# Privacy Policy

:::{admonition} This is not a legal document
:class: warning
This document is provided to set expectations and understanding about 2i2c's cloud infrastructure service.
It is not legally binding.
:::

## Summary

2i2c does not retain any identifiable information about its users or the information they create or place in the infrastructure we run.
We require _access_ to the information our infrastructure while it is running, but do not retain this information when we stop working with a community.

## While we run infrastructure

- 2i2c's engineering team requires access to the filesystems of any user on our infrastructure for debugging and maintenance purposes.
  - We do not retain or share this information for any purpose.
- 2i2c may have access to personally-identifiable information that is used for _authenticating_ users (e.g. e-mail log-ins).
  - We do not retain or share this information for any purpose.
- We do not change or delete any user data on a hub without the consent of the hub's {term}`Community Representative`.
- We collect aggregate statistics about general _usage_ of the infrastructure for monitoring and alerting purposes (e.g., number of active users each hour).

## After we stop working with a community

- When we stop working with a community, we will delete all information, data, etc that was contained within the community's infrastructure.
- We do not retain any identifiable information that was provided as part of running a community's infrastructure.
- The community retains access to their own cloud and data infrastructure, and we will give up our own access.