GitHub Data
If you are simply authenticating with GitHub, we only see basic profile information, such as your email address and name.
If you are creating an organization, we use data from GitHub to create your organization and help you onboard your team members.
We never read, transmit, or store source code. Our Git integrations only collect metadata about your organization’s activity. We request minimum permissions and use read-only API calls to analyze Git metadata. Additionally, we are fully SOC 2 compliant and partner with Drata to monitor our security posture.
When you connect GitHub to create a team, you will see a list of your organizations. When you select a GitHub organization, we create an organization in Software with the same name.
If you don’t see your organization, your organization may have OAuth App access restrictions. To continue creating a Software organization, request or grant the application for use in your organization. You can read more here.
When you connect GitHub, we view basic information about your organizations, including:
- Organization name
- Organization member names and emails (if public)
- Repository names
- Timezone
We use this information to create your organization and identify projects related to your team. We do not automatically invite anyone on your team. You must select specific team members to invite.