Changes to Our Privacy and Data Policies

Stack Overflow has always been committed to protecting your privacy and your data. The European Union’s General Data Protection Regulation has prompted us to review our policies and make sure that we are doing the right thing for all of our users worldwide.

Stack Exchange, Inc. has updated its Terms of Service, Privacy Policy and Cookie Policy for all of our sites.

  1. We have made it easier to understand what types of data we collect and how we use your data.
  2. Our new Terms of Service distinguishes between public network users (those who use our public Stack Exchange Q&A sites) and private network users (those who use Stack Overflow for Teams).
  3. As part of our new data-retention policy, we will now delete accounts that have been inactive for more than two years and where the user has never engaged in any meaningful activity.
  4. We may send account-related email messages that are triggered by your site activity. In most cases, you can opt out.
  5. With your continued permission, we will send you promotional messages based on your preferences. To see and change your opt-in preferences, manage your Email Settings.

Please read these updated terms and take your time to understand these changes. Your use of Stack Overflow’s Products and Services, including the Stack Overflow Network, is subject to these revised policies and terms.

Why you may see a prominent notification on stackoverflow.com or receive an email

  1. One of the key tenets of GDPR is that information on data, privacy and cookies can’t be buried or hidden. We have to prominently call out the policies and explain what to do if you don’t agree with them. That’s why we will show an onsite notification and send emails to registered users.
  2. We really, really want you to update your Email Settings. Last July, we launched an Email Settings feature that allows you to select the specific types of messages you do and do not want to receive. Most of our users still don’t know it’s there. We sincerely don’t want to email you if you don’t want to be emailed.

Why we are notifying everyone, not just EU residents

We believe the intentions behind the new laws are good and should apply to all of our users.

Author

Adam Francoeur
Corporate Counsel
Corporate Counsel at Stack Overflow

Related Articles

Comments

  1. Normal Human says:

    “Why you may see a prominent notification on StackOverflow.com…”

    While on the subject of legal stuff: https://stackoverflow.com/legal/trademark-guidance says “The website domain name is always written stackoverflow.com (no CamelCase, single word capitalization rules apply)”.

  2. Is there a reason the arbitration clause isn’t mentioned in this blog post? It has generated extensive discussion (https://meta.stackexchange.com/questions/310061/electronic-opt-out-correcting-miscommunication-and-additional-questions-answer) and repeated assurances by Stack Exchange staff that this is something you resent doing, that you hate the need for this, that your approach has been exhaustive, that you’re committed to “more transparency” to “continue to earn your trust,” etc…

    Therefore, it feels rather disingenuous to see a five-point summary of the changes posted on the blog, one of your most visible platforms, that doesn’t happen to mention the change that has generated the most consternation and discussion.

    So why was it not mentioned here?

  3. “we will now delete accounts that have been inactive for more than two years and where the user has never engaged in any meaningful activity” – really? When? How? This is something that requires lots of planning and careful implementation, not something to throw as a side note.

    1. It’s not that difficult at all. The criteria are spelled out here: https://meta.stackexchange.com/a/310516/145914

      I imagine that finding candidate accounts could be scripted almost trivially.

Leave a Reply

Your email address will not be published. Required fields are marked *