
The Foundation retains your information only for as long as is necessary for the purposes for which it processes the information as set out in this policy. However, the Foundation may retain your personal data for a longer period of time where such retention is necessary for compliance with a legal obligation to which the Foundation is subject, or in order to protect your vital interests or the vital interests of another natural person.
The Radicle newsletter subscription function is realized with the help of MailChimp, which is based in the United States (see above).
Furthermore, any metadata associated with contributions made while using Radicle (including your git username and, potentially, your email address if it’s associated with your git username) may be replicated and stored around the world.
The Radicle Foundation takes user rights and privacy seriously - and this philosophy is built into each one of the projects it supports. The Foundation has limited the data collected to the absolute minimum it needs to enable the projects to work for the user.
MailChimp makes the assurance that they take the appropriate security measures to prevent access to the Radicle newsletter subscriber list for any purpose other than the purpose of using it to inform supporters of Radicle’s progress. Furthermore, as a Radicle newsletter subscriber and a contributor to the Radicle Community Matrix, you have the right to information, correction, limitation of data processing, deletion of personal data, objection, revocation of the declaration of consent under data protection law for the future and data transferability within the framework of the data protection law applicable to you and to the extent provided for therein (such as in the case of the GDPR). Please note that while the Foundation can delete your data from the Radicle Matrix homeserver, this does not apply to the data on Matrix servers run by others, including, potentially, the homeserver where you have your Matrix account.
In addition, you have the right to assert your claims in court or to file a complaint with the responsible data protection authority. Switzerland's competent data protection authority is the Federal Data Protection and Information Commissioner.
However, because of the Radicle Network’s peer-to-peer, gossip-based infrastructure, the deletion or editing of any contributions you make to your or other repositories on the Radicle Network and any personal data made available to the public in this regard (see above: Data in P2P and Blockchain Infrastructures) cannot be (fully) enforced. This is because Radicle Network is a decentralized network and it stores data committed to it around the world. The Foundation can only ensure your rights regarding data for which the Foundation qualifies as a controller (data processed by the Radicle Foundation – see above: How Personal Data is Used).
The Radicle blog [radicle.blog] is maintained on a voluntary basis by the Radicle Foundation. The Foundation is registered in the canton of Zug, Switzerland, under the commercial register number CHE405.696.942 [CHE-405.696.942 MWST]. The Foundation’s registered office is located at: