Privacy Policy

Effective date: March 15, 2026

1. Overview

Professional Health Ledger (“ProHealthLedger,” “we,” “us,” or “our”) is an open-source, community-driven platform that lets professionals share their genuine work experiences. This Privacy Policy explains what data we collect, why we collect it, how it is stored, and your rights regarding that data.

Our use of the GitHub API is governed by the GitHub Terms of Service (including Section H — API Terms) and the GitHub General Privacy Statement. Our use of the LinkedIn API is governed by the LinkedIn API Terms of Use. This Privacy Policy is designed to comply with both sets of terms, including LinkedIn’s requirements for developer privacy policies under Section 5.1 thereof.

By signing in or submitting a vote, you agree to the practices described below. If you do not agree, please do not use the platform.

2. Information We Collect

2.1 Information you provide directly

  • LinkedIn Profile URLs — the public LinkedIn URL of the professional you are reviewing.
  • Vote — your Yes/No answer to “Would you work with/for them again?”
  • Reason (optional) — a brief note you may choose to include alongside your vote.

2.2 Information received from authentication providers

We support sign-in via GitHub and LinkedIn using the OAuth 2.0 / OpenID Connect protocol. When you authenticate, we receive:

ProviderData receivedWhen collected
GitHubGitHub username, display nameOnce, at sign-in
LinkedInLinkedIn member ID, display name, email address (via OpenID Connect openid profile email scopes)Once, at sign-in — not refreshed on an automated schedule

We request only the minimum data necessary to identify you on the platform. We do not request or store your password from any provider. Authentication is handled entirely by GitHub and LinkedIn via their secure OAuth flows.

2.3 Information collected automatically

  • Session cookies — we use a single encrypted session cookie (managed by NextAuth.js) to keep you signed in. No tracking cookies are used.

We do not use analytics services, advertising trackers, fingerprinting, or any other form of background data collection.

3. How We Use Your Information

PurposeData usedLegal basis
Authenticate your identityGitHub username or LinkedIn member IDContract performance / consent
Record and display your voteUser ID, display name, vote, dateConsent (you explicitly submit)
Enforce the Karma RuleYour contribution history (yes/no counts)Legitimate interest (platform integrity)
Create a public audit trailVote details via GitHub IssuesLegitimate interest (transparency)
Display contributor leaderboardUser ID, display name, vote countsConsent

We do not use your data for advertising, ad targeting, sale to third parties, credit/insurance/employment eligibility decisions, surveillance, or any purpose other than operating the ProHealthLedger platform as described in this policy.

4. LinkedIn API Data Practices

This section describes how we handle data received via the LinkedIn API, in compliance with the LinkedIn API Terms of Use.

4.1 Consent before access

Before you authenticate your LinkedIn account with ProHealthLedger, we obtain your freely given consent via LinkedIn’s standard OAuth authorization screen. By authorizing the connection, you consent to:

  • How your data will be used: your LinkedIn member ID and display name are used to identify you as a contributor on the public ledger. Your email is used only for account identification and is never displayed publicly.
  • How your data will be disclosed: your LinkedIn member ID and display name will appear on votes you submit, on the contributor leaderboard, and in the public transparency log. Votes are also recorded as GitHub Issues in a public repository.
  • When your data is collected: your LinkedIn Profile Data (member ID, name, email) is collected once at sign-in. We do not refresh your LinkedIn Profile Data on an automated schedule — it is only retrieved when you are actively using the application and authenticate again.
  • Type of data collected: LinkedIn member ID, display name, and email address via the openid profile email scopes.
  • How to withdraw consent: see Section 8 (“Your Rights”) below.
  • How to request deletion: see Section 8.1 below.

4.2 Data storage restrictions

  • We store only the minimum LinkedIn data required to operate the platform: member ID (as a user identifier), display name (for attribution), and email (for account identification).
  • We may store OAuth Access Tokens and application-specific Member Tokens as permitted by the LinkedIn API Terms (§4.2).
  • LinkedIn Profile Data is stored in a manner that allows us to identify, segregate, and selectively delete it upon request.
  • LinkedIn data is not stored in any data repository that enables third-party access, other than the public ledger to which you explicitly consent.

4.3 Prohibited uses

In compliance with the LinkedIn API Terms, we confirm that we do not:

  • Sell, rent, lease, or otherwise make LinkedIn Content available to any third party outside of the agreed platform use.
  • Use LinkedIn data for advertising, ad targeting, or generating mass messages or promotions.
  • Use LinkedIn data for credit, insurance, employment, or housing eligibility decisions.
  • Use LinkedIn data in any manner that facilitates bias, discrimination, or surveillance.
  • Scrape, crawl, or access LinkedIn content outside of the authorized APIs.
  • State or imply that LinkedIn has “verified” or “confirmed” the accuracy of any data on this platform.

4.4 Data Processing Agreement

To the extent that ProHealthLedger processes Personal Information received from LinkedIn, such processing is governed by the LinkedIn Data Processing Agreement for Business Development Agreements (BD DPA), as referenced in Section 4.6 of the LinkedIn API Terms of Use.

5. GitHub API & OAuth Data Practices

This section describes how we handle data received via the GitHub OAuth API, in compliance with the GitHub Terms of Service (including Section H — API Terms) and the GitHub General Privacy Statement.

5.1 Consent before access

Before you authenticate your GitHub account with ProHealthLedger, we obtain your consent via GitHub’s standard OAuth authorization screen. By authorizing the connection, you consent to:

  • How your data will be used: your GitHub username and display name are used to identify you as a contributor on the public ledger.
  • How your data will be disclosed: your GitHub username and display name will appear on votes you submit, on the contributor leaderboard, and in the public transparency log. Votes are recorded as GitHub Issues in a public repository.
  • When your data is collected: your GitHub profile data (username and display name) is collected once at sign-in. We do not refresh your GitHub profile data on an automated schedule.
  • Type of data collected: GitHub username (login) and display name only. We do not request access to your repositories, gists, organizations, or any other GitHub resources.
  • How to withdraw consent: see Section 8 (“Your Rights”) below.
  • How to request deletion: see Section 8.1 below.

5.2 Data storage and tokens

  • We store only the minimum GitHub data required to operate the platform: username (as a user identifier) and display name (for attribution).
  • GitHub OAuth Access Tokens are stored in the encrypted session cookie for the duration of your session only. They are not stored persistently.
  • GitHub API tokens (Personal Access Tokens) used by the platform to create Issues and commit vote data are server-side credentials and are never exposed to end users.

5.3 Compliance with GitHub API Terms (Section H)

In compliance with the GitHub Terms of Service, we confirm that we do not:

  • Use the GitHub API to download data for spamming purposes.
  • Sell GitHub users’ personal information to recruiters, headhunters, job boards, or any third party.
  • Exceed or attempt to circumvent GitHub’s API rate limitations.
  • Use the GitHub API in any manner that violates the GitHub Acceptable Use Policies.

5.4 User-generated content

Votes submitted through ProHealthLedger are created as GitHub Issues in a public repository. As per GitHub’s Terms of Service (Section D), you retain ownership of the content you create. By submitting a vote, you grant GitHub the licenses described in their Terms and grant ProHealthLedger the right to display your vote on the platform.

5.5 Deletion of GitHub data

You may request deletion of your GitHub username and display name from our active data files by opening a data deletion request. Upon receiving your request, we will remove your GitHub data from the active dataset. Note: votes already recorded in Git history and as GitHub Issues cannot be retroactively purged due to the immutable nature of Git.

6. Public Nature of Data

⚠ Important: All votes, contributor identities, and the complete audit trail are public by design. This is a core feature of the platform, not a side-effect.

When you submit a vote:

  • Your user ID (e.g., “github:username” or “linkedin:id”) and display name are permanently attached to that vote.
  • A GitHub Issue is created in the public repository as an immutable record.
  • Your vote appears on the transparency page, the contributor leaderboard, and in the repository’s public JSON data files.

Votes are permanent and cannot be edited or deleted once submitted. You are clearly informed of this permanence before submitting.

7. Data Storage and Security

  • Vote data is stored as JSON files in a public GitHub repository (muglikar/ProHealthLedger).
  • Session data is stored in an encrypted, HTTP-only cookie in your browser. No server-side session database is used.
  • OAuth tokens (both GitHub and LinkedIn) are used during the authentication flow and may be stored in the encrypted session for the duration of your session. They are not stored persistently beyond the session.
  • Security measures: we implement industry-standard security practices including encrypted data transmission (HTTPS/TLS), encrypted session cookies, and secure OAuth 2.0 flows. Access Credentials for both the GitHub and LinkedIn APIs are kept secret and are not shared with any third party.

Because vote data is stored in a public Git repository, it is replicated across GitHub’s infrastructure and may be cloned or forked by third parties. We cannot control downstream copies of this public data.

8. Your Rights

8.1 For all users (including GitHub and LinkedIn members)

  • Access: all vote data is publicly available on the platform and in the GitHub repository. You can view your own contributions at any time.
  • Deletion of authentication data: you may request deletion of all data collected via the GitHub or LinkedIn APIs at any time by opening a data deletion request or emailing us. Upon receiving your request, we will delete your GitHub username or LinkedIn member ID, display name, OAuth Access Token, and Member Token from our systems, in compliance with LinkedIn API Terms (§4.4) and GitHub’s Terms of Service. Note: votes already recorded in the public Git history cannot be retroactively purged due to its immutable nature.
  • Withdraw consent / revoke access: you can revoke ProHealthLedger’s access at any time from your GitHub Authorized Apps or LinkedIn Permitted Services settings. When your OAuth token expires or is revoked, we will obtain your consent again before collecting any further data.
  • Account closure: if you close your account with us, we will immediately delete all Content collected via the GitHub and LinkedIn APIs on your behalf, including OAuth Access Tokens and Member Tokens, as required by LinkedIn API Terms (§4.4) and GitHub’s Terms of Service.

8.2 For professionals listed on the ledger

  • Profile removal: if you are a professional whose LinkedIn profile appears on this ledger and you wish to have it removed, you may open a deactivation request. We will remove your profile from the active ledger.

8.3 Under GDPR (EU/EEA residents)

If you are located in the European Union or European Economic Area, you have additional rights under the General Data Protection Regulation:

  • Right to access — request a copy of data we hold about you.
  • Right to rectification — request correction of inaccurate data.
  • Right to erasure — request deletion of your data, subject to our legitimate interest in maintaining an auditable public record and the practical limitation that Git history is immutable.
  • Right to object — object to processing based on legitimate interests.
  • Right to data portability — all data is already publicly available in machine-readable JSON format.

To exercise these rights, open a GitHub Issue or contact us at the address below.

8.4 Under the Information Technology Act, 2000 (India)

ProHealthLedger operates as an intermediary under Section 79 of the IT Act. We do not author, edit, or endorse any user-submitted vote. We will comply with lawful requests from Indian authorities and provide reasonable assistance per the IT (Intermediary Guidelines) Rules, 2021.

8.5 Under CCPA (California residents)

California residents have the right to know what personal information is collected, request deletion (subject to the same limitations as GDPR erasure), and opt out of the sale of personal information. We do not sell personal information.

9. Third-Party Services

We rely on the following third-party services:

ServicePurposeGoverning terms
GitHubAuthentication (OAuth), data storage, issue trackingGitHub Privacy Statement · Terms of Service
LinkedInAuthentication (Sign In with LinkedIn via OpenID Connect)LinkedIn Privacy Policy · API Terms of Use · BD DPA
Vercel (if deployed)Web hostingVercel Privacy Policy

We do not sell, rent, or share your personal information with any other third parties. Neither GitHub nor LinkedIn Content is made available to any third party outside of the authorized platform use described in this policy.

10. Disclaimers and Limitation of Liability

Platform role: ProHealthLedger is a neutral intermediary. We do not author, verify, investigate, or endorse any vote or review. Neither GitHub nor LinkedIn has verified or confirmed the accuracy of any data displayed on this platform.
  • All votes represent the subjective opinion of the individual contributor, not the opinion of ProHealthLedger, its operators, GitHub, or LinkedIn.
  • We are not responsible for the accuracy, completeness, or consequences of any user-submitted content.
  • LinkedIn profile URLs are used as publicly available identifiers. We do not scrape, crawl, spider, or access any LinkedIn content outside of the authorized APIs.
  • The platform is provided “as is” without warranties of any kind, express or implied, including but not limited to merchantability, fitness for a particular purpose, and non-infringement.
  • To the maximum extent permitted by law, ProHealthLedger and its operators shall not be liable for any indirect, incidental, special, consequential, or punitive damages, or any loss of profits, data, or goodwill arising out of or in connection with the use of the platform.
  • Contributors are solely responsible for the content of their submissions and any legal consequences arising therefrom, including but not limited to claims of defamation, libel, or tortious interference.
  • You agree to indemnify and hold harmless ProHealthLedger and its operators from any claim or action brought by a third party resulting from your use of the platform, your submissions, or your breach of this Privacy Policy.

11. Children’s Privacy

ProHealthLedger is not intended for use by anyone under the age of 18. We do not knowingly collect personal information from minors. If we learn that we have collected data from a person under 18, we will take reasonable steps to delete it.

12. Data Retention

Vote data is retained indefinitely as part of the permanent public record. This is the stated purpose of the platform, and you consent to this upon submission. Session cookies expire when you sign out or after a reasonable inactivity period.

GitHub and LinkedIn OAuth tokens and Profile Data are retained only for the duration of your active session and for as long as necessary to provide the platform’s services. Upon request, account closure, or termination of our API access, we will delete all GitHub and LinkedIn Content as required by the respective terms.

Because vote data is committed to a public Git repository, it exists in the Git history even if later removed from the active dataset. This is an inherent property of Git-based storage.

13. Security Incident Notification

In the event of a security breach or incident that may affect the security of your data, GitHub Content, LinkedIn Content, or their respective users, we will promptly notify the affected platforms and users in accordance with LinkedIn API Terms (§7.1), GitHub’s Terms of Service, and applicable data protection laws.

14. Changes to This Policy

We may update this Privacy Policy from time to time. Changes will be reflected by updating the “Effective date” at the top of this page and committing the updated policy to the public repository. Your continued use of the platform after changes constitutes acceptance of the updated policy. In the event of any material change to the scope of our use or disclosure of LinkedIn Profile Data, we will notify you or obtain your consent to the change as required by applicable law and the LinkedIn API Terms (§5.2).

15. Contact

If you have questions about this Privacy Policy, wish to exercise any of your data rights, need to report a concern, or wish to request deletion of your GitHub or LinkedIn data, please:

This privacy policy was last updated on March 15, 2026. The authoritative version is always available at the public repository.