Last updated: Mar 6, 2025

Introduction & Key Terms

Ruby Central, Inc. (“Ruby Central”) is a non-profit organization dedicated to supporting the worldwide Ruby community. We organize conferences, host the RubyGems package repository, and maintain open source software packages that are vital infrastructure for the Ruby programming language. This Privacy Policy describes our policies and procedures about the collection, use, disclosure, and sharing, or other processing of your personal information when you browse our websites (the “Sites”), use the RubyGems.org service (“RubyGems”), register for or attend our conferences, or contribute to our open source projects.

In this Privacy Policy, “personal information” includes references to “personal data” as defined under the EU General Data Production Regulation (GDPR) and other applicable laws. Your use of our Sites and Services, and any dispute over privacy, is subject to this Policy and the relevant terms of any other agreement between you and Ruby Central, including the applicable limitations on damages and the resolution of disputes. Those terms are incorporated by reference into this Policy.

The RubyGems.org service is subject to this Privacy Policy as well as the RubyGems Privacy Notice.

Personal Information That Ruby Central Collects

We collect personal information directly from individuals, from third parties, and automatically through the Sites and Service. You do not have to provide us your personal information. However, if you choose not to disclose certain information, we will not be able to provide you with access to certain services or features, including RubyGems account registration, or participation in our conferences or certain aspects of our open source projects.

Conference Attendee Information

When you register to attend one of our conferences, we collect certain personal information to help us manage and facilitate the event, and to ensure compliance with necessary regulations.
When you register to attend one of our conferences, we collect the following information:

Pre-event Data Collection:

We collect data through our registration ticket forms, including registrant data.

  • Required information: names and emails
  • Optional Secondary data: job titles, company name, professional experience, preferences (e.g., food preferences, childcare needs), personal information (e.g., T-shirt size, emergency contact information). We collect the following information only with your consent:
    • Accessibility and health-related data (such as food allergies) are only collected in order to provide adequate care to your specific needs and comply with ADA guidelines at our venue. Your response will remain confidential and used solely for event planning purposes. This data is also optional and not required to provide in order to attend.
    • Demographic survey information (e.g., LGBTQIA+ status, age range, race/ethnicity).
    • Opt-in subscription to marketing or partner/Sponsor communications.
    • Opt-in to photography and videography recordings

For emails, promotions, and sales outreach, we track the source of how attendees found out about the event and engagement metrics such as email opens and clicks. Additionally, event page and marketing tool analytics are monitored, including page views, conversion rates, and bounce rates.

Sensitive Data:

We recognize that some of the information we collect is sensitive personal data, such as accessibility needs, food allergies, demographic questions (e.g., ethnicity/race, age range, LGBTQIA+ status), T-shirt sizes, and emergency contact details. Please note that all sensitive data is optional, and you can choose to opt out of responding to these questions. No individual will be required to provide this information in order to participate in the event, and any information you choose to provide will only be used to facilitate your participation and ensure that we can meet your needs.

During the Event:

On the day of the event, we collect data related to your attendance:

  • Check-In Data: This includes tracking of attendees who checked in, no-shows, and the time spent at the event.
  • Walk-In Data: We may collect information from scanned leads or QR codes.
  • Social Media and Press Mentions: We may track mentions of the event across social media platforms and in press outlets.

Conference Volunteers

When you apply to volunteer at one of our conferences, we collect the following information:

  • Required information: personal Identification Information such as name, email address, and phone number.
  • Optional secondary data: Job title, company name, and industry. We also collect event-specific data**:** Role assignments, shift schedules, and any physical restrictions. Lastly, we will collect T-shirt size and health and safety information such as emergency contact details and food preferences or restrictions.
  • Consent-based data: Age, race/ethnicity, LGBTQIA+ status, and medical conditions or allergies.

Photography and Videography

By attending a Ruby Central event or conference, you acknowledge and consent to the possibility of photography, audio, and video recording during the event. These recordings may include images, sounds, and videos where you could be captured as part of the general event activities.

Ruby Central provides "No Photography/No Videography" badges and lanyards for attendees who prefer not to be photographed or recorded during the event. If you wish to opt out of being included in event media, please request one of these badges or lanyards from the event registration desk. By wearing the badge or lanyard, you are indicating your preference to avoid being captured in photographs, videos, or other recordings. However, please note that this will not guarantee complete avoidance of being included in media, as some recordings may still occur in public or common areas of the event.

Purpose of Recording
You understand that the photographs, audio recordings, video recordings, and/or other media taken during the event may be used by Ruby Central and its affiliates for the following purposes:

  • Promotional and marketing activities (e.g., advertising, websites, social media)
  • Event promotion and future event materials
  • News reporting, webcasts, and telecasts
  • Any other lawful purpose related to Ruby Central’s activities

Consent and Data Processing
By attending the event, you provide your explicit consent for Ruby Central to process the personal data (including images and videos) captured during the event in accordance with the purposes stated above. You are also informed that this consent is provided voluntarily and may be withdrawn at any time by contacting Ruby Central directly, but such withdrawal will not affect the lawfulness of the processing carried out prior to the withdrawal.

Data Retention
Your images and videos will be retained for as long as necessary to fulfill the purposes for which they were collected. If you wish for your image or video to be removed from any future publications, please contact us at contact@rubycentral.org with your request.

Waiver of Liability
By attending the event, you waive any claims for payment, royalties, or any other compensation in relation to the exhibition, broadcasting, streaming, or any other use of the materials, regardless of whether fees are charged for admission or sponsorship. You also waive your right to inspect or approve any photographs, videos, or audio recordings taken by Ruby Central or its designated representatives.

Your Rights Under GDPR
As per GDPR, you have the following rights regarding the personal data we process:

  • Right to access your personal data
  • Right to request the correction or deletion of your data
  • Right to object to or restrict the processing of your data
  • Right to data portability
  • Right to withdraw consent at any time (without affecting the lawfulness of processing prior to the withdrawal)

If you would like more information about how your personal data is processed or if you wish to exercise any of your rights, please contact us at contact@rubycentral.org.

By entering the event premises, you acknowledge that you have read and understood the above terms and consent to the collection and use of your personal data as described.

Community Event Organizer Information

When applying for a grant, Ruby Central, Inc. collects data from organizers, including the organization or meetup group name, organizer contact details (full name, email address, and optional phone number), and the location of meetup events. Organizers may also provide additional information, such as their website or social media links, average event attendance, and any other comments or feedback they wish to share. Social media mentions are tracked across platforms. As part of the grant agreement, organizers or their company provide their name, address, title, and signatures. In addition to the agreement, consent data is collected for opt-in purposes, including marketing data gathered through scanned leads or QR codes. Grant funds are distributed directly to the organizer’s bank account through the accounting application Bill.com. All collected data is used solely for processing the grant application, evaluating proposed events, and distributing funds.

When you sponsor one of our conferences or become a corporate sponsor, we collect the following information: Company Name, Company Point of Contact, Email, Address, Phone Number.

Open Source Contributions

When you contribute source code, documentation or other content to one of our projects, we collect and store the information and content that you contribute, together with attribution information associated with your contributions that is collected automatically via GitHub.

Communications

When you communicate with us (e.g. by email, GitHub, HackerOne), we may maintain a record of your communication.

Automatically Collected Information

Ruby Central may automatically collect the following information about users’ use of the Sites or service through cookies, server logs, and other technologies: your browser type and operating system; your IP address; your country of location; the length of time you visit our Site and or use our services; and the referring URL, or the webpage that led you to our Site. We may combine this information with other information that we have collected about you, including, where applicable, your user name, name, and other personal information.

De-identified Information.

We may de-identify and aggregate certain personal information we collect such that the information no longer identifies or can be linked to a particular user or an individual data subject (“de-identified Information”), subject to the terms of any applicable user agreements. We may use this information to improve our Service, analyze usage of our service, publish market research, and for other marketing, research or statistical purposes, and may disclose such information to third parties for these specific purposes.

Ruby Central collects personal information for the following purposes:

  • To provide our Sites
  • To communicate with you about your use of our Sites
  • To better understand how users access and use the Sites so we can improve them
  • To personalize your experience on the Sites
  • To subscribe you for our mailing list (opt-in only)
  • To respond to your inquiries, provide troubleshooting of the Sites, and provide user support
  • To operate our open source projects
  • To register you for conferences and other events
  • To allow conference attendees to connect with conference sponsors on an opt-in basis
  • To process your payment for the events and sponsorships
  • To acknowledge your sponsorship on our Sites or in conference materials
  • To comply with our legal obligations
  • To protect and enforce our legal rights
  • To prevent and detect fraud and misuse of our Service

We collect this information to perform our contract with you (e.g. to enable your attendance at a conference, or enroll you as a sponsor), and for our legitimate business purposes. In some cases, we may ask your consent to use your personal information for certain purposes where required by applicable law.

Sharing of Personal Information

We disclose personal information as set forth below, and where individuals have otherwise consented:

Service Providers

We may share your information with third party service providers who use this information to perform services for us, such as hosting providers, email service providers, auditors, advisors, contractors, and consultants.

As Legally Required

We may disclose your information if we are required to do so by law (including to law enforcement in the U.S. and other jurisdictions).

Protection of Rights

We may disclose information where we believe it necessary to respond to claims asserted against us or, comply with legal process (e.g., subpoenas or warrants), enforce or administer our agreements and terms, for fraud prevention, risk assessment, investigation, and protect the rights, property or safety of Ruby Central, its users, conference attendees, participants in its open source projects, or others.

Anonymized and Aggregated Information

We may share aggregate or de-identified information with third parties for research, marketing, analytics, and other purposes, provided such information does not identify a particular individual.

Cookies and Other Automated Collection

We may use cookies, JavaScript, local storage, log files, and other mechanisms to automatically collect and record information about your usage and browsing activities on our Site. We may combine this information with other information we collect about users.

Cookies are small files with a unique identifier that are transferred to your browser through our webSite. They allow us to remember users who are logged in, to understand how users navigate through and use the Site, and to display personalized content. We do not track or enable tracking of individual user activity across Site. For this reason, Ruby Central’s Site and Service do not respond to browser “do not track” signals or other similar mechanisms.

Data Security

We have implemented reasonable precautions designed to protect the information we collect from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. Please be aware that despite our best efforts, no data security measures can guarantee 100% security.

You should take steps to protect against unauthorized access to your passwords, phone, and computer by, among other things, signing off after using a shared computer, choosing robust passwords that nobody else knows or can easily guess, not using a password for more than one site or service, and keeping your log-ins and passwords private. We are not responsible for any lost, stolen, or compromised passwords or for any activity on your account via unauthorized password activity. We ask you to promptly notify us if you become aware that any information provided by or submitted to our Site or through our Service is lost, stolen, or used without permission at [EMAIL].

Retention of Your Personal Information

We generally keep personal information only for as long as required to fulfill the purposes for which it was collected. However, in some circumstances, we may retain personal information for other periods of time, for instance where we are required to do so in accordance with legal, tax and accounting requirements, or if required to do so by a legal process, legal authority, or other governmental entity having authority to make the request, for so long as required. In specific circumstances, we may also retain your personal information for longer periods of time corresponding to a statute of limitation, so that we have an accurate record of your dealings with us in the event of any complaints or challenges. See the related RubyGems Privacy Notice for further details on data retention for RubyGems.

International Transfers

If you are located within the European Economic Area, the United Kingdom or Switzerland, you should note that your personal information will be transferred to countries outside these jurisdictions, including the United States where Ruby Central is located. The U.S. is deemed by the European Union to provide inadequate data protection. However, we have put in place European Commission approved Standard Contractual Clauses to provide for adequate safeguards to protect personal information transferred outside these jurisdictions. In addition, if personal information is transferred to third party service providers located outside these jurisdictions, we will take steps to ensure that your personal information receives the same level of protection as if it remained within these jurisdictions, including by entering into data transfer agreements, using the European Commission approved Standard Contractual Clauses or other safeguards as approved by the European Commission. You have a right to obtain details of the mechanism under which your personal information is transferred outside of the EU by emailing contact@rubycentral.org.

Children’s Privacy

We do not knowingly collect or solicit personal information from anyone under the age of sixteen (16), or knowingly allow such persons to register. If we become aware that we have collected personal information from a child under the relevant age without parental consent, we take steps to delete that information.

The Site may contain links to third party sites or online service. Please refer to the privacy policies of the relevant third party website or service to find out more about how they process and handle personal information.

Your Rights

Access and Amendment. If you have registered a RubyGems account and wish to access or update your personal information, you may do so online by visiting your account dashboard on rubygems.org. You may also contact our privacy coordinator at contact@rubycentral.org to access or amend your personal information.

Additional Rights. Individuals in the European Economic Area (and other jurisdictions where applicable) have additional rights under applicable law:

  • to obtain a copy of your personal information together with information about how and on what legal basis that personal information is processed;
  • to rectify inaccurate personal information (including to have incomplete personal information completed);
  • to erase your personal information (in limited circumstances, such as where it is no longer necessary in relation to the purposes for which it was collected or processed);
  • to restrict processing of your personal information under certain circumstances;
  • to export certain personal information in machine-readable format to a third party (or to you) when we justify our processing on the basis of your consent or the performance of a contract with you and the processing is carried out by automated means;
  • to withdraw your consent to our processing of your personal information (where that processing is based on your consent, without affecting the lawfulness of processing based on consent before its withdrawal);
  • to obtain, or see a copy of the appropriate safeguards under which your personal information is transferred to a third country or international organization; and
  • to object to our use and processing of your personal information that is conducted on the basis of our legitimate interest. You also have the right to object at any time to any processing of your personal information for direct marketing purposes, including profiling for marketing purposes.

Lodging a Complaint. You also have the right to lodge a complaint with your local supervisory authority for data protection, or privacy regulator. A list of data protection supervisory authorities is available here.

Submitting a Request. To exercise the above rights or contact us with questions or complaints regarding our treatment of your personal information, contact us at contact@rubycentral.org. Please note that we may request proof of identity, and we reserve the right to charge a fee where permitted by law, especially if your request is manifestly unfounded or excessive. We will respond to your request within the applicable timeframes set out by law.

California Privacy Rights

California law permits users who are California residents to request and obtain from us once a year, free of charge, a list of the third parties to whom we have disclosed their personal information (if any) for their direct marketing purposes in the prior calendar year, as well as the types of personal information disclosed to those parties. If you are a California resident and would like to request this information, please submit your request in an email to contact@rubycentral.org. We may ask you to verify your California residency.

Contact Us

If you have any questions about our practices or this Privacy Policy, please contact us at contact@rubycentral.org.

Changes to the Privacy Policy

This Policy is current as of the effective date set forth above. If we change our privacy policies and procedures, we will post those changes on this page and/or continue to provide access to a copy of the prior version. If we make any changes to this Privacy Policy that materially change how we treat your personal information, we will endeavor to provide you with reasonable notice of such changes, such as via prominent notice on our Site or to your email address of record, and where required by law, we will obtain your consent or give you the opportunity to opt out of such changes.