Security & Privacy

Do you ingest our source code? What data does Multitudes get?

No, our app does not ingest your codebase – instead, we look at code metadata from GitHub. This metadata includes information about pull requests (such as when they were created, who the author was, commits made on the pull request, number of lines changed, etc.) and about comments (including comments written on pull requests and reviews submitted). We also pull in the contents of comments and reviews. When you set up the GitHub installation, you can see the full list of permissions that Multitudes requests.

Multitudes also gets some data from teams about the team structure, e.g., which teams people are on, their roles, and their seniority levels.

How safe is our data?

We keep your data secure by using the latest cloud technologies and security principles. All data is encrypted at rest and in transit, with strict access control as to who can see what data. We only store the minimum data that we need to provide insights for you and your team.

For more information, check out our Security page.

How will this protect the privacy of GitHub users and my team?

Most of the data that Multitudes shows is already visible to team members; Multitudes aggregates the information and shows it in new ways.

Multitudes may show individual insights about Collaboration and Wellbeing because those insights are useful for supporting individuals. However, Multitudes limits the detail it shows about performance by aggregating this data so it’s not shown by individual. This is because PRs are a team sport, so it’s important to focus on team performance over individual performance. We do this both to protect the privacy of individuals and to discourage users from making reductive decisions using Multitudes (since Multitudes is only one measure of a team member's contributions to a team).

For more information, please see the latest privacy policy on the Multitudes website here.

Can I (as an individual team member) opt out? 

Yes, you can. Just email and we’ll take care of that for you. If you opt out, we won’t show your individual data in the Multitudes app and you’ll no longer have access to the app.

For teams where one person wants to opt out, we do recommend that the whole team have a conversation about whether they should be using Multitudes. Our goal is to support team collaboration, and so we think it's best that the team make a unified decision about whether or not to use our product.

What will you do with our data if we cancel our plan?

If your organization cancels your plan, we will keep your data for 30 days. After that, we will delete all data for your organization. 

Can’t find what you are looking for?

Contact us