Free Disclaimer Generator for GitHub App — DPDPA Compliant

🇮🇳 Key DPDPA Requirements

India's Digital Personal Data Protection Act (DPDPA) 2023 is India's first comprehensive data protection law. It applies to processing of digital personal data within India and to processing outside India if it involves offering goods or services to individuals in India. Significant Data Fiduciaries face enhanced obligations, and the Data Protection Board can impose fines up to ₹250 crore.

• Obtain free, specific, informed, and unconditional consent before processing personal data
• Provide a clear and plain-language privacy notice before collecting data
• Process personal data only for specified lawful purposes
• Implement security safeguards and notify the Data Protection Board of breaches
• Honor data principal rights: access, correction, erasure, and grievance redressal
• Significant Data Fiduciaries must appoint a Data Protection Officer and conduct audits
• Parental consent required for processing data of children under 18

GitHub App — Specific Considerations

A Disclaimer for GitHub App businesses must specifically address the following considerations that are unique to this industry. Unlike generic templates, your policy needs to reflect how github app businesses actually collect and process data.

Data typically collected by GitHub App businesses: GitHub usernames and profile data, repository content and code (based on permissions), commit history and authorship data, pull request and issue content, organization membership data, webhook event data, installation and usage analytics

• GitHub App Marketplace privacy policy requirement
• Repository content access scope and confidentiality
• Minimum permission scope principle — request only necessary permissions
• Organization data and member information handling
• Webhook payload data retention policy
• Source code security — encryption at rest and access controls