Privacy Policy

Last updated on March 28, 2023

Infield believes in the importance of thoughtfully handling personal information and is committed to privacy practices that are transparent and compliant. This Privacy Policy sets out how Infield uses the personal information we collect and receive from you.

Types of Personal Information

Infield collects personal information in support of its service to help developers manage their open source dependencies. This personal information is collected through a variety of ways. For example, we may collect personal information when you visit our website at or use our software whether downloaded or accessed through a cloud-based service. We also collect personal information when you attend an Infield hosted or sponsored event. We may receive your personal information if you are an Infield supplier or partner. We may also receive your information from third party partners. If you have other agreements with Infield, then those agreements control with regard to the subject matter they cover.

The type of information we collect will depend on your interactions with Infield. It may include:

Contact and login Information. Name, employer, title, email address, physical address, phone number, and similar contact info, usernames and passwords.

Payment Information. Credit card number, banking information, billing contact (name, address, phone number) and/or billing address.

Usage and Geographic Data. Infield may collect personal information related to your use of our products, services and websites. We analyze that usage data so that we can improve our products and your experience with them. In certain instances, Infield allows you to use administrative tools to opt out of the collection of some usage data.

Usage data may include information about your computer's or mobile device's operating system and browser type; your device type; details about how you are using our products (including natural language queries); view your Internet Protocol (IP) address, and geographic areas derived from your IP address; networking connection data; Infield cookie information; file information; metadata; time stamped logs regarding access times and duration of visits; the websites you visited before coming to Infield websites; and other usage data relating to your activities on our Sites, including the pages you request.

Third Party Data. We may receive your personal information from third party suppliers or partners. If you connect with Infield accounts on third party social networking sites, we may receive information about your social networking accounts, for example, your name, user name or display name, public profile, and email address. We may combine information you provide with data we collect automatically and with data we receive from third parties. Certain third parties, including analytics companies, advertisers and ad networks, may automatically collect information about you through our websites using cookies, Web beacons, and device identifiers, including personal information about your online activities over time and across different websites, devices, online channels and applications.

You may decline to provide your personal information or ask us to delete it at any time.

Ways we Use Personal Information

We use the personal information we collect for the purposes described in this Privacy Policy, as covered in any agreement that incorporates this Policy, or as disclosed to you in connection with our websites. For example, we will use your information to:

Provide and deliver products or services, including software updates; Operate and improve our operations, systems, products, and services; Understand you and your preferences to enhance your experience; Respond to your comments and questions and provide customer service; Provide service and support, such as sending confirmations, invoices, technical notices, updates, security alerts, and administrative messages and providing customer support and troubleshooting; Communicate with you about products and services offered by Infield; Enforce our terms and conditions or protect our business, partners, or users; or

Protect against, investigate, and deter fraudulent, unauthorized, or illegal activity

Reasons for Using Your Information

When we process your personal information we will only do so where at least one of the following applies:

We need to use your personal information to perform our responsibilities under our contract with you and to provide you with tools and services; We have a legitimate reason to collect and use your personal information. For example, it is in our legitimate interests to use usage data including your personal information to improve our products and services; to tell you about changes to this Privacy Policy and other policies; to tell you about new products, services and events or changes to our products, services or websites. You have given consent to use your personal information. You may withdraw consent by "opting out" where we give you the opportunity to do so, or by contacting us using the contact details below.

If it is necessary for us to use your personal information in order to comply with a legal or regulatory requirement; or

You have chosen to make the information public. You should not share any personal information with us which you wish to keep confidential or private.

Sharing of Personal Information

Infield strives to keep your personal information confidential and secure, and will never sell your personal data. In some circumstances Infield may share your information with third parties, for example:

If you connect to your third party accounts through our products, we will use that information to authenticate you, enumerate the data sources available to you, download any data you request us to, and download and refresh authentication tokens or persist authentication information such as user names and passwords as necessary to continue to connect to these data;

We will disclose your personal information to comply with legal requirements, for example, in response to a court order or a subpoena. We also may disclose your personal information in response to a law enforcement agency's request, or where we believe it is necessary to investigate, verify, prevent, enforce compliance with, or take action regarding illegal or suspected illegal activities; suspected fraud; situations involving potential threats to the physical safety of any person; protection of the rights and property of Infield, our agents, customers, or others; violations or suspected violations of our agreements and policies; or as otherwise required or permitted by law or consistent with legal requirements;

We transfer or disclose your personal information for corporate reasons. For example, to third parties in connection with or during negotiation of any merger, financing, acquisition, bankruptcy or similar transaction. We may also share personal information with our auditors, attorneys or other advisors solely to the extent necessary in connection with corporate functions; and

Storage and Security of Your Personal Information

We have reasonable and appropriate physical, electronic, and managerial procedures in place to help safeguard your personal information. However, you should know that no company, including Infield, can fully eliminate security risks associated with personal information. To help protect yourself, use a strong password, do not use the same passwords to access your Infield accounts that you use with other accounts or services, and protect your usernames and passwords to help prevent others from accessing your accounts and services.

In certain circumstances we may retain your personal information after you have closed your account or are no longer actively engaged with Infield. For example:

We may retain your personal information in order to protect our legal rights, or those of third parties, or to comply with the law; and

We may retain personal information about how you have used our products and services in order to improve and develop our business.

If you purchase products or services from us, we may retain your personal information for as long as we need to in order to provide you with customer service, or for compliance purposes, for example, in order to comply with our record keeping requirements.

Infield may also use and share aggregated, anonymized, non-personally identifiable data for research and marketing purposes.

Controlling your Personal Information

Our marketing emails permit you to "opt-out" of receiving further marketing emails. You may contact us at any time to let us know that you no longer wish to receive further marketing emails. If you opt-out, we may still send you transactional emails. Transactional emails include emails about your accounts and our business dealings with you, including alerts, notifications, and billing updates.

When you use our websites, you can usually choose to set your browser to remove cookies and to reject cookies from our servers. If you choose to remove or reject cookies, this could affect certain features or services of our websites. For information about how to remove or manage cookies please read our cookie policy.

You may have the right, depending on which country you reside in, to ask us to provide a copy of the personal information we hold about you (provided that we may ask you for proof of your identity). You may also have the right to ask us to correct any inaccuracies in your personal information or to ask us to delete it. We will consider these requests regardless of where you live.

In addition, if you are based in Europe and accessing our Sites, then you also have the right to ask us to:

Confirm whether or not personal information about you is being processed; Provide you with details about how we process your personal information; Consider your valid objection to the processing of your personal information (including the right to object to processing on grounds relating to your particular situation where we are relying on our legitimate interests as a legal basis for processing your personal information); Update or delete personal information which we hold about you; Restrict the way we process your personal information; Consider your valid request to transfer your personal information to a third party provider of services (data portability); and ask us to treat your consent as withdrawn if you have previously provided us with consent to process your personal information and we rely on it as our legal basis for processing.

Rights of Certain California Residents

The California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide certain California residents with the additional rights listed below.

Right to Access. You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:
- The categories of personal information we collected about you,
- The categories of sources for the personal information we collected about you,
- Our business or commercial purpose for collecting that personal information,
- The categories of third parties with whom we share that personal information, and
- The specific pieces of personal information we collected about you (which will also allow you to exercise your data portability right).

Data Portability Right. You have the right to request that we provide you with access to the information above (under Right to Access) in a readily useable format that allows you to transmit (i.e., port) the information to another entity without hindrance. If you make a request under your right to request access, you will receive access to your information in a readily useable format.

Right to Delete. You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies. You must contact the applicable business customers directly to delete your information that they have in their systems.

We may deny your deletion request or not delete some of your personal information, if retaining the information is necessary for us or our service provider(s) to:

Complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you.

Detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities.

Debug products to identify and repair errors that impair existing intended functionality.

Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law.

Comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.).

Engage in public or peer-reviewed scientific, historical, or statistical research in the public interest that adheres to all other applicable ethics and privacy laws, when the information's deletion may likely render impossible or seriously impair the research's achievement, if you previously provided informed consent.

Enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us.

Comply with a legal obligation.

Make other internal and lawful uses of that information that are compatible with the context in which you provided it.

We may also limit our deletion to the extent permitted by applicable law.

You have the right to request that inaccurate personal information that we hold about you be corrected.

Right to restrict the use and disclosure of your sensitive information. You have the right to request that we limit our use and disclosure of your sensitive personal information. We currently do not request or retain any sensitive personal information from our customers.

Categories of Personal Data collected by Infield. For more details on how we use the Personal Data, who we disclose it to for a business purpose, and how long we keep it for, please see the sections “Categories of Sources”, “Disclosure of Personal Data”, and “Data Retention” set forth above.

Categories of Personal Data disclosed for a business purpose. You have the right to request that we limit our use and disclosure of your sensitive personal information. We currently do not request or retain any sensitive personal information from our customers.

Exercising Your Rights. To exercise your rights, please contact us as follows:
Email us at and provide the following information:
- Full name and email address associated with your use of our Services, and
- Your specific request (e.g., right to access, right to portability, right to update or right to delete).

We will attempt to respond to a consumer request for access or deletion within 45 days of receiving that request. If we require more time, we will inform you of the reason and extension period in writing. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may only make a verifiable consumer request for access or data portability twice within a 12-month period.

Cookies and Web Beacons

Our websites may use various software technologies including “cookies,” “web beacons” and “pixel tags.” “Cookies” are small text files that we and others may place in visitors' computer browsers to store their preferences. We use "Web beacons" or “Pixel tags” - small pieces of code placed on a web page or within the body of an email - to monitor the behavior and collect data about the visitors viewing a web page or viewing or opening an email. Web beacons can be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing that page, and we use them from time to time for this and advertising purposes.

We partner with third parties who may place cookies on your browser when you visit our websites, may send their own cookies to your cookie file, and may use those cookies to track and collect information about you and your online activities over time and across different websites, devices, and applications and to provide targeted advertising based on your interests and previous browsing history.

Third party ad networks may automatically collect information about your visits to our websites and other websites, such as your IP address, your Internet service provider, and the browser you use to visit our websites. They do this using cookies, web beacons or other technologies. You can learn more about practices of many of these third parties by visiting the Digital Advertising Alliance ( in the USA, Digital Advertising Alliance of Canada ( in Canada or the European Digital Advertising Alliance ( in Europe. This Privacy Policy does not apply to, and we are not responsible for, cookies or web beacons and other technologies in third party advertising. We encourage you to check the privacy policies of third party advertisers and/or ad services to learn about their use of cookies, web beacons and other technology.

How to contact us

If you have any questions about how we use your personal information, or if you have any other privacy-related questions, please contact us at


From time to time, we will update this Privacy Policy. In the event there are material changes to our information practices, we will note those changes on our Privacy Policy webpage ( and in some cases send a notification of changes via email.