
Is Git Compliant with GDPR? - st_goliath
https://public-inbox.org/git/CAAF2pWYNbZF5fqZVuakTmAguK7End3nFbRgfT=mRXFfmgD9LNA@mail.gmail.com/
======
mytailorisrich
> _But if the aforementioned interpretation was assumed, the git authors could
> be held responsible for non-compliance._

No. The Git authors do not collect, control, or process personal data. They
don't even have these data.

Any personal data contained in a Git repo are controlled by whomever owns the
repo. Git is just the software tool.

Considering how specialised Git is, I think it is fair to assume that anyone
that configures their real name and email address in Git know what they are
doing and what it is used for, which is to identify them as author of a
commit, and they do it voluntarily.

To me it does not seem different from sending an email to someone or to a
distribution list: The sender provided their name and email address to the
recipient(s). This is used to identify the sender, but that does not give the
recipient(s) to do more than that with the data. And when someone configures
their email account they understand what the purpose of inputting their name
is.

On the other hand, if someone want to use these data for another, additional
purpose they would require specific consent.

~~~
rovr138
Git asks for Name and Email to do it’s job. That’s allowed under GDPR. It’s
voluntary which is what GDPR requires.

You don’t have to share it (push to a remote). If you do, that’s a decision
you made. The person who has that data then is not the authors of Git but
whoever owns the remote.

