-
Notifications
You must be signed in to change notification settings - Fork 84
Incident Response Plan
The purpose of the policy is to establish the goals for the breach response process. This document is intended for compliance for the Incident response plan on the GitHub Marketplace.
This policy mandates that any individual who suspects that a theft, breach or exposure of sensitive data has occurred must immediately provide a description of what occurred via e-mail to [hamelsmu at github dot com] and [inc0 at github dot com] or by filing an issue in this repo. This team will investigate all reported thefts, data breaches, and exposures. If theft, breach or exposure has occurred, the Information Security Administrator will follow the appropriate procedure in place.
This policy applies to all whom collect, access, maintain, distribute, process, protect, store, use, transmit, dispose of data related to Issue-Label-Bot.
Issue-Label bot only operates on public GitHub repositories in order to steer clear of sensitive data. However, at any time any user can request for any reason whatsoever that any data logged by the application be removed. At that time, our administrative staff will remove all data pertaining to that user, if exists.
We will remove all data within 72 hours from request.
No user-specific authentication is stored or collected by Issue Label Bot. The only information that is stored is:
- The titles and comments of issues that occur after installing the app.
- Reactions such as 👍 and 👎 made in the issue.
This data is only logged for repositories that are public at the time the issue is opened.