Privacy Statement for the Fedora Project
Scope of This Notice
This Privacy Statement is intended to describe the Fedora Project's privacy practices and provide information about the choices you have regarding the ways in which information collected by the Fedora Project is used and disclosed. For convenience, the Fedora Project is referred to in this document as "Fedora".
Our Commitment to Privacy
At Fedora, your privacy is important to us. To better protect your privacy, we have provided this Statement explaining our information practices and the choices you can make about the way your personal information is collected, used and disclosed. To make this Statement easy to find, we have made it available on our homepage and at every location where personally-identifiable information may be requested.
The Information We Collect
This Privacy Statement applies to all information collected by or submitted to Fedora, including personal information. "Personal information" is data that reasonably can be used to identify or describe an individual.
Fedora collects personal information when:
- you create an account in the Fedora Account System (hereinafter "Fedora Account");
- you participate in surveys and evaluations;
- you participate in promotions, contests or giveaways;
- you submit questions or comments to us.
Information Collected in Person
Fedora may also collect personal information from individuals (with their consent) at conventions, trade shows and expositions. The types of personal information collected may include (but are not limited to):
- your first and last name;
- your title and your company's name;
- your home, billing, or other physical address (including street name, name of a city or town, state/province);
- your country code;
- your e-mail address;
- your telephone number;
- any other identifier that permits Fedora to make physical or online contact with you;
- any information that Fedora collects online from you and maintains in association with your Fedora Account, such as:
- your Fedora Account password,
- your GPG key ID,
- your SSH public key,
- your IRC nickname,
- your language preference,
- your timezone,
- your geographic coordinates (longitude/latitude),
- your affiliation(s).
Publicly Available Personal Information
In keeping with the open nature and spirit of Fedora, some personal information attached to your Fedora Account is made public by default ("Publicly Available Personal Information"). Specifically:
- your first and last name;
- your country code;
- your email address;
- your language preference;
- your SSH public key;
- your timezone;
- your GPG key ID (if defined);
- your IRC nickname (if defined);
- your geographic coordinates (if defined);
- your affiliations (if defined).
If you wish for this information to be kept private, you can opt-out of displaying this information publicly in your Fedora Account preferences. If you choose to opt-out, Fedora will still have access to this information, but it will not be displayed to others, and will be considered private. The only exception to this is for your email address, which may still be visible in some Fedora services such as Bugzilla.
Using Your Personal Information
Fedora uses the personal information you provide to:
- create and maintain your Fedora Account;
- answer your questions;
- send you information;
- conduct research activities, including the production of statistical reports (such aggregated information is not used to contact the subjects of the report);
- send you surveys.
We also use this personal information to provide you with information related to your Fedora Account and the products or services you acquire from us, to better understand your needs and interests, to improve our service, and to personalize communications.
Sharing Your Personal Information
While Fedora intends to protect your personal information, we may disclose personally identifiable information about you to third parties in limited circumstances, including:
- where you have consented to such disclosure. Please note that Publicly Available Personal Information provided to Fedora is openly available unless the Fedora Account holder opts-out (as already described in this Privacy Statement).
- as required to provide services and e-mail housing (as a consequence of uses already described in this Privacy Statement).
- as required by law, such as responding to a valid subpoena, warrant, audit, or other judicial or administrative order, or to prevent fraud
- for research activities, including the production of statistical reports (such aggregated information is used to describe our services and is not used to contact the subjects of the report).
If we are required by law to disclose the personal information that you have submitted to Fedora, we will attempt to provide you with prior notice (unless we are prohibited or it would be futile) that a request for your information has been made in order to give you an opportunity to object to the disclosure. We will attempt to provide this notice by email, if you have given us an email address, or by postal mail if you have entered a postal address. If you do not challenge the disclosure request, we may be legally required to turn over your information.
In addition, we will independently object to requests for access to information about users of our software and services that we believe to be improper.
To date, Fedora has never received a National Security Letter, FISA order, or any other classified request for personal information.
Your Choices About Receiving E-Mail
Fedora may send you e-mail about your Fedora Account, to inform you of important upcoming Fedora events (e.g. elections), or in response to your questions. For your protection, Fedora may contact you in the event that we find an issue that requires your immediate attention.
Cookies and Other Browser Information
- Remind us of who you are and to access your Fedora Account information (stored on our computers) in order to provide a better and more personalized service. This cookie is set when you register or "sign in" and is modified when you "sign out" of our services.
- Estimate audience size. Each browser accessing Fedora is given a unique cookie that is used to determine the extent of repeat usage and usage by a registered user versus by an unregistered user.
- Measure certain traffic patterns, which areas of Fedora's network of websites you have visited, and your visiting patterns in the aggregate. We use this research to understand how our user's habits are similar or different from one another so that we can make each new experience on fedoraproject.org a better one. We may use this information to better personalize the content, banners, and promotions you and other users will see on our sites.
The user agent string of browsers packaged in the operating system Fedora offers are configured to identify the browser as being on that operating system ("Fedora").
Anonymous Unique ID
Fedora sometimes collects data using unique UUID signatures. These UUID strings are anonymous labels which are intended to be unique for each installation of the Fedora operating system software. This string is used to produce a more accurate count of the number of computers running the operating system software Fedora provides, and to record the version and variant used. This UUID signature is not related to users or their personal information, and is not used to track systems, only to count them. The UUID signature is stored in
/etc/fedora-uuid. If you wish to disable the UUID signature reporting, you may simply remove or edit this file.
Fedora's online services automatically capture IP addresses. We use IP addresses to:
- Help diagnose problems with our servers
- Administer our website
- Defend against malicious behavior
- Research and report usage and traffic based on anonymized statistics
- Help ensure the security of your interaction with our services
Fedora records logs of all IP addresses which access our online services. These logs are retained for a maximum of 5 years.
We may use your IP address to identify your location to customize the services you receive. Fedora uses geolocation services as part of the installation and normal operation of the Fedora operating system, as well as in some of our online services. Fedora does not keep any logs of geolocation query results, however, because we retain IP address access logs, we generate graphical heat maps displayed against a world map. These heat maps do not contain IP addresses, and are used solely to illustrate rough estimations of where Fedora services are accessed.
We use geolocation services within the Fedora operating system to provide an appropriate localization and time settings for your computer. If you do not wish to use geolocation services, you may disable them on a per application basis. Fedora has enabled geolocation in the following applications:
- The Fedora installer (anaconda) uses geolocation. To disable it, pass the following option at the beginning of the installation process:
- The GNOME Date and Time applet uses geolocation. To disable it, go to the GNOME settings application, then Date & Time. Set "Automatic Time Zone" to off.
There may be other applications within the Fedora repositories which perform geolocation operations. For more information, including how to enable or disable geolocation, you should refer to the specific documentation for these applications.
Crash and error data
Some of the software Fedora provides can be configured to automatically submit information in the event of an error or crash, in the form of a report. We do not collect this data without your express approval.
Every effort is taken to minimize the risk that bug or crash information reported to Fedora contains personal data. However, because of the nature of bug reporting, it is possible that crash dumps or other debugging data may contain personal data. Our tools provide the ability to remove such data before you send the report. Fedora strongly advises users to take extreme care when submitting data reports via error/crash reporting software, as it may be impractical or impossible for us to remove personal data from these reports once they are submitted.
We use this information to diagnose software issues, and to aggregate with information in other similar reports to prioritize activities. We do not correlate automatically submitted crash or error information with personal information.
Crash and error information submitted to Fedora is retained indefinitely.
Privacy of Information in Other Vendors' Software
Fedora provides open source software that originates with other vendors and that our contributors and participants package. For more information about the privacy policies governing such software, consult the vendor's site. In many cases this information may be accessible through the software itself, for instance in an "About" function.
Our Commitment to Data Security
Public Forums Reminder
Fedora often makes chat rooms, forums, mailing lists, message boards, and/or news groups available to its users. Please remember that any information that is disclosed in these areas becomes public information. Exercise caution when deciding to disclose your personal information. Although we value individual ideas and encourage free expression, Fedora reserves the right to take necessary action to preserve the integrity of these areas, such as removing any posting that is vulgar or inappropriate.
Our Commitment to Children's Online Privacy
Out of special concern for children's privacy, Fedora does not knowingly accept online personal information from children under the age of 13. Fedora does not knowingly allow children under the age of 13 to become registered members of our sites. Fedora does not knowingly collect or solicit personal information about children under 13.
In the event that Fedora ever decides to expand its intended site audience to include children under the age of 13, those specific web pages will, in accordance with the requirements of the Children's Online Privacy Protection Act (COPPA), be clearly identified and provide an explicit privacy notice addressed to children under 13. In addition, Fedora will provide an appropriate mechanism to obtain parental approval, allow parents to subsequently make changes to or request removal of their children's personal information, and provide access to any other information as required by law.
About Links to Other Sites
This site contains links to other sites. Fedora does not control the information collection of sites that can be reached through links from fedoraproject.org. If you have questions about the data collection procedures of linked sites, please contact those sites directly.
How to Access, Modify or Update Your Information
Fedora gives you the ability to access, modify or update your information at any time. You may log in and make changes to your login information (change your password), your contact information, your general preferences and your personalization settings. If necessary, you may also contact us and describe the changes you want made to the information you have previously provided.
If you wish to remove your personal information from Fedora, you may contact us and request that we remove this information from the Fedora Account System. Other locations where you may have used your personal information as an identifier (e.g. Bugzilla comments, list postings in the archives, wiki change history, and spec changelogs) will not be altered.
How to Contact Us
If you have any questions about any of these practices or Fedora's use of your personal information, please feel free to contact us by email, or by mail at:
Fedora Legal c/o Red Hat, Inc. 100 East Davie Street Raleigh, NC 27601
Fedora will work with you to resolve any concerns you may have about this Statement.
Changes to this Privacy Statement
Fedora reserves the right to change this policy from time to time. If we do make changes, the revised Privacy Statement will be posted on this site. A notice will be posted on our homepage for 30 days whenever this privacy statement is changed in a material way.
This Privacy Statement was last amended on March 17, 2015.