Codacy exposes personal email addresses

The Codacy website pulls my personal email address from GitHub - which is a private email address - and then shows it to all of my colleagues on the People page. This is a personal account and it is very inappropriate for Codacy to show my personal details to other people, even within the same company.

Please change the system to correctly recognise what is private and not expose it to other people. Display of information should be opt in, not opt out. This is a legal requirement under GDPR in Europe, and your site therefore fails in its GDPR compliance requirements.

I have deleted this email address from my Codacy profile before and it is now being exposed again, so this is something that appears to repeat, giving me no options to keep private information private. That’s very bad practice, and very disappointing.

Hi Andrew,

This is Debora from the Support team at Codacy, thank you for reporting this! We believe that is a bug and we’ve created an internal ticket to investigate this - as soon as we have an update on this, we’ll reach out to you here.

In the meantime, could you please check if your email is set as private on GitHub?

You can do this by going to your account (upper-right corner of any page), clicking on your profile photo/avatar > Settings > Emails > and then check the box “Keep my email addresses private”.

Hi Debora,

Yes, I have double-checked that setting. I can confirm that the “Keep my email addresses private” option is definitely ticked, as I had thought.

Best wishes,

Andrew

Hi Andrew,

Thanks for confirming! We’ll look into this and get back to you with an update as soon as we know more.

Thanks again,
Debora

Hi, have you managed to make any progress with this? It still seems to be behaving the same.

Hi Andrew, I’m sorry about the delayed reply! The ticket is still in our Engineering team’s queue to be implemented but unfortunately, we don’t have an update yet or an ETA at the moment.

As soon as we make any progress on this, I’ll let you know here.

Thank you!
Debora

Hi Andrew,

Following up on this, I just wanted to let you know that our team has already fixed this issue.

So on GitHub’s side, you would need to check Keep my email addresses private on your GitHub emails configuration.

If you need help with anything else, please let me know!

Best regards,
Debora