PostHog is an open source project and collaborative community, as well as a company. This means that many portions of our Websites, including information you voluntarily provide, will be public-facing for the open sharing of innovative developments, ideas, and information that makes our collaborative community so great. While we are committed to open sharing, we strive to respect the privacy of individual community members and will minimize the information we collect and share. If you do not want to share your information, including personally identifiable information, with other community members and the public, please be thoughtful as to how you interact with our Websites and what information you provide through the Websites (for example, through creating a public profile, project contributions, comments, and blog posts).
Oversight of Data Security is handled by PostHog's respective Data Protection Officers. Should you wish to make modifications, deletions, or additions to any personal data you believe to be captured by PostHog, or if you have any general security concerns, please contact us at firstname.lastname@example.org.
Like most website operators, PostHog collects basic non-personally-identifying information from Website visitors of the sort that web browsers and servers typically make available, such as the browser type, language preference, referring site, and the date and time of each visitor request. We collect this information to better understand how visitors use the Website, to improve our Websites and experience for visitors, and to monitor the security of the Websites. From time to time, PostHog may publicly release non-personally-identifying information collected from Website visitors in the aggregate, e.g., by publishing a report on trends in the usage of the Website.
PostHog also collects potentially personally-identifying information like Internet Protocol (IP) addresses from visitors. PostHog does not use such information to identify or track individual visitors, however. We collect this information to understand how visitors use the Websites, to improve performance and content, and to monitor the security of the Websites. For logged-in users to PostHog deployments, PostHog tracks potentially personally-identifiable user behavior on our application using our own software, to help us understand how to make the website more useful for different categories of user.
PostHog may collect statistics about the behavior of visitors to our Websites. For instance, PostHog may reveal how many downloads a particular version got using aggregated statistics that contain anonymous user information only.
PostHog collects information about usage from each self-managed PostHog instance (Community Edition and Enterprise Edition). It is possible to opt out of personally identifiable information being transferred, and for self-managed PostHog instances, we do not track your end users' at all. PostHog tracks the usage of these instances at an aggregate level - it is also possible to prevent this through modifiying the code, which is made available to you.
Visitors can always refuse to supply personally-identifying information, with the caveat that it may prevent you from engaging in certain Website-related activities or being able to access and use certain features and services.
For details about what information is collected and with whom it is shared, please go to Tech Stack Applications.
PostHog does not intentionally collect sensitive personal information, such as social security numbers, genetic data, health information, or religious information. Although PostHog does not request or intentionally collect any sensitive personal information, we realize that users might store this kind of information in a PostHog instance by pushing it to us through our libraries or API. If you store any sensitive personal information on PostHog’s servers, you are consenting to our storage of that information on our servers, which are located in the United States.
If you're a child under the age of 13, you may not have an account on the Website. PostHog does not knowingly collect information from or direct any of our Website or content specifically to children under 13. If we learn or have reason to suspect that a user is under the age of 13, we will close the child’s account.
Other countries may have different minimum age limits. If you are below the minimum age for providing consent for data collection in your country, you may not use PostHog.
Performance of a contract. The use of your information may be necessary to perform the contract that you have with us. For example, if you use our Websites to purchase PostHog product subscriptions or services, contribute to a project, create a profile, post and comment through our Websites, or request information through our Websites, we will use your information to carry out our obligation to complete and administer that contract or request.
Legitimate interests. We use your information for our legitimate interests, such as to provide you with the best content through our Websites and communications with users and the public, to improve and promote our products and services, and for administrative, security, fraud prevention and legal purposes.
PostHog only discloses potentially personally-identifying and personally-identifying information to those of its employees, contractors, and affiliated organizations that (i) need to know that information in order to process it on PostHog's behalf or to provide services available on the Website, and (ii) that have agreed not to disclose it to others.
Please note, email and IP addresses of users of a PostHog deployment may be shared with the respective users of that deployment.
PostHog will not rent or sell potentially personally-identifying and personally-identifying information to anyone. Other than to its employees, contractors, and affiliated organizations, as described above, PostHog discloses potentially personally-identifying and personally-identifying information only when required to do so by law, or when PostHog believes in good faith that disclosure is reasonably necessary to protect the property or rights of PostHog, third parties, or the public at large.
PostHog takes measures reasonably necessary to protect against the unauthorized access, use, alteration, or destruction of potentially personally-identifying and personally-identifying information.
The Website is hosted in the United States and information we collect will be stored and processed on our servers in the United States. Our employees, contractors and affiliated organizations that process information for us as described above may be located in the United States or in other countries outside of your home country; by using the Website, you consent to the international transfer of your information by PostHog.
If you are a registered user of the Websites and have supplied your email address, PostHog may occasionally send you an email to tell you about security, system information, new features, solicit your feedback, or just keep you up to date with what's going on with PostHog and our products. We primarily use our blog to communicate this type of information, so we expect to keep this type of email to a minimum. There's an unsubscribe link located at the bottom of each of the marketing emails we send you so you can stop receiving such emails at any time.
If you send us a request (for example via a support email or via one of our feedback mechanisms), we reserve the right to publish your request in order to help us clarify or respond to your request or to help us support other users. We will not publish your personally-identifiable information in connection with your request.
We may use third party tracking services, but we don’t use these services to track you individually or collect your personally identifiable-information. We may use these services to collect information about how the Website performs and how users navigate through and use the Website so we can monitor and improve our content and Website performance.
Third party tracking services gather certain simple, non-personally identifying information over time, such as your IP address, browser type, internet service provider, referring and exit pages, timestamp, and similar data about your use of the Website. We do not link this information to any of your personal information such as your user name.
"Do Not Track" is a privacy preference you can set in your browser if you do not want online services to collect and share certain kinds of information about your online activity from third party tracking services. PostHog does not track your online browsing activity on other online services over time and we do not permit third-party services to track your activity on our site beyond our basic tracking, which you may opt out of. Because we do not share this kind of data with third party services or permit this kind of third party data collection for any of our users, and we do not track our users on third-party websites ourselves, we do not need to respond differently to an individual browser's Do Not Track setting.
- provide clear methods of unambiguous, informed consent when we do collect your personal information;
- only collect the minimum amount of personal data necessary for the purpose it is collected for, unless you choose to provide us more;
- offer you simple methods of accessing, correcting, or deleting your information that we have collected, with the exception of information you voluntarily provide that is necessary to retain as is for the integrity of our project code as described further below; and
- provide Website users notice, choice, accountability, security, and access, and we limit the purpose for processing. We also provide our users a method of recourse and enforcement.
If you are located in the European Union, you are entitled to the following rights with regard to your personal information and data:
- Right of access to your personal data, to know what information about you we hold
- Right to correct any incorrect or incomplete personal data about yourself that we hold
- Right to restrict/suspend our processing of your personal data
- Right to complain to a supervisory authority if you believe your privacy rights are being violated
Additional rights that may apply to you in certain instances:
- Right of data portability (if our processing is based on consent and automated means)
- Right to withdraw consent at any time (if processing is based on consent)
- Right to object to processing (if processing is based on legitimate interests)
- Right to object to processing of personal data for direct marketing purposes
- Right of erasure of your personal data from our system (“right to be forgotten”) if certain grounds are met
If you already have an account on the Websites, you may access, update, alter, or delete your basic user profile information by logging into your account and updating profile settings.
PostHog will retain your information for as long as your account is active or as needed to perform our contractual obligations, provide you services through the Website, to comply with legal obligations, resolve disputes, preserve legal rights, or enforce our agreements.
If you have questions or concerns about the way we are handling your information, or would like to exercise your privacy rights, please email us with the subject line "Privacy Concern" at email@example.com.
We will respond within 30 days of receiving your message at the latest but please note for promptest response, we recommend emailing us.
Credit to GitLab for the initial wording of the above policy.