Data ProtectionImpact Assessment
Alion operates a developer discovery and public-portfolio indexing service. Because we index publicly available professional artifacts at scale and use machine-assisted analysis to suggest matches between developers and openings, we voluntarily maintain a Data Protection Impact Assessment and publish this summary so that data subjects, employers, regulators and journalists can understand what we do and why it is low-risk.
This summary is informational. It does not replace our Privacy Policy, Terms of Service, Legitimate Interest Assessment or Record of Processing Activities, all of which are available on this Site.
Alion is a discovery tool that helps developers showcase their public work. We index publicly available professional artifacts - public Git repositories, public package registries and public model hubs - and let developers claim, edit, hide or permanently delete the auto-generated portfolio we built from their public work.
We do not score candidates for hiring purposes, we do not perform automated decision-making within the meaning of GDPR Article 22, and we do not make any decision that produces legal or similarly significant effects on a person. Suggestions surfaced to employers are non-binding match hints based on public artifacts. Any hiring decision is taken by a human employer outside our platform.
Categories of data subjects: software engineers, machine-learning engineers and other technical professionals who have published professional artifacts in public repositories under their own name or pseudonym.
Categories of personal data: public username, public display name (if voluntarily published), public commit email (when published by the author in public commits), counts and metadata of public repositories, packages and models, declared languages and topics. We do not collect special categories of personal data (GDPR Art. 9) and we do not collect data about criminal convictions.
Sources: public APIs and public web pages of source platforms (Git hosting providers, package registries, model hubs). We honour robots.txt, rate limits and the published terms of use of those platforms.
Purpose: to enable developers to discover and claim an auto-generated public portfolio built from their own publicly published professional work, and to enable employers to discover such public portfolios.
Legal basis: legitimate interest under GDPR Article 6(1)(f), balanced against the rights and freedoms of data subjects in our Legitimate Interest Assessment. Public commit email addresses are used solely to send a single transactional notification inviting the author to view, claim or permanently delete the auto-generated portfolio. They are not used for marketing, advertising or product promotion.
Data minimisation: we collect only the public metadata necessary to build a representative portfolio. Email addresses are stored only as long as needed to deliver the single invitation, then either replaced by an irreversible hash (for the do-not-re-index registry) or permanently deleted.
Retention: an unclaimed auto-generated portfolio is permanently deleted within thirty (30) days of indexing if the data subject does not act on the invitation. Permanent deletion includes the removal of identifiers from operational databases and the addition of an irreversible hash to a do-not-re-index registry so that the same person is not re-indexed in the future.
Transparency: every recipient of an invitation receives, in the same message, a one-click link to view what we hold about them and a one-click link to permanently delete that data without any authentication or further action.
Risk: a data subject is unaware that their public artifacts have been indexed. Mitigation: a public lookup endpoint allows any person to check whether they are indexed and to request erasure with a single click, without registration.
Risk: change-of-purpose for data originally published for a different reason. Mitigation: the only purpose for which we use a public commit email is a single transactional invitation related to the data subject's own auto-generated portfolio; no marketing, no resale, no third-party transfer.
Risk: perceived profiling or scoring. Mitigation: we do not produce, store or expose any score that ranks the value of a person as a candidate. We expose only structured facts about public artifacts (repositories, packages, models, languages) and leave any evaluation to the human employer.
Risk: cross-border transfers. Mitigation: data are stored in the European Union by default; transfers outside the EEA, where they occur, rely on Standard Contractual Clauses or equivalent safeguards.
Risk: shadow profiles persisting indefinitely. Mitigation: hard time-to-live of thirty (30) days for unclaimed portfolios with physical deletion (not deactivation) and audit logging of the deletion event.
Every data subject has the right to access, correct, port, restrict, object to and erase the personal data we hold about them. These rights can be exercised at our Data Subject Requests page, which does not require an account. Requests are answered within thirty (30) days.
Recipients of invitations can trigger immediate, irreversible deletion via a one-click link in the invitation email or via the public erasure endpoint, with no authentication required.
This DPIA summary is reviewed at least annually and whenever there is a material change in the nature, scope, context or purposes of the processing. Updates are reflected on this page.
