Privacy Policy

Date of Last Revision: November 17, 2016

About Code.org

Code.org® is a nonprofit dedicated to expanding participation in computer science by making it available in more schools, and increasing participation by women and underrepresented students of color.

Please read this Privacy Policy carefully before accessing or using the Website.

Code.org Privacy Principles

Our Privacy Policy is fueled by our commitment to the following Privacy Principles:

  1. We’re deeply committed to creating a safe and secure learning environment for our students and teachers. We take the protection of this information seriously.
  2. We do not require you to provide any Personal Information in order to try our tutorials, most of which are accessible without a user account. However, learning progress or code creations won't be saved without creating an account.
  3. The only reason we collect any data from students or teachers is to better succeed at our mission of providing a great computer science education for every student who wants it.
  4. We do not sell your Personal Information or exploit it for financial gain; we do not sell ads. We are a charitable 501(c)(3) nonprofit and our revenue comes from donations. We established ourselves as a nonprofit so our mission and your trust will not be in conflict with a for-profit motive.
  5. Any student academic data provided by us or by our school district partners to third party evaluators for the purpose of evaluating our courses in meeting our mission will be anonymous / de-identified (per standard industry practice).
  6. We strive to provide you with access to and control over the information you give us (as detailed below), and we take the protection of your information very seriously.
  7. When student Personal Information is provided to Code.org by a school or school district, Code.org agrees to retain such information as directed by the school or school district.

Privacy Policy

We are committed to creating a safe and secure environment for learners of all ages on our websites located at https://code.org, https://studio.code.org, https://csedweek.org, https://hourofcode.com, other websites, application programming interface (our “API”), and online services (collectively, our “Website”). Visitors and users of the Website and participants in our education programs are referred to individually as “User” and collectively as “Users”. As a not-for-profit, 501(c)(3) organization, we use the data we receive only insofar as it helps our mission of providing a great computer science education for every student who wants it. We established ourselves as a not-for-profit organization so that a for-profit motive will not interfere with our mission of providing a trusted educational resource.

Our Privacy Policy describes what information we gather from our Users, how we use that information, and what we do to protect it. Your use of the Website and any information you provide on the Website are subject to the terms of this Privacy Policy, which is incorporated into and subject to our Terms of Service. Any capitalized terms used but not defined within this Privacy Policy have the meaning given to them in our Terms of Service. By visiting or using our Website, you expressly consent to the information handling practices described in this Privacy Policy.

From time to time our Privacy Policy will change. Code.org will notify Users of any change to our Privacy Policy by posting the revised Privacy Policy with an updated date of revision on our Website. If we make any significant changes to the policy these will be called out with a short notice of the revision conspicuously posted on the Website homepage. We may also contact Users and notify them of the changes if required by law. We stand behind the promises we make, and will not change how we use any Personal Information we have already collected from Users in any material way without also providing notice of the change via email, through this Website, or through other means, and obtaining consent via your continued use to any new policies. We take the Personal Information you provide to us very seriously, and we strive to put you in control of decisions around your Personal Information.

Collection and Use of Your Information

The sections below describe the ways Code.org collects and uses the name, display name, email address, school name and address, telephone number, or other personally identifiable information from Users (“Personal Information”), persisitent cookies or IP addresses (“Persistent Identifiers”), as well as some of the non-personal information and technical information (described below) we collect.

The Hour of Code: Code.org does not collect any Personal Information from students participating in the Hour of Code. The Hour of Code tutorials do not require login to use.

Code Studio: The following table describes the data that Code.org collects from registered Users of the Code Studio tutorial platform. You can also try Code Studio tutorials without creating an account, but your learning progress won't be saved.

Data stored by Code.org if you create a Code Studio student account Required? How this data is used
Display Name (eg “Cool Coder” or “John”) Mandatory To provide students a welcome upon login and to identify the student in the teacher’s view of student progress. We recommend using first names only to increase privacy.
Age (Not birthdate) Mandatory To understand the developmental stage of students to offer an age-appropriate experience for each student. We use this field to ensure we don’t allow students under age 13 to access age-inappropriate features (such as sharing their coding projects on social media). We collect ages (e.g. 16), as opposed to birthdates (e.g. Feb 13, 1998).
1-way hash of email address (NOT the actual email addresses, which are collected in the web browser but never transmitted to Code.org and thus never stored by us) Optional if account created by teacher or parent; Mandatory if student signs up directly If a student creates an account directly, an email address is required. If the account is created by a teacher or parent, it is optional.

Even if provided, student email addresses are NOT stored by Code.org in a retrievable format. To protect student privacy, we only store a 1-way hash of the email address. We do not have any way of sending email to these students or retrieving their actual email address. It is used only for purposes of login. See section on Student Email Addresses below for more details.
Login time, IP address, and other technical data Mandatory (automatic) This data helps Code.org troubleshoot any problems users experience. It also helps Code.org understand usage patterns, to guide the build out of servers to support all users, and to enable updating the site while minimizing service disruption. See section below on “technical information” for additional details.
Gender Optional This information is only used in aggregate, to measure the percentage of students that are male or female or to measure how males or females react to different computer science challenges, to track our progress towards reducing the gender gap in computer science.
Race Optional Students ages 13 and over have an option to indicate their race. For students under age 13 we do not ask individual race, but we ask the teacher to optionally estimate the racial distribution of the entire classroom.

This information is only used in aggregate, to measure the percentage of students from underrepresented minorities and their aggregate reaction to computer science challenges, in order to track our progress toward improving diversity in computer science.
Progress in the course
1- Date/Time each stage is tried
2- Number of tries to solve a puzzle, and whether it was solved successfully or optimally
3- Information on how the student solved the puzzle including time to completion and whether they used hints
4- The code that the student submitted
5- Student-provided answers to simple assessments (e.g. multiple-choice questions)
Mandatory (automatic) This information is displayed to students and their teachers to see their progress in a course, to see the code they’ve created, and to identify topics they need help with. It also lets students pick up where they left off if they log out and login later. See example progress report, and see section below on “technical information” for additional details.

This data also helps Code.org improve the course effectiveness. For example, if a puzzle is too hard, Code.org may take action (like providing better hints) to improve the learning process.
Student Projects - apps, animations, stories, or code-art Automatic (for students who create such projects)
Creating apps and projects is part of our course progressions.
The code and underlying assets for these apps are stored by Code.org, so that students can retrieve their projects each time they log in.

When students work in the context of a classroom, their teacher also has access to view the projects created by any students in the classroom.

Student projects and code creations each have a custom URL that students can use to share with friends or their teacher, or post to the Code.org public gallery. On the public gallery, projects are displayed with only the first letter of the student’s name to protect student privacy.

Students may “remix” (and change or improve upon) projects made by themselves or by other students.
Students over age 13 can also, at their discretion, post their projects to social media.

In our elementary school courses, students create stories, games or art using tools, such as Play Lab, which are limited to using artwork and sounds provided by Code.org. Students can write dialogues for these projects. Text provided by students in these tools will be automatically analyzed to prevent sharing any personal email addresses, phone numbers, or street addresses.

Our middle school and high school courses teach students to make more mature apps and games. These tools allow the students to upload custom photos, sounds and/or videos. (see below)
Student-uploaded images, sounds, or videos (for App Lab and Game Lab Projects) Automatic (if content is uploaded). Creating apps with these tools is part of our courses for grades 6+.
Uploading custom files is optional.
Only students of age 13 and older, or students under 13 who are working in a classroom whose teacher has explicitly accepted the Code.org Privacy Policy and Terms of Service, can choose to upload custom images, sounds, and videos to the Code Studio platform to use within apps or games that they create. Students under 13 will be advised never to upload any media containing personal information.

These files are not used by Code.org for any purpose other than within these projects. These projects may be shared as described above, subject to those restrictions imposed on students under 13.
Data collected by student-created apps Optional Students may use Code Studio to create their own apps. Depending on the app author’s design, a student-created app may in turn collect data by prompting other Users (anybody who tries using the student-created app) to enter information, such as a favorite movie.

If a student creates an app that collects and stores data in this fashion, all data entered by users of the app may be accessed and possibly shared publicly by the app author, the app itself, and potentially anybody with a link to view the app. Code.org does not itself use or share this data outside of the app.

Before using a student-created app that collects data, Users are shown a clear warning that any data they enter may be shared publicly and that they should not share anything personal to them or to others.
Written comments in response to curricular/educational prompts within the Code Studio platform Optional Within some of our courses, students in a classroom are prompted to answer a question. Their answers are shared with any teacher with whom the student is affiliated on Code Studio, and are not used by Code.org for any other purpose.

In some cases, these questions may be attitudinal (to assist the teacher in understanding their classroom’s reaction to learning computer science, and to help Code.org improve our curriculum). Students are informed that answers to these attitudinal questions are shared with the teacher anonymously.


Additional* data stored by Code.org if you create a Code Studio teacher account Required? How this data is used
Email address Required To send emails to the teacher with updates about their classroom or student progress, when new course-work is available, updates on curriculum, tools, professional learning options, etc.

All emails sent by Code.org will contain an unsubscribe link, and will not require typing a password to unsubscribe.
District and School name and/or school type (Private, Public, Charter) Optional At your option and under your control, we would list your school in the Code.org map and database of schools that teach computer science courses.

Code.org may also use this information to reach out to your school or district to discuss broader education partnerships or participation in special events.
School address Optional At your option and under your control, we would list your school (and relevant contact information, if you provide it) in the Code.org map and database of schools that teach computer science courses.
Student section data Required You may create accounts for your students (and provide each student’s display name and optionally their age and gender), and organize these students into sections or groups. You may assign each section a display name, and a course assignment. The section grouping data is used to simplify your view of students across multiple sections.

Teachers are encouraged to share a document with students and parents informing them about the Code Studio course, including the privacy implications.
Survey and demographic data Optional For the purposes of evaluating our own work and improving our education results, Code.org regularly sends surveys to teachers.

These surveys are completely optional. The data provided by teachers in these surveys is saved and used for analysis by Code.org or by our Evaluator or our professinoal learning partners or facilitators. Any survey data shared with external parties will be anonymous and aggregated.
Attendance at professional learning workshops Participation in professional learning programs is optional.
For teachers who participate, this attendance data will be stored.
Attendance of teachers who attend our professional learning workshops is stored and associated with the teacher’s account on Code.org.

This data may be shared (along with the teacher’s identity) with any other parties involved in the teacher’s professional learning, such as the in-person facilitator who led the workshop, or the professional learning organization hosting the workshop, or the school district of the teacher. In some cases, the school district may use the workshop attendance data to compensate teachers for participating in the Code.org professional learning program.
Progress, answers, documents, projects and peer reviews for online professional learning. Participation in professional learning programs is optional.
For teachers who participate, this data will be stored.
Progress and answers in online professional-learning courses for teachers is stored in their teacher account in order to allow teachers to pick up where they left off.

This includes the lesson plans, documents and other projects teachers create as part of finishing the online learning courses. After submitting a document or project, teachers receive peer feedback from each other which is also stored so that they can read it.
Teachers also take a self assessment survey to create a custom learning plan. The results of this survey are stored with the teacher’s account along with their custom plan.
Forums Optional For teachers who choose to participate in the forums, posts are shared publicly


* A teacher account on Code Studio has all the functionality of a student account, and as a result the data collected and stored for a teacher account is a superset of the data stored for a student account.

Students and teachers may update, correct, or delete Personal Information in their Code Studio profiles at any time via the account settings page (or the manage students page for teachers).

Educators can create accounts on behalf of students. When registering an account for a student who is under the age of 13 (a “Child”), the Educator represents and warrants that they or the educational organization they work for has proper permission to register the Child for Code.org, and that they or the educational organization has obtained the necessary parental consent for collection of some of the Child’s Personal Information for the use and benefit of the school and for no other commercial purpose. In addition, they agree to be bound by these Terms on behalf of the educational organization they work for.

When using third party authentication systems, Code.org may receive personal data (such as a student's full name or gender) that is not required for use of the Website. For example, districts or schools that use Clever as an Authentication Service can permit Code.org to use existing Clever teacher and student account information to log in to Code.org sites. Districts or schools may revoke Code.org’s access to this information in Clever at any time. Please review Clever's terms of use and privacy policies for additional information.

Under a student's control, they can dissociate or associate themselves with as many teachers as they want, (and those teachers get access to the student's course progress and display name but not their email address). Teachers who create User accounts on behalf of students can reset their “secret word” or “secret picture” (for young children who can’t read) for as long as the student leaves the teacher in control of the account.

Information from Authentication Services like Facebook or Google

If you decide to register for Code Studio through an Authentication Service (such as Facebook Connect or Google Accounts), you give Code.org the permission to store and use information already associated with your Authentication Service consistent with this Privacy Policy and the table above.

You may revoke Code.org’s access to your account on any Authentication Service at any time by updating the appropriate settings in the account preferences of the respective Authentication Service. You should check your privacy settings on each Authentication Service to understand and change the information sent to us through each Authentication Service. Please review each Authentication Service’s terms of use and privacy policies carefully before using their services and connecting to our Website.

Other Services Provided by Code.org

When you use certain other features of our Website, such as signing forms or petitions to help advocate for Code.org, participating in a workshop, bringing Code.org programs to your school or district, donating to Code.org, purchasing t-shirts or other items, or participating in online surveys, Code.org may ask you to provide Personal Information including your full name, email address, and postal code, or school street address, as well as your billing and/or shipping information when necessary to complete a purchase or make a donation. The information is used to enable your participation in the relevant feature and to send you occasional emails with information about Code.org that we feel may interest you. All emails we send include an “unsubscribe” link. The one exception to this paragraph is that when a User under the age of 13 signs our online petition supporting Code.org’s mission, any email address they provide is never transmitted to our server and thus never stored or used.

If you enter your name to print a certificate of completion upon finishing our tutorials we save the name you enter in order to let you share your certificate digitally.

We may also survey Users to provide us with optional demographic information (such as gender, age, ethnicity), which we use in aggregate to better understand our User base.

Computer science educators may provide a school or classroom street address along with a description of course offerings, in order to allow students or parents to find local schools, summer-camps, or workshops that teach computer science in their neighborhood.

Lastly, for teachers, educators, and partners who participate in our computer science training programs, we may ask for information that is required for compensating or acknowledging you for your work (such as a mailing address to send a check, the name of the school/district that employs you, or a tax form containing your social security number for IRS reporting purposes).

Location Information

We may collect and store information about your location to provide you with educational experiences or email updates that are tailored for your region. The location information we have access to may include (1) your ZIP or postal code, if you provide one to us (2) the approximate geographic region your computer or mobile device is located in, as determined from your IP address. You may be able to change the settings on your computer or mobile device to prevent it from providing us with such IP information. (3) your school or classroom location, if you (as a teacher) provide it to us, in order to allow us (with your permission) to display the classroom location on a map or in search results for parents looking for schools that teach computer science. Code.org does not request or collect your exact GPS location, and your billing and shipping addresses are not used for these purposes.

Information from Other Sources

In certain situations, we may obtain information, including Personal Information, from third parties or sources other than the Website. For example, if you donate to Code.org via PayPal, we may obtain your name and mailing address to send a thank you note. If we combine or associate information from other sources with Personal Information that we collect through the Website, we will treat the combined information as Personal Information in accordance with this Privacy Policy. Your sharing of Personal Information with those third parties will also be subject to their privacy policies.

Technical Information

To provide a personalized learning and high-quality experience for our Users, we may use various technologies that automatically record certain technical information from your browser or device, including browser language settings, standard log files, web beacons, or pixel tags. This technical information may include your Internet Protocol (IP) address, browser type, internet service provider (ISP), referring or exit pages, click stream data, operating system, and the dates and times that you visit the Website and assists us in understanding how our Users are using our Website.

To track information about use of our Sites, we use various technological tools. For example: Like most websites, whether or not you are a registered member, we may send one or more cookies – small text files containing a string of alphanumeric characters – to your computer. Cookies remember information about your activities on a website and enable us to provide you with a more personalized learning experience. Code.org may use both session cookies and persistent cookies. A session cookie disappears automatically after you close your browser. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to the Website. You can, however, remove a persistent cookie at any time. Please review your web browser “Help” file, Tools menu or similar section to learn the proper way to modify your cookie settings, or visit www.allaboutcookies.org. Please note that without cookies you will not have access to certain services and features on the Website.

A pixel tag (also known as a “clear GIF” or “web beacon”) is a tiny image – typically just one-pixel – that can be placed on a Web page or in an email to you, to tell us when you have displayed that page or opened that email.

Third Parties

Code.org may use a variety of third-party service providers, such as email services to send email, analytics companies to understand our Website usage, and social networking platforms to host our videos. We may allow third-party service providers to place and read their own cookies, web beacons, and similar technologies to collect information through the Website. This technical information is collected directly and automatically by these third parties.

We use third party services to implement our Website and all of its associated services and features, including Amazon Web Services, Pardot and MailChimp (for sending email), and Twilio (for sending student code-creations to phones). Personal Information or Persistent Identifiers will be used and stored by these third parties solely in context as an implementation services provider to Code.org, but these third parties will not receive any ownership or have any other rights to access or use this Personal Information or Persistent Identifiers. In particular, when we use Twilio to send text messages to deliver student code-creations to phones, Code.org does NOT store the phone number, and further instructs Twilio to delete the phone number after delivering the text message, but it is possible that underlying phone service providers may retain this information.

Code.org does not allow advertising on our Website, and we do not have the ability to collect your web search history across third party Internet websites or search engines. (If you navigate to the Code.org Website via a web search, your web browser may automatically provide to us the web search term you used in order to find Code.org). Because Code.org doesn’t display advertising or track browsing on third party sites, we do not do anything different in response to “do not track” signals transmitted by web browsers. Certain third-party entities that we use to provide website functionality or social sharing - such as embedded YouTube videos or Facebook or Twitter sharing buttons - may collect Non-Personal Information for the purposes of online behavioral advertising, but our website is designed to continue functioning in schools that disable access to YouTube, Facebook, or Twitter. We encourage you to visit the following links if you would like to opt out of online behavioral advertising: http://www.networkadvertising.org/choices or http://www.aboutads.info/choices/. If you do want to opt out using these tools, you may need to opt out separately for each of your devices and for each Web browser on each device.

Certain capabilities linked from the Code.org Website may be implemented by third parties who collect data. For example, donations to Code.org are processed via a third party who collects and may store the payment instrument. Support messages or posts to our public forum for teachers are processed by a third party site which may allow users to create profiles, post messages, and upload photos. Other third party websites, such as the Code.org Facebook page and Twitter page, may be co-branded with our name or logo. Use of these third-party services are completely optional to Users, typically meant only for adults, and governed by the privacy policy of these third parties. We encourage you to review the privacy policy at the third parties for details about how they may collect, store and use your Personal Information.

Uploading Custom Content

Student and teacher profiles can NOT be customized with a photo.

As part of “App Lab” or “Game Lab” (in-browser programming tools available on Code Studio), students 13 years of age and older as well as students under the age of 13 in a classroom whose teacher has approved the Code.org Terms of Service and this Privacy Policy can upload custom images, text, sound, and videos to the Code Studio platform to use within applications or “apps” that they create. These files are stored in the Code Studio platform, and are not used by Code.org for any purpose other than within the applications created by students.

Message Sending Between Users

Code.org has created a tool called the “Internet Simulator” for use in High School classrooms to model how the Internet functions. With this tool, students participating in a teacher-supervised classroom activity can send text-based messages to their teacher and to other students in their specific classroom section. Message contents are visible to the classroom teacher and are not accessed or used by Code.org for any purpose other than in this educational tool. All messages are deleted after two hours of class inactivity, or upon a manual reset by the teacher.

In some courses, students are asked to provide written responses or reflections to prompts within the Code Studio platform. These written responses are accessible by any teacher that the student is currently affiliated with on Code Studio.

In addition, Users may send messages to Code.org for customer support requests.

Other than the above, the Website supports no other form of messaging among Users.

Testing and staging web sites

For the purposes of testing our Website and services before releasing them into production for broad usage, we run a staging or testing version of our services for internal testing purposes only. These are meant only for experimental use by Code.org employees, contractors, or agents, and not considered part of the Website as defined in this agreement. Any information, including Personal information or Persistent Identifiers provided while using these staging or testing versions of our services is not governed by this Privacy Policy.

Information We Do NOT Collect

Code.org does not directly collect or store payment instruments. Donations to Code.org or purchases from the Code.org store are processed via third parties, and although Code.org receives a receipt for donations (for tax purposes), we never receive the payment instrument (such as credit card or wallet information).

Student Email Addresses

When students create accounts on Code Studio, Code.org does not store the email address provided by those Users in a retrievable format. Instead, we immediately create and store only a one-way hashed version of the email address (which cannot be converted back into the original address), and use it only for the purposes of login, account management, and password recovery. In fact, when creating a student account or during login, the actual account email address is never even transmitted to Code.org's servers. The only circumstance when Code.org's servers receive a student's Code Studio account email address is if the student forgets their password and asks to reset it. At that point, the student is prompted to enter their email, which is used to send them a password reset link.

If a student contacts us via our customer support pages, we will store and use their email address in order to respond to them. If a student over the age of 13 signs our online petitions, or a student creates a teacher account on Code Studio or offers to help us as a software industry volunteer, we will store and use their email address just as we do for other advocates of our nonprofit mission.

Children Under the Age 13

The Code Studio learning platform is designed to be used by Users of all ages, including children under the age of 13 with the involvement of and pre-authorization by their school, teacher, parent or legal guardian. In order to use features that involve uploading custom media files or sending messages within the school, we obtain prior consent from the student’s teacher, other authorized school representative, or, in some cases, the parent or legal guardian.

When children under the age of 13 attempt to sign our online petition supporting Code.org’s mission, the email addresses are discarded and are not transmitted to or stored on our server.

If Code.org learns that it has inadvertently collected Personal Information or Persistent Identifiers from children under the age of 13 without prior parental or teacher consent, Code.org will take appropriate steps to delete this information. If you are a teacher, parent or legal guardian of a student on Code.org, you can ask us to deactivate the student’s account, delete any hashed email address or inadvertently collected Personal Information or Persistent Identifiers, and request that we no longer allow the student to submit their information to Code.org. To make such a request, please contact us at http://code.org/contact. Before processing your request, we may verify your identity and your relationship with the student.

Student Academic Data from School Districts

As is common in education research, to measure how well our programs perform and how well students are learning from them, Code.org engages an experienced independent third party, Outlier Research & Evaluation (“Evaluator”) to do a thorough evaluation of our work in select partner school districts. Outlier is part of the University of Chicago’s Center for Elementary Mathematics and Science Education. For information about Outlier’s experience and track record evaluating education initiatives and student data, visit http://cemse.uchicago.edu/research-and-evaluation/.

To participate in the evaluation, these school districts are asked provide student academic or demographic data from education records directly to the Evaluator, and they are only authorized to provide data that has been completely anonymized (removing student Personal Information such as name and address). The data enables the Evaluator to perform an independent study about our work, in compliance with all applicable Federal and local laws respecting student privacy. Neither Code.org nor the Evaluator will know the personal identity of individual students. When it comes to student assessments and academic results, Code.org will only allow districts to provide the Evaluator anonymized data, which will then be aggregated by the Evaluator across thousands of students from hundreds of schools to publish an independent study. Besides the anonymity of this student academic data, our contracts with school districts also specify very strict limits on who may access this data. You may read the template contractual language governing student-data in our district agreements at http://code.org/educate/template-district-agreement.

Limitations on Access to your Personal Information by Employees and Authorized Parties

Code.org’s officers, directors,employees, agents and contractors must have a legitimate business reason (related directly to furthering our charitable, nonprofit education-focused mission) to access Personal Information you provide to Code.org, for example to assist in product support. Code.org will require our officers, directors, employees, agents, and contractors to comply with this Privacy Policy, and to treat any Personal Information of Code.org Users as confidential information.

How We Share or Transfer Data

We do not rent or sell Personal Information, Persistent Identifiers, or any other information that we collect from Users, or exploit it for financial gain in any other way. Code.org will never share or grant rights to Personal Information with other third-party organizations to use without your consent, except as part of a specific program or feature for which you will have the explicit ability and choice to opt-in.

In particular, we do not share any Personal Information you provide with our donors or sponsors (other than the "Public Reporting" of anonymized reports as described below).

We may share student achievement data with your school or school district

If your use of the Code.org Website is in the context of a partnership with your school or school district, we may allow the school or school district to access the same student progress report that is also shared with your teacher(s).

We may share teacher contact information with training facilitators and partner organizations

Part of our educational program is to offer professional development workshops to prepare teachers to offer computer science courses. If you are a teacher participating in one of these workshops, your name and contact information will be shared with the facilitator and/or professional learning organization hosting the workshop, and they may have access to your continued progress in our online professional learning courses in order to coach or facilitate your learning.

In the context of partnerships between Code.org and school districts, we may also share this workshop attendance and professional learning data with the school district that employs the teacher, in order to allow school districts to compensate teachers in situations where school districts have such an arrangement with their teachers.

You may share data with social networks

Some of our Users choose to post their code-creations with social networks. This functionality is entirely optional. When you post content to social networks, the actual content posted is entirely at your control, and never posted automatically on your behalf. Typically this content includes only the code (app or animation or game or other) that you wrote, posted alongside any other remarks you may choose to add to it.

We may share limited information when you contact us for support

When you contact us with a support request, you may provide Personal Information, which is shared with a Code.org support representative in order to process your request. Code.org support representatives are either employees or independent contractors of Code.org, and will always have signed a contract requiring them to protect and not disclose confidential information including Personal Information of Users, and to use it only in the context of resolving your product support requests.

If you are chosen to be profiled on our site

Code.org promotes a weekly Student of the Week and a monthly Teacher of the Month, along with prizes. These profiles and similar testimonials are always published with the permission of the participating student or teacher and, if applicable, their parent or legal guardian, or teacher, and may include Personal Information such as the name, likeness and photo or video of the person being profiled.

Public reporting on student use and performance

We may publish anonymized information about student performance on our tutorials and Websites, however, we will never publicly disclose your Personal Information in these reports. Data about student performance will remain anonymized, but aggregated, anonymized data over large populations of students may be reported by demographic criteria such as age, general location, gender, ethnicity, and socioeconomic status.

We may share anonymous or aggregate data to improve our services and learn more about our Users

In certain occasions, Code.org may work with third parties (such as universities and education research organizations) to improve our services or offerings. We may disclose automatically collected and other aggregate non-personal information to authorized partners to conduct research on online education or assist in understanding the usage, viewing, and demographic patterns for certain programs, content, services, promotions, and/or functionality on the Website. We require any research partner that receives anonymous or de-identified data from us to agree in advance that they will not attempt to use this data to identify our Users.

We will share data when required by law

Code.org may also disclose User data including Personal Information or Persistent Identifiers if required to do so by law, or if we have a good-faith belief that such action is necessary to comply with local, state, federal, international, or other applicable laws or respond to a court order, judicial or other government order, subpoena, or warrant, or administrative request. In some cases, we may make such disclosures without first providing notice to Users, teachers, schools, parents or legal guardians.

We may share data when necessary or appropriate to protect Code.org or others

Code.org may disclose User data including Personal Information or Persistent Identifiers that we believe, in good faith, is appropriate or necessary to take precautions against liability; to protect Code.org from fraudulent, abusive, or unlawful uses; to investigate and defend ourselves against any third-party claims or allegations; to assist government enforcement agencies; to protect the security or integrity of the Website; or to protect the rights, property, or personal safety of Code.org, our Users, or others.

We may share data in the context of a change of business, including a merger or acquisition

In the event that Code.org is acquired by, combined or merged with another entity, we may transfer or assign the Personal Information and Persistent Identifiers that we have collected from Users as part of such merger, acquisition, sale, or other change of control. Our promise to you is that any Personal Information and Persistent Identifiers we have collected from Users would be safeguarded by the acquiring organization under the same level of safety and privacy as afforded by this Privacy Policy.

Our Approach to Data Security

Website security is important to you, and to us

To protect your privacy and security, we take reasonable steps to verify your identity before granting you account access or making corrections to your Personal Information.

Data we choose not to store

Although you may provide it to us, we intentionally choose NOT to store email addresses for Code Studio student accounts, or phone numbers used in our send-to-phone feature. The data we do not store cannot be stolen from us.

We will delete student display names, coding projects, apps, uploaded images and other assets associated with student accounts that have remained unused and inactive for a period of time, in accordance with our data retention policy.

We try to ensure that our Website and information sent to us are safe, but no security measures are perfect

Code.org uses certain physical, managerial, and technical safeguards designed to preserve the integrity and security of your Personal Information and other information we maintain in connection with the Website. We cannot, however, ensure or warrant the security of any or all of the Personal Information and other information you transmit to Code.org, and you do so at your own risk. Once we receive your transmission of information, Code.org makes commercially reasonable efforts to ensure the security of our systems. However, please note that this is not a guarantee that such Personal Information and other information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.

If we learn of a data security incident that compromises or appears to compromise your Personal Information, then we will attempt to notify you electronically so that you can take appropriate protective steps.

International visitors

Our Website is operated and managed on servers located within the United States. If you choose to use our Website from the European Union or other regions of the world with laws governing data collection and use that differ from U.S. law, then you acknowledge and agree that you are transferring information, including your Personal Information, outside of those regions to the United States and that, by providing your Personal Information on the Website, you consent to that transfer.

Conditions of Use and Notices

If you choose to visit our Website, your visit and any dispute over privacy is subject to this Privacy Policy and our Terms of Service, including limitations on damages, arbitration of disputes, application of the law of the State of Washington and venue for all disputes in Seattle, Washington.

A note to California residents:

We do not disclose any Personal Information to third parties for marketing purposes. For additional information about our privacy practices, or to review and request to have deleted any Personal information you have shared with us, please send a request to http://code.org/contact.

Contacting Code.org

Please contact Code.org with any questions or comments about this Privacy Policy, your Personal Information, our third-party disclosure practices, or your consent choices by writing us at http://code.org/contact or at 1301 Fifth Avenue, Suite 1225, Seattle, WA 98101.