48 Data Breaches & Incident Management contracts
Content Removal Policies Github Private Information Removal Policy (GitHub)
OpenLegalLibrary
This document outlines a company's policy and process for requesting the removal of private information from its platform. It specifically addresses high-risk content that poses a security threat, such as exposed access credentials. The policy details what constitutes private information for removal, appropriate request types, and the steps involved for both the requesting party and the content poster.
Acceptable Use Policies Github Active Malware Or Exploits (GitHub)
OpenLegalLibrary
This document outlines GitHub's policy regarding the use of its platform for active malware or exploits. It clarifies that while malicious attacks are prohibited, security research into vulnerabilities and exploits is generally permitted due to its educational value. The policy also details how GitHub handles instances of widespread abuse of dual-use content, including temporary restrictions and an appeals process.
Security Index (Basecamp)
OpenLegalLibrary
This document provides an overview of a company's security practices, outlining how customer data is protected through encryption, redundancy, and physical security measures. It details the infrastructure, monitoring, and incident response protocols in place to ensure data integrity and confidentiality.
Security Response (Basecamp)
OpenLegalLibrary
This document outlines the process for reporting security vulnerabilities and account attacks related to the company's products. It provides instructions for customers experiencing an attack and for security researchers discovering flaws, directing them to a bug bounty program. The policy also details how the company tracks, investigates, and discloses resolved security issues.
Security Policies Github Sirt Description Rfc 2350 (GitHub)
OpenLegalLibrary
This document outlines the mission, contact information, policies, and services of a company's Computer Security Incident Response Team (CSIRT), following RFC 2350. It details how the team handles security incidents, communicates with stakeholders, and protects the company's and its users' data. It also provides guidance for reporting vulnerabilities and seeking support.
Privacy Policy (Denmark) by Seedsummit
OpenLegalLibrary
This document is a comprehensive policy on personal data protection, outlining how a company handles the collection, use, and disclosure of personal data. It details basic principles for data processing in accordance with the EU General Data Protection Regulation (GDPR), including data minimization, accuracy, and security. The policy also covers duties to inform data subjects, rules for using data processors, procedures for data breaches, and the role of an IT systems administration.
Privacy Policy (UK) by Seedsummit
OpenLegalLibrary
This Privacy Policy template outlines how a company collects, processes, stores, and shares personal data from its users. It details the purposes for data collection, who the data might be shared with, and the rights individuals have concerning their personal information under data protection laws. This document is designed to help a company comply with privacy regulations.
Security Policies Coordinated Disclosure Of Security Vulnerabilities (GitHub)
OpenLegalLibrary
This document outlines a company's policy for the coordinated disclosure of security vulnerabilities. It encourages security researchers to report any discovered bugs through a structured process, offering a bug bounty program with monetary rewards for their efforts. It also references a legal safe harbor policy for researchers.
Content Removal Policies Github Private Information Removal Policy (GitHub)
GitLaw Import Account
This document outlines GitHub's policy and process for removing private, high-risk information, such as exposed access credentials or sensitive personal data, from its repositories. It details what qualifies as "private information" and guides users on how to submit a removal request, including the necessary information and the steps GitHub will take. The policy also clarifies what types of content are not covered by this specific removal process.
Security Policies Coordinated Disclosure Of Security Vulnerabilities (GitHub)
GitLaw Import Account