CodeShip GDPR compliance

6 minute read

What is GDPR?

GDPR (General Data Protection Regulation) is an EU regulation that provides consumers more control over their personal data and how it’s used by companies. Part of GDPR focuses on the rights of the consumer and dictates specific rights, e.g right to be informed, right of access, right to erasure, etc. These rights concerns the consumer/user of a product or service, regardless of where that user’s data is captured, processed, or stored.

When it comes to processing, storing, etc. there are two roles that a company can have under GDPR: controller and processor (also covers sub-processors). The controller decides what personal data is captured, while the processor handles personal data on behalf of a controller. Every entity that’s involved in capturing or processing the personal data needs to be compliant.

In the context of GDPR, CodeShip is only a controller and not a processor. The next two sections will provide more detail on CodeShip in the context of each role.

CodeShip Is Not A Processor

To be considered a processor under GDPR, we would have to store or process personal information from your users or customers, on your behalf. Since we only work with your source code, which shouldn’t contain any personal information, we do not fall into the category of processors. To help clarify this, we’ll provide more detail on how source code is handled and what to do if you use personal data in your testing.

Your source code

For every build that is run on CodeShip (CloudBees CodeShip Basic or CloudBees CodeShip Pro) we will connect to the repository and use your source code along with other artifacts as part of the build process. Once the build is complete, the build machine along with its content is destroyed and replaced with a new clean machine on the next build.

We cache dependencies between builds, so if you include a custom package or save data in the cache folder, that will be persisted and stored on CodeShip infrastructure. Since we cannot fully control what is cached, or easily access cached data, it will be up to you to ensure that no personal data, or other sensitive information, ends up being cached.

In some circumstances, as mentioned on the Security page, our support team is able to see the code that is checked out from your SCM, but only in a debug scenario where you’ve reported an issue.

Your Customers’ Data

Although CodeShip runs databases, servers, and scripts on your behalf, we don’t expect you to include any personal information in the data that is used or stored for you. If you use personal information for testing purposes (e.g. name, usernames, email addresses of actual people) you should ensure that this data is not persisted. As mentioned above, data written to the caching folder will be persisted, but you should also ensure logging output is free from personal information as these are also persisted.

The best approach to avoid any issues around personal information, is to always use fake names, email addresses, etc. If you use a data-dump from a production system as test data input, make sure to fully anonymize it so that nothing can be traced back to a specific individual.

Purging Data

Should you find that you have personal information in e.g. log output or cached data, please reach out so we can help you purge the data from our systems.

CodeShip As A Controller

As a controller in the context of GDPR, we are very cognizant of what data we store about our users and how we can best protect your privacy.

Personal Data We Need to Store

For us to be able to deliver a service, as well as live up to other regulator requirements such as SOC2, there is certain personal information that we need to store and will not be able to later remove.

We will capture and store the following data that contain personal information:

  • Commit messages

    • these usually contain a username and email, and sometimes full name as well

  • User profile

    • when you sign up, we need to know your name, email, and git username(s) for you to make use of CodeShip

  • OAuth access

    • in case you authenticate via GitHub, Bitbucket, or GitLab, we will store the OAuth token that is provided to us along with information like username, etc.

Aside from the above, we will also store the results of some of your actions, e.g. "John restarted build 345DG3AE" to be able to provide a record of who triggered certain events.

Deleting Your User

If you no longer want to use CodeShip, you can delete your user on the Personal Settings page. This will not actually remove your information (we’re obligated to keep it to be able to prove that the account existed) but we will delete any OAuth token that we have on file, and make sure it will no longer be possible to authenticate as that user.

Other Data That We Use

As part of running the CodeShip infrastructure, we use a few monitoring and error capturing tools. Errors may occasionally contain personal information, such as a username, name, or email, but will never contain anything more sensitive than that. We also have a 30 day data retention policy in place for the tools, so anything older than that will be deleted.

Another service that we use, which captures personal information on some users, is ProfitWell. This is a service that monitors payments and credit cards, and will proactively reach out to users whose credit card is about to expire. It also provides the ability to update payment information without being a CodeShip user, which is very convenient for finance who pays the bills but has no need for an actual account.

Optional Data Capturing

When it comes to data that is not strictly necessary for us to provide you with a CI/CD service, we believe you should be in full control.

We would like to be able to capture how you use CodeShip, what tech-stack you use, how much you use different parts of CodeShip etc., to learn more about how CodeShip is used and how we can improve it. But as this is not strictly needed, we will explicitly ask you for your consent before enabling any of the tools we use.

In the future, we would also like to be more proactive in helping you improve your own workflow, e.g. by providing you with help or updates that relate to how you’re using CodeShip, instead of alerting you about every small update that may not be relevant. We would use the same behavioral data captured to improve CodeShip, to help us help you.

When allowing us to capture how you use CodeShip, we will enable the following services:

  • Segment (a data hub that sends data to our data warehouse)

If you do opt in, but change your mind, you can easily opt out again via your Personal Settings page. Likewise, you can easily opt in on the same page, and help us improve CodeShip.

Exercising Your Rights

Any CodeShip user can request any of the following:

  • Right to Erasure: have all personal information removed from CodeShip and any third-party system or service where it may exist

    • Note: this applies only to data collected as part of the optional data capture, as we’re legally obligated to keep records of who has used the system

  • Right of Access: receive a copy of the personal data captured by CodeShip as well as a list of other data profiles that may exist (e.g. from having opted in to the optional data capturing)

  • Right of Rectification: correct personal data that is incorrectly stored by CodeShip or other services

  • Right to Restrict Processing: disallow CodeShip from using any optionally captured data for profiling or other analysis (data will still be captured)

  • Right to Portability: receive a JSON version of the Right to Access document

    • Note: as CodeShip isn’t a personal service, project configuration etc. is not included here, but can be exported via the API

  • Right to Object: if you’re not satisfied with how we capture data, respond to your requests, or otherwise comply with GDPR you can object to any outcome

  • Right not to be subject to automated decision-making including profiling: to avoid being included in profiling etc., do not opt in to the optional data capturing

In all cases, if you want to make a request, have questions, or objections please contact support@cloudbees.com.

We don’t limit this to just EU citizens, as we think everyone should have the same rights regardless of where they are located.