Privacy and Permissions Statement

AVAnnotate does not store or retain user data; instead, it functions as an intermediary between project authors and GitHub’s standard features. It’s easiest to think of AVAnnotate as just another interface for GitHub, meaning that anything done in AVAnnotate could also be done directly through the GitHub web interface. Logging into AVAnnotate requires users to “Sign in with GitHub,” which simply authorizes the AVAnnotate app to perform actions the user could manually do on GitHub.

When a GitHub user authorizes the AVAnnotate app, they are not in any way changing the privacy or security of a repository or any other repositories within a GitHub organization; private repositories will still remain private and can only be viewed by users authorized in GitHub. For more information on making private repositories, see Private projects.

AVAnnotate stakeholders concerned with granting permissions to AVAnnotate may create a separate GitHub user account to manage repositories that are distinct from the repositories of concern. Building on GitHub means AVAnnotate benefits from free storage and publication, as well as reasonably stable long-term support; however, it also faces drawbacks, including limitations in its security model and API.