web analytics
Bug in grass

Ada Forge is aimed to be a French non-profit organization (called (fr) Association , or 'OSBL' = "Organisme Sans But Lucratif"). For now it is operated by french company STERNA NARINE s.a.s.

This privacy notice explains what we do with personal information.

We commit to upholding the key data protection principles and data subject rights described in the GDPR and local data protection regulations in the countries in which we operate.

Source of Data

The services we are responsible for are hosted by STERNA NARINE s.a.s.

Legal Basis for Processing

For personal data under the Ada Forge Association’s control, we rely on the following legal bases to obtain and process personal information:

  • Where users have given us valid consent to use their data in certain ways, we rely on that consent.

  • Where users provide information in order to access our services, we rely on contractual necessity to process that information as necessary to perform those services.

  • In certain cases we may process information where this is necessary to meet legal obligations, such as compliance with law enforcement subpoenas or warrants.

  • In limited cases, for example to ensure the security of our services and the reliability of our data, we may process your information to further our legitimate interests, so long as any such legitimate interests are not overridden by your rights or interests.


Like many websites, the services may use cookies to obtain certain types of information when your web browser accesses our site. Cookies are used most commonly to do things like tracking page views, identifying repeat users and utilizing login tokens for a session.

The services use session cookies to anonymously track a user’s session on the services to deliver a better experience. You can block or delete these cookies through your browser’s settings.

You can set or amend your web browser controls to accept or refuse cookies. If you choose to reject cookies, you may still use our services though your access to some functionality may be restricted. As the means by which you can refuse cookies through your web browser controls vary from browser-to-browser, you should visit your browser’s help menu for more information.

Data Transfers

Ada Forge Association is based in France, processes and stores data in the European Union, and makes its services available around the world. The United States, Member States of the European Economic Area, and other countries are governed by different laws. When your data is moved from its home country to another country, the laws and rules that protect your personal information in the country to which your information is transferred may be different from those in the country where you reside. For example, the legal requirements for law enforcement to gain access to personal information may vary between countries.

Use of the services is voluntary and users may choose whether or not they wish to use them. Because we offer our services to people in different countries and use technical infrastructure based in European Union, we may need to transfer your personal information across borders in order to deliver our services.

Information Security

We maintain administrative, technical, and physical safeguards designed to protect the privacy and security of the information we maintain about you. The connection between your computer and our servers is encrypted using Secure Sockets Layer (SSL) software that encrypts that information. We use a digital certificate and secure pages will be identified by a padlock sign and “https://” in the address bar.

However, no method of transmission or storage is 100% secure. As a result, while we strive to protect your personal information, you acknowledge that: (a) there are security and privacy limitations inherent to the Internet which are beyond our control; and (b) security, integrity, and privacy of any and all information and data exchanged between you and us cannot be guaranteed.

Your Rights

Upon request, Ada Forge Association will provide users with information about whether we hold any of their personal information. In certain cases, subject to relevant legal rights, users have the right to object to the processing of their personal information, to request changes, corrections, or the deletion of their personal information, and to obtain a copy of their personal information in an easily accessible format. In order to do this, users can contact us using the contact information set out at the bottom of this policy. We will respond to every request within a reasonable timeframe and may need to take reasonable steps to confirm identity before proceeding.

You can also withdraw your consent to our processing of your information and the use of our services, and/or delete your user account at any time, by using the contact information below to request that your personal information be deleted. If you are an EU resident and believe that our processing of your personal data is contrary to the EU General Data Protection Regulation, you have the right to lodge a complaint with the appropriate supervisory authority.

If you withdraw your consent to the use or sharing of your personal information for the purposes set out in this policy, we may not be able to provide you with our services. Please note that in certain cases we may continue to process your information after you have withdrawn consent and requested that we delete your information if we have a legal basis/need to do so.

Data Retention

For personal data under its control, Ada Forge Association will retain such data only for as long as is necessary for the purposes set out in this policy, or as needed to provide users with our services.

If a user no longer wishes to use our services then it may request deletion of its data at any time.

Notwithstanding the above, Ada Forge Association will retain and use user information to the extent necessary to comply with our legal obligations (for example, if we are required to retain your information to comply with applicable tax/revenue laws), resolve disputes, and enforce our agreements. We may also retain log files for the purpose of internal analysis, for site safety, security and fraud prevention, to improve site functionality, or where we are legally required to retain them for longer time periods.

Children’s Privacy

The services are not directed to children and we do not knowingly collect personal information from anyone under the age of sixteen. If you are under the age of sixteen, your parent or guardian must provide their consent for you to use the services.

Specific services

If you contact us via email, your email address and message will be accessible to our small team of staff.

Grant applicants will be asked to give their consent to our processing and storage of the following personal data:

All applicants:

  • Name

  • Email address

  • GitHub username

  • GitLab username

Data for all applicants will be retained for three years. Data for successful applicants will be retained for seven years.

We may ask individuals outside of the Ada Forge Association to assist with the grant assessment process. The only personal data that will be shared with such individuals will be the applicant’s GitLab username.


<www.adaforge.org> is managed by members of the Core team and the Community team.

When you visit adaforge.org, we receive your IP address which is partially masked( a.b.c.? ) as part of our standard server logs. We store these logs for 1 year.

Source Components Repository

Access to our "Source Components Repository" (SCR) requires users to have a GitLab account in order to log in and use the service.

A 'Crate' is a Source Components that will be stored in our SCR.

You must have a verified email address to publish a Crate. We receive any public email address associated with your GitLab account. You can also choose to submit a different address to associate with your SCR activity. We will only use your email address to contact you about your account.

When you visit SCR, we receive your IP address and user-agent header as part of our standard server logs. We store these logs for 1 year.

All Crates on SCR are public, including the list of Crate owners’ user names and the crate upload date. Anyone may view or download a Crate’s contents. Because of the public nature of SCR, any personal data you might include in a alire.toml file uploaded to a crate will be publicly available. For example, if an email address is in the authors field in the alire.toml file, that email address will also be public.

Due to its public nature, be aware if you include any private information in a Crate, that information may be indexed by search engines or used by third parties. Sensitive information should not be included in a Crate file.

Third-party services

We use Gandi.net to host the services, on servers located in France. See the Gandi.net Website terms of use and their privacy notice.


For data subject access requests, or any questions about this privacy notice, please email through our contact page.

EEC GDPR compliant