Date of Last Revision: June 1, 2023
Code.org® is a US-based charitable nonprofit dedicated to expanding access to computer science in schools and increasing participation by young women and students from other underrepresented groups. Our vision is that every student in every school has the opportunity to learn computer science.
Code.org Privacy Principles
- We’re deeply committed to creating a safe and secure learning environment for our students and teachers. We take the protection of this information seriously.
- We do not require you to provide any Personal Information in order to try our courses, most of which are accessible without a User account (only your IP address is collected). However, learning progress won't be saved without creating an account.
- The only reason we collect any data from Students or Teachers is to better succeed at our mission of providing high-quality computer science education for every student in every school.
- We do not sell your Personal Information or exploit it for financial gain. We do not sell ads. We are a charitable nonprofit and almost all our revenue comes from philanthropic gifts and donations. We established ourselves as a nonprofit so our mission and your trust will not be in conflict with a for-profit motive.
- Any Student academic data we provide to third-party evaluators for the purpose of evaluating our courses in meeting our mission will be de-identified (per standard industry practice).
- We strive to provide you with access to and control over the information you give us (as detailed below), and we use physical, administrative, and technical safeguards designed to reasonably protect your information.
- When Student Records are provided to Code.org by a school or school district, Code.org agrees to retain such information as directed by the school or school district.
- We hold our partners and service providers to privacy and security practices no less stringent than our own.
As a not-for-profit organization, we use the data we collect only insofar as it helps our mission of providing a high-quality computer science education for every student in every school. We established ourselves as a not-for-profit organization so that a for-profit motive will not interfere with our mission of providing a trusted educational resource.
Code.org is a signatory to the Student Privacy Pledge, which contains a set of principles intended to safeguard student privacy, including responsible stewardship, protection, and transparent handling of student data.
How We Collect and Use Information
The sections below describe the ways Code.org collects and uses personal data, which refers to any information that Code.org can use to reasonably identify a User as an individual (directly or indirectly), as well as information that is or can be reasonably linked (directly or indirectly) to a User or a User’s device. This includes things like name, display name, email address, school name and address, telephone number, etc., provided by Users (“Personal Information”), persistent cookies or IP addresses automatically collected (“Persistent Identifiers”), as well as some of the non-Personal Information and technical information (described below) we collect that is associated with a User.
We generally collect personal data in three ways: (1) information a User voluntarily provides to us by using the Services, (2) information we automatically collect as a User uses the Services, and (3) information from third parties. The types and amounts of personal data collected vary depending on whether the User is a Student, Teacher, parent or other visitor, and on how they use the Services, but can be generally categorized as (a) account registration data (such as username, password, email address), (b) demographic data (such as age, gender, race), (c) Technical data (such as browser or device, IP address, login times), (d) User uploaded data (such as images and sounds), (e) User response or feedback data (such as survey responses and notes to and from Teachers); (f) platform usage data (such as progress data, projects created), and (g) contact data for non-curriculum processes (such as email addresses for educators, parents, and others who wish to receive newsletters and other updates).
We generally use personal data to (1) provide our Services, (2) personalize User experiences, (3) communicate with Users or others (such as donors or educators), (4) provide or facilitate professional development for CS teachers, (5) understand, improve, develop, and protect our Services, and (6) for legal, compliance, and safety reasons.
Our goal is to minimize the personal data we collect. We do not require Users to create a Code.org account or otherwise provide Personal Information in order to participate in the Hour of Code tutorials or to try our courses. However, we cannot save a Student’s learning progress or a Teacher’s class records unless a User creates a Code.org account.
Code.org Student and Teacher Accounts
The following table describes the data that Code.org collects and stores if a User creates a Code.org Student or Teacher account for use with Code.org courses.
|Data stored by Code.org if a User creates a Code.org Student account
|How and when is the data collected?
|How this data is used
|Display Name (e.g., “Cool Coder” or “John”) and username (e.g., “coolcoder7”)
|Required by User (or their Teacher) on account creation
|Display name is used to provide Students a welcoming login and to identify the Student in the Teacher’s roster view of student progress.
Usernames are generated based on the initial display name and can be used along with a password to sign into an account.
|Required by User (or their Teacher) on account creation.
|Passwords are established by the User and can be updated through the User’s account settings or by a Teacher that manages a section in which the Student is enrolled. They are used for User authentication at sign-in.
|System generated by Teacher when adding Student to section (if choosing not to use Student accounts with passwords).
|Secret words or pictures are system generated, but can be reset by the Teacher. They are used for User authentication at sign-in.
|Age (Not birthdate)
|Required by User (or their Teacher) on account creation or first sign in before using the site.
|This data is used to understand the developmental stage of Students in order to offer an age-appropriate experience for each Student. We also use this field to ensure we don’t allow Students under age 13 to access age-restricted features (such as sharing their coding projects on social media). We store ages (e.g., 16), as opposed to birth dates (e.g., Feb 13, 2001).
|One-way hash of student email address (NOT the actual email address, which is collected in the web browser but never transmitted to Code.org and thus never stored by us)
|Email address is required (but not stored) on account creation if a Student creates an account, a Teacher creates the account via a third-party rostering provider, or the Student later adds a personal login to a Teacher-created account.
Email address is not required if an account is created by a Teacher using a picture or secret word login for the section, though it can be optionally added by the Student later.
|Where a Student creates a personal login (i.e., the student creates a Code.org account using an email address and selecting their own password - or adds a personal login to an existing account created by the Teacher on behalf of the Student through rostering or using picture or secret word logins), the Student's email address is only used for the purposes of login (along with the User’s password). It is NOT stored by Code.org in a retrievable format. To protect Student privacy, we only store a one-way hash of the email address. We do not have any way of sending email to Students or retrieving their actual email addresses from their account. See Student Email Addresses below for more details.
|Parent or guardian email address
|Can be optionally provided by a parent to receive updates or create a login for their child at home. In some jurisdictions, we may require a Student under 13 to provide a parent or guardian email address for the purpose of obtaining consent to the creation of the Code.org account by the student.
|Parents or guardians can choose to link their email address to their Student’s account to receive updates from Code.org. (A student can also add the parent or guardian email address.)
In some jurisdictions, we may require a parent or guardian email address for the purpose of consenting to the creation of a Student Code.org account for a Student under the age of 13. In those instances, the email address is used solely for that purpose and is linked to the Student account for purposes of allowing the parent to stay updated on their Child’s progress and projects - and the Parent email address can also be used for password recovery and to request support.
|System generated (separate identifiers may be provided by authentication services). This is NOT a student number assigned by a school.
|These identifiers are used to maintain and operationalize accounts.
|Login time, IP address, and other technical data
|Automatically collected as the Services are used.
|This data helps Code.org troubleshoot any problems Users experience. It also helps Code.org understand usage patterns, ensure the service can support all Users, and enable Services updates with minimal service disruption. See Technical Information below for more details.
|Optionally provided by the Student or their Teacher.
|This information is only used in aggregate to measure gender distribution and how Students respond to different computer science challenges, or track our aggregate progress towards reducing the gender gap in computer science.
|Optionally provided by the Student (only requested from Students 13 and over and only if their IP address is in the US).
|Students aged 13 and over have an option to indicate their race. For Students under age 13 we do not ask individual race, but we ask the Teacher to optionally estimate the racial distribution of the entire classroom.
This information is only used in aggregate, to measure the percentage of students from underrepresented racial and ethnic groups and their aggregate response to computer science challenges, and in order to track our aggregate progress toward improving diversity in computer science.
|Progress in the course
1- Date/Time each lesson is tried
2- Number of tries to solve a level, and whether it was solved successfully or optimally
3- Information on how the Student solved the level including time to completion and whether they used hints
4- The code that the Student submitted
5- Student-provided answers to simple assessments (e.g., multiple-choice questions)
|Collected as a Student works through a tutorial or course progression.
|This information is displayed to Students and their Teachers to see their progress in a course, to see the code they’ve created, and to identify topics they need help with. It also lets Students pick up where they left off if they sign out and sign in later. See Technical Information below for more details.
This data, in de-identified or aggregate form, also helps Code.org improve course effectiveness. For example, if a level is too hard, Code.org may take action (like providing better hints) to improve the learning process.
|Student projects - apps, animations, stories, or code-art
|Collected as a Student creates such projects. Creating apps and projects is part of our course progressions but can also be done outside our courses through our standalone tools.
|The code and any associated data for these apps are stored by Code.org so Students can retrieve their projects each time they log in.
When Students work in the context of a classroom, their Teacher also has access to view the projects created by any Students in the classroom.
Student projects and code creations each have a custom URL that Students can use to share with others, or post to the Code.org public gallery. On the public gallery, projects are displayed with only the first letter of the Student’s display name to protect Student privacy as well as their age. We do not allow Students under the age of 13 to share projects (e.g., in App Lab) to the Code.org public gallery when these projects allow for Student-uploaded content.
Students may “remix” (copy and then change or improve upon) projects made by themselves or by other Users.
Students age 13 or over can also, at their discretion, post their projects to their social media accounts.
In our elementary school courses, Students create stories, games, or art using tools, such as Play Lab and Sprite Lab, which are generally limited to using artwork and sounds provided by Code.org or uploaded by their teacher. Where we do allow custom uploads by Students in these tools (e.g., uploading an image for a Student-created storyboard), Students are advised never to upload any media containing Personal Information and we implement controls that block Student sharing of projects to the Code.org public gallery that contain custom uploads. Students can write dialogues for these projects. Some text provided by Students in these tools is automatically analyzed and moderated to help prevent sharing of personal data like email addresses and phone numbers.
Our middle school and high school courses teach Students to make more complex apps and games, such as App Lab, Game Lab, and Web Lab. These tools allow the Students to upload custom photos, sounds and/or videos. (See below)
|Student-uploaded images, sounds, or videos
|Collected if a Student chooses to upload custom files.
|Only Students age 13 and older, or Students under 13 who are working in a classroom whose Teacher has added the Student to a class section, can choose to upload custom images, sounds, and videos to the Code.org platform to use within apps or games that they create in programing tools as part of our courses for grades 6+ (App Lab, Game Lab, and Web Lab). Students under 13 are advised never to upload any media containing Personal Information and we do not allow Students under the age of 13 to share projects created using these tools to the Code.org public gallery.
Similarly, where custom uploads are allowed for programming tools intended for younger students (e.g, Play Lab and Sprite Lab), Students are advised never to upload any media containing Personal Information and we implement controls that block Student sharing of projects that contain custom uploads.
These files are not used by Code.org for any purpose other than within these projects. These projects may be shared and remixed as described above, subject to those restrictions described.
|Data collected by Student-created apps
|Collected if users of a code project created by the Student choose to enter data into the app.
|Students may use Code.org to create their own apps. Depending on the app author’s design, a Student-created app may in turn collect data by prompting other Users (anybody who tries using the Student-created app) to enter information, such as a favorite movie.
If a Student creates an app that collects and stores data in this fashion, all data entered by Users of the app may be accessed and possibly shared publicly by the app author, the app itself, and potentially anybody with a link to view the app. Code.org does not itself use or share this data outside of the app.
Before using a Student-created app that collects data, Users are shown a clear warning that any data they enter may be shared publicly and that they should not share anything personal to them or to others.
|Written comments in response to curricular/educational prompts within Code.org courses
|Collected if a Student chooses to enter text in response to the prompts.
|Within some of our courses, Students in a classroom are prompted to answer a question. Their answers are shared with any Teacher with whom the Student is affiliated on Code.org and are used by Code.org in de-identified form to improve the curriculum.
|Student-provided responses to surveys (e.g., multiple choice and free response questions)
|Collected if a Student chooses to fill out a survey offered inside the courses.
|We may ask for responses to attitudinal questions (to assist the Teacher in understanding their classroom’s reaction to learning computer science and, in de-identified or aggregate form, to help Code.org improve our curriculum). Students are informed that answers to these attitudinal questions are shared with the Teacher anonymously without their name attached. We may, however, share a Student’s identity, answer, and other information related to a given question with their teacher or appropriate authorities if we are prompted to do so, and upon investigation, we have a good-faith and reasonable belief that the answer indicates the Student may harm themselves or others, among a few other limited scenarios outlined in the section titled “How We Share or Transfer Information.” However, we are not actively monitoring student answers for such issues. If you are a teacher, please contact email@example.com so we can help you if your Student indicates they may be unsafe.
|Additional* data stored by Code.org if a User creates a Code.org Teacher account
|How and when is the data collected?
|How this data is used
|Email address is required at account creation (or when switching from a Student account to a Teacher account).
|Email addresses are used to send emails to the Teacher with updates about their classroom or Student progress, send notices when new course-work is available, and provide updates on curriculum, tools, professional learning opportunities, etc.
Teachers can choose at account creation whether to receive non-transactional emails (e,g., updates to our courses, local opportunities, or other computer science news). All non-transactional emails sent by Code.org contain an unsubscribe link and do not require typing a password to unsubscribe.
|District and school name and/or school type (private, public, charter, homeschool, after school, organization, or other) and/or school address
|Optionally provided by the Teacher at account creation or after creating an account.
|At the Teacher's discretion and under their control, we will list their school in the Code.org map and database of schools that teach computer science courses.
Code.org or our professional development partners may also use this information to reach out to the Teacher's school or district to discuss broader education partnerships or participation in special events.
|Verified Teacher Identification Information
|Optionally provided by the Teacher when seeking “verified teacher” status if the Teacher’s status cannot be demonstrated through other proof - such as verification of the teacher’s position on a school website.
|At the Teacher's discretion, and under their control, they may provide a copy of an identification (such as a school-issued ID or a state-issued ID) to our support desk as part of demonstrating their teacher status. We recommend redacting data beyond name, photo, and issuing authority. All such images are deleted after the verification is complete.
|Student section data
|Collected if a Teacher decides to create a section on Code.org to manage their Students.
|The Teacher may create accounts for their students (and provide each Student’s display name which the Teacher can manage using full names or initials, and, optionally, their age and gender) or direct students to create accounts themselves, and organize these Students into sections. The Teacher may assign each section a display name, a course assignment, and grade level. The section grouping data is used to simplify their view of Students across multiple sections.
Teachers are encouraged to share a Code.org document with Students and parents informing them about enrollment in a Code.org section, including the privacy implications.
|Survey and demographic data
|Collected if a Teacher chooses to optionally fill out a survey.
|For the purposes of evaluating our own work and improving our education results, Code.org regularly sends surveys to Teachers.
These surveys are completely optional. The data provided by Teachers in these surveys is saved and used for analysis by Code.org, research partners, our Regional Partners, our International Partners, or facilitators. Any survey data shared with external parties is de-identified and aggregated.
|Attendance at professional learning workshops
|Collected when a Teacher attends a workshop.
|Attendance of Teachers at our professional learning workshops is stored and associated with the Teacher’s account on Code.org.
This data may be shared (along with the Teacher’s identity) with any other parties involved in the Teacher’s professional learning, such as the facilitator who led the workshop, the professional learning organization hosting the workshop, or the school district of the Teacher. In some cases, the school district may use workshop attendance data to compensate Teachers for participating in the Code.org professional learning program.
|Progress, answers, documents, projects, and peer reviews for online professional learning.
|Collected as a teacher interacts with our online professional learning tools.
Participation in professional learning programs is optional.
|Progress and answers in online professional-learning courses for Teachers are stored in their Teacher account in order to allow Teachers to pick up where they left off.
This includes the lesson plans, documents, and other projects Teachers create as part of finishing the online learning courses. After submitting a document or project, Teachers receive peer feedback from each other which is also stored so that they can read it.
Teachers also take a self-assessment survey to create a custom learning plan. The results of this survey are stored with the Teacher’s account along with their custom plan.
|Comment feedback provided to students
|Collected if a Teacher decides to give written comments to their Students on their work
|The Teacher may provide written feedback to their Students on their coursework. Though a Student will only see the most recently provided comment on a given level, we store all the previously shared comments as part of the Teacher’s account in case the Teacher or school needs to access them later.
* A Teacher account on Code.org has all the functionality of a Student account, and as a result the data collected and stored for a Teacher account is a superset of the data stored for a Student account.
Third Party Authentication Services
When using a third-party authentication service, Code.org may receive personal data (such as a Student's full name or gender) that is not required for use of the Services. For example, districts or schools that use Clever as an authentication service can permit Code.org to use existing Clever teacher and student account information to sign in to Code.org Services. Districts or schools may revoke Code.org’s access to this information in Clever at any time.
Non-Curriculum Features and Other Services
When you use certain non-curriculum features of our Services, Code.org may ask you to provide Personal Information including your full name, email address, age, school or company name, and postal code or school street address, as well as your billing and/or shipping information when necessary to complete a purchase or make a donation. Examples include signing forms or petitions to help advocate for computer science, providing information to put your school on the map of schools teaching computer science, contacting us for help or information via customer support pages, subscribing to receive email communications from Code.org, participating in a workshop, signing up as a local volunteer, bringing Code.org programs to your school or district, donating to Code.org, purchasing t-shirts or other items, nominating a teacher, or participating in online surveys. This information is used to enable your participation in the relevant feature and to send you occasional emails with information about Code.org that we feel may interest you. All non-transactional emails we send include an “unsubscribe” link. (When a User identified as under the age of 16 signs our online petition supporting Code.org’s mission, any name or email address they provide is deleted from our servers and thus never used.)
If you enter your name to create a certificate of completion upon finishing select courses or exercises, we store the certificate data in order to allow you to print and/or share the certificate digitally (e.g., on social media). We periodically delete this data, which may impact the certificate sharing function.
We may ask Users to provide us with optional demographic information (such as gender, age, race or ethnicity), which we use in aggregate to better understand our User base.
Computer science educators may provide a school or classroom street address, along with a description of course offerings, in order to allow students or parents to find local schools, summer-camps, or workshops that teach computer science in their neighborhood.
If you use the Services to request that we send someone information about Code.org (e.g., nominate a teacher or administrator for professional development, or send a teacher “thank you”), we will only send them emails for the specific purpose you identify - they will not be added to any mailing lists (unless they sign up). The recipient may see your name and your description of why you submitted their information. Additionally, in the US and where applicable, we may share a nominated teacher’s name, school, and city (but not the teacher’s email address or your name) with our Regional Partner in the teacher’s state, so that our partner knows the teacher was recommended and to help process the teacher's application for a scholarship to the partner’s local workshops.
Code.org does not request or collect GPS or other precise location data. We may collect and store non-precise location information (e.g., the approximate geographic region of a computer or mobile device, as determined from the IP address) to help provide educational experiences or email updates that are tailored for that region.
Information from Other Sources
To provide a personalized learning and high-quality experience for our Users, we may use various technologies that automatically record certain technical information from the User’s browser or device, including browser language settings, standard log files, web beacons, or pixel tags. This technical information may include Internet Protocol (IP) address, browser type, internet service provider (ISP), referring or exit pages, click stream data, operating system, and the dates and times the User visited the Services. This information assists us in providing the Services and understanding how our Users are using the Services.
To assess information about use of our Services, we use various technological tools. For example, whether or not a User is a registered member, we may send one or more cookies to the User’s browser when they visit our Services. For more information, see the Code.org Cookie Notice or the Hourofcode.com Cookie Notice.
We may also use pixel tags (also known as a “clear GIF” or “web beacon”), which are tiny images – typically just one pixel – that can be placed on a Web page or in an email to tell us when the recipient has displayed that page or opened that email. We may allow third-party service providers to place and read their own cookies, pixel tags, and similar technologies to collect information through the Services to perform the service we’ve requested. This technical information is collected directly and automatically by these third parties.
Student and Teacher profiles cannot be customized with a photo.
As part of certain in-browser programming tools available on Code.org (such as “App Lab,” Game Lab,” “Web Lab,” and “Sprite Lab”), Students can upload custom images, text, sound, and videos to the Code.org platform to use within applications or “apps” that they create. These files are stored by Code.org, but are not used by Code.org for any purpose other than within the applications created by Users. When we allow uploads of images, sounds or videos by Students under age 13, we implement controls that block Student sharing of such projects as described in the table above.
Internet Simulator and Other Messages
Code.org offers a tool called the “Internet Simulator” for use in High School classrooms to model how the Internet functions. With this tool, Students participating in a Teacher-supervised classroom activity can send text-based messages to their Teacher and to other Students in their specific classroom section. Message contents are visible to the classroom Teacher and are not accessed or used by Code.org for any purpose other than in this educational tool. All messages are deleted after two hours of class inactivity, or upon a manual reset by the Teacher.
In select courses, such as the Code.org CS A AP course, Teachers may optionally enable peer review groups within their classroom sections to allow students to provide feedback on other students’ projects. The student feedback is visible only to the Teacher and to students within the group designated by the Teacher. The Teacher may disable the feature at any time and may also delete specific feedback.
In addition, Teachers may provide written feedback to their Students on coursework. Users may also send messages to Code.org for customer-support requests.
Other than the above, the Services do not directly provide any other form of messaging among Users (although Users could use Code.org tools to create apps that support messaging among individuals).
Student Email Addresses
When Students use an email address for login, Code.org does not store the email address provided by those Users in a retrievable format. Instead, we immediately create and store only a one-way hashed version of the email address (which cannot be converted back into the original address), and use it only for the purposes of login, account management, and password recovery. In fact, when creating or signing into a Student account, the actual account email address is never even transmitted to Code.org's servers. The only circumstance when Code.org's servers receive a Student's email address is if the Student forgets their password and asks to reset it. At that point, the Student is prompted to enter their email address, which is used to send them a password reset link after we verify the email address through the same one-way hashing algorithm. We then delete the clear text email address. We will, however, store and use email addresses provided by Students when they choose to participate in Non-Curriculum Features and Other Services to the limited extent described above.
For a small minority of our Students, and only if they are over the age of 18, we may offer the opportunity to participate in a “longitudinal” study to understand the multi-year impact of learning computer science. Participation in such a study is entirely optional. Students who receive an offer and choose to participate will be asked to provide their contact information (email address and optionally other forms of contact that may be more convenient for the Student). This contact information will not be shared with third parties, nor used in any way outside the purpose of such a study – to ask Students to participate in surveys. If we learn that we have inadvertently collected this information from a Student under 18, we will delete such information immediately.
No Commercial Use of Student Personal Information
Some laws, such as California’s Student Online Personal Information Protection Act (SOPIPA) and similar state laws, prohibit the gathering of the Personal Information of K-12 students for targeted advertising purposes. Code.org abides by such laws and shall not use, disclose, or compile Personal Information of Students on the Services for the purpose of marketing or advertising commercial products or services. We do not disclose Personal Information or other personal data of Students to third parties for marketing purposes.
Service Improvement and Internal Operations
We may use data (including personal data) we obtain or generate from the operation of our Services to (1) conduct internal research to improve, repair, or develop products, services, or technology; (2) identify and repair technical errors; (3) prevent, detect, protect against and respond to security threats or incidents; and (4) perform internal operations.
How We Share or Transfer Information
We do not rent or sell personal data or any other information that we collect from Users, or exploit it for financial gain in any other way. Code.org will never share or grant rights to personal data with other third-party organizations to use without your consent, except as part of a specific program or feature for which you will have the explicit ability and choice to opt-in. In particular, we do not share any personal data you provide with our donors or sponsors (only de-identified reports as described below) without your explicit consent.
The sections below explain circumstances in which we may share personal data with third parties. We may also share de-identified or aggregate data that does not reasonably identify any individual or User.
We may share personal data with third-party service providers
Code.org may use a variety of third-party service providers to support our operations. For example, we may use third parties such as email service platforms to send email, analytics companies to understand our Services usage and performance, and social networking platforms to host our videos. Similarly, we may use third-party service providers to implement and host our Services and associated services and features, provide teacher forums, process donations, provide contract and workflow management services, assist with customer support, and provide other functions in support of our organization. When we give service providers access to data, including personal data, they are only allowed to use the data to provide services for which we have contracted and based on our direction. They are not allowed to use personal data for any other reason without the user’s consent or at the user’s direction. You can find a list of third-party service providers we use here.
We may share Student personal data with the Teacher and Teacher personal data with the Student
If a Student belongs to a Teacher’s section, we will share Student account information, course progress, and standalone projects with that Teacher so the Teacher can help manage the Student’s progress. The Student will also see limited information about their Teacher including their Teacher’s display name and section information.
We may share personal data on classroom usage and Student achievement with the school or school district
In order to support school and district needs to oversee Code.org usage in their classrooms, we may allow a Student’s school or school district to access reporting data on student progress and achievement, presented on a student-level, classroom-level, teacher-level, grade-level or school-level basis for Students enrolled in a Teacher’s section. The reports available to school and district administrators will be based on the same data that is displayed on the Student progress report that is also shared with the Student's Teacher(s). If Teachers choose to give Students feedback on coursework and projects through Code.org, we may also share this with school or district administrators upon request. We may also share personal data in Student Records with third parties as directed by a school or school district. For more information about the data we may be sharing with a Student's school or school district, please click here.
We may share Teacher personal data with the Teacher's training facilitators, our Local Partner, the school district, and other partners
If you are a Teacher participating in one of the professional development workshops run by our Local Partners, your name and contact information will be shared with the facilitator and/or the Code.org Local Partner(s) who runs the professional learning program in your area. In addition, the facilitator, Local Partner(s), and your school district will have the opportunity to access your continued progress in our in-person and online professional learning courses in order to coach you, facilitate your additional learning, and follow your professional development progress. In some cases, your school district may require this information in order to compensate you for workshop attendance. They may also be able to see your overall class progress to support your classroom. Local Partners and facilitators will not have any data on specific Students, but they will be able to see the overall number of students and class demographics. If Code.org is paying for your travel to our professional learning workshops for Teachers, we will - with your explicit permission - share your name and contact information with our travel partner to facilitate booking your travel.
We may also share the list of schools (solely the school identities, without any personal data about Teachers or Students) that use Code.org or have participated in our professional learning program with select partners, such as a local, state, regional, or national education agencies or authorities, so long as such partners agree to treat the information as confidential.
We also provide Teachers other opportunities (such as when adding their school to the map of schools teaching computer science) to share their contact information (name, school, email) — at their option and under their control — with a Code.org Local Partner so that teachers can be contacted about local professional learning workshops, resources, and events.
Our Local Partners or other partners can sometimes provide additional programs or services such as scholarships or free supplies for schools. When these services or programs are available locally, Teachers will have the option to share their personal data, such as email address, school name, and school ID with a specific partner to opt in to a specific service or program to support their classroom.
We may share personal data Users choose to post publicly
In certain cases, Users may choose to post information that is publicly accessible on our Services. This includes making public posts as a Teacher on our forum, offering to be a volunteer if a User is over the age of 18, or choosing to put information about a User’s school or organization on a public map. When you are filling out a form to post information on our Services, we will always make it clear exactly what will be shared publicly.
Some of our Users choose to post their code-creations or other information to social networks. This functionality is entirely optional. When you post content to social networks, the content posted is entirely under your control, and never posted automatically on your behalf by Code.org. Typically this content includes only the code (i.e., the app or animation or game or other content that is part of the project) that you wrote, posted alongside any other remarks you may choose to add to it.
We may also re-share (e.g., retweet) public posts made by Users, educators, media, governments, or others on social media platforms without seeking permission.
We may share personal data when Users contact us for support
When a User contacts us with a support request, they may provide personal data, which is shared with a Code.org support representative in order to process the User’s request. Code.org support representatives are either employees or independent contractors of Code.org, and will always have signed an agreement requiring them to protect and not disclose confidential information including personal data of Users, and to use it only in the context of resolving product support requests.
We may share personal data if Users are chosen (and give permission) to be profiled on our Services
Code.org promotes Student and Teacher work on our Services and social media channels. These profiles and similar testimonials are published with the permission of the participating Student or Teacher and, if applicable, their parent, legal guardian, or teacher, and may include personal data such as the name, likeness, and photo or video of the person being profiled. As indicated above, we may also re-share public posts from other platforms (where we are not the original publisher) without seeking permission.
We may share personal data when required by law
Code.org may disclose personal data if required to do so by law, or if we have a good-faith belief that such action is necessary to comply with local, state, federal, international, or other applicable laws or respond to a court order, judicial or other government order, subpoena, warrant, or administrative request. In some cases, we may make such disclosures without first providing notice.
We may share personal data when necessary or appropriate to protect Code.org or others
Code.org may disclose personal data that we believe, in good faith, is appropriate or necessary to: take precautions against liability; protect Code.org from fraudulent, abusive, or unlawful uses; investigate and defend ourselves against third-party claims or allegations; assist government enforcement agencies; protect the security or integrity of the Services; or protect the rights, property, or personal safety of Code.org, our Users, or others.
We may share or transfer personal data in the context of a change of business, including a merger or acquisition
We may share de-identified or aggregate data
We may share or publish de-identified or aggregate data about Students, Teachers, and our Services for various purposes. De-identified and aggregate data does not contain any personal data. For example:
We may provide our Local Partners with de-identified demographic information and information about usage of courses and professional learning programs for schools and districts in their area. They will not see names or contact information of any Teacher unless that Teacher chooses to share it as part of signing up for a local professional learning workshop or joining their professional learning program.
We may publish de-identified information (e.g., code.org/statistics) about Student performance on our Services. These reports will never include personal data. Instead, aggregated, de-identified data over large populations of Students may be reported by demographic criteria such as age, general location, gender, race or ethnicity, and socioeconomic status.
We may work with third parties (such as universities and education research organizations) to improve our services or offerings and disclose automatically collected and other aggregated and de-identified data to these authorized partners to conduct research on online education or assist in understanding the usage, viewing, and demographic patterns for certain programs, content, services, promotions, and/or functionality on the Services. We require any research partner that receives de-identified data from us to agree in advance that they will not attempt to use this data to identify Users.
How We Protect Information
We use reasonable safeguards to help ensure that our Services are secure, but no security measures are perfect
Code.org uses physical, administrative, and technical safeguards designed to reasonably protect the confidentiality, availability, integrity, and security of personal data and other information we collect and maintain in connection with the Services. These safeguards include, for example, restrictions on physical access to the data center, hardened system configuration, two-factor authentication, patch management, disaster recovery processes, employee security and privacy training, employee background checks, and third-party security resources, among others. We encrypt Personal Information in transit and at rest, and we have generally aligned our security practices to the NIST Cybersecurity Framework.
However, no security measures can fully ensure the security of any or all of the personal data or other information we collect and store. If you transmit personal data to Code.org you do so at your own risk. We cannot guarantee that such personal data and other information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, administrative, or technical safeguards.
If we learn of a data security incident that compromises or appears to compromise your Personal Information or that of your Students, we will attempt to notify you electronically so that you can take appropriate protective steps.
We try to minimize the personal data we collect and store
Even when Code.org collects personal data in order to provide the Services, we attempt to minimize the data we store. For instance we intentionally choose not to store email addresses for Code.org Student accounts or phone numbers used in our send-to-phone feature.
We limit employee and authorized party access to personal data
Your Choices - How to Access, Correct, Update, or Delete Your Information
If, at any point, you wish to access, correct, update, or delete your personal data on the Code.org learning platform, you may do so from your Code.org account settings page as described below. Alternatively, you can email us at firstname.lastname@example.org or enter a request at https://code.org/contact. We will promptly review all such requests in accordance with applicable laws after verifying your identity. For Student accounts with a personal login, we will authenticate the request by requiring an email from the email address used to establish the account - and we will run the same one-way hash algorithm to match the request to the student account. For requests from Teachers (related to either Student Accounts in the Teacher’s section or to the Teacher’s account), we will generally require an email from the email address used to establish the account, but may be able to authenticate the account through other methods where we have additional teacher information in our records.
In the event you believe your request has been improperly denied or insufficiently processed, you may appeal that decision by submitting your request and the reasons you believe your request was improperly denied or insufficiently processed in an email to email@example.com. Within forty-five (45) days after receipt of an appeal, we will inform you of any additional action taken or not taken in response to the appeal, along with a written explanation of the reasons in support of the response.
Due to the nature of the Services, projects and other data created while using the Services are generally meaningful only in the context of the Services and it is not technically feasible to transmit such data to the user or other entities for use outside of Code.org. We will, however, consider specific requests for data portability on a case-by-case basis.
Unless we receive a deletion request, we may retain your personal data as long as a User account is active, as long as the personal data is necessary or useful for operational purposes, or as required under any contract or by applicable law. We may indefinitely retain information which has been de-identified or aggregated such that it is no longer personal data.
We do not engage in targeting advertising, the sale of personal data, or profiling in furtherance of decisions that produce legal or similarly significant effects concerning a User. Therefore, we do not process requests to “opt-out” of such processing.
Managing and Deleting Code.org Accounts
Code.org does not require an account to try our courses. However, Students and Teachers with an account may update, correct, or delete Personal Information and other personal data in their Code.org accounts at any time via the account settings page after logging into their account. Teachers can go to their section’s “Manage Students” tab to update the most common settings or to access and delete a Student’s login information. Teachers also have the ability to reset the password of any Student not using a personal email login in their section who is not also a Teacher. A parent or legal guardian of a Student under the age of 18 may also review Personal Information and other personal data and correct erroneous information, if any, by asking the Student or Teacher to access the Student account.
Except as described below, personal data of any Student that is in a Teacher's section will be under the control of the Teacher. The Teachers for these sections get access to the Student’s course progress and display name, but not their email address. If a Student is no longer associated with a Teacher’s section, that means the Student’s account will no longer be managed by the Teacher and the Student may retain possession and control of the Student-Generated content by creating a personal email login. If a Teacher deletes their own Teacher account (and all sections under their account) or removes a Student from a section they manage, the Student account in the section will also be deleted unless the Student has created a personal email login for their Student account. If the Student has created a personal email login, the Student account generally will be removed from the Teacher’s section but the Student account will not be deleted. However, we may be contractually obligated to delete, at a school’s request, all student accounts enrolled in a teacher’s section even if the student account uses a personal login. If a student wishes to maintain full control over a student account they use outside of school, the student should not use that account to enroll in a teacher’s section, and should instead create and use a separate student account for the teacher’s section.
In order to allow Users to recover deleted accounts, we will save progress, code creations and other data for a short period of time after a User executes an online deletion request. A User can email firstname.lastname@example.org or enter a request at https://code.org/contact to request an immediate permanent deletion of their account and all the associated data. A Teacher may also request the immediate deletion of Student accounts or particular Student projects or Student personal data the same way. Deleting a Student’s project will not delete other Students’ creations that were previously remixed from the deleted project. As part of the deletion process, we may de-identify data by removing identifiers such that remaining data cannot reasonably be used to re-identify a user. We do this to allow for ongoing research or product improvement (e.g., retaining a gender identifier to help analyze ongoing efforts to improve discrepancies in computer science learning).
We automatically delete personal data associated with Student or Teacher accounts that have remained unused and inactive for a period of time in accordance with our data retention policies.
Managing and Deleting Other Data
Deleting your Code.org account will not delete data that you may have submitted outside of Code.org's learning platform (such as signing our petition to support advocacy in your area) or on related services hosted by third parties such as our support forum or the teacher forum. Please send us an email at email@example.com or enter a request at https://code.org/contact if you would like to have this information deleted and we will take reasonable steps to do so.
School Users and Student Records
Code.org may be used in a classroom setting by schools, school districts, or teachers (collectively referred to as “Schools”). When the Services are used as part of a School’s educational curriculum, the personal data related to the School’s Student Users that is provided to Code.org by the School or collected by Code.org during the provision of the Services to a School, may include information defined as “educational records” by the Family Educational Rights and Privacy Act (“FERPA”) or be covered by other similar student data privacy laws, to which the School may be subject. In these cases, the Student’s personal data we collect, along with any other student records the school provides to us and any student-generated content is referred to as “Student Records” and we have implemented controls and procedures to help the Schools address their obligations under such laws. In some cases where we process Student Records, we may enter into separate agreements with Schools that supplement our Terms of Service, such as our Student Data Privacy Addendum.
Because many of our Student accounts are used for both School and non-School purposes, only personal data relating to Code.org accounts that are (1) created by a School (for example, when a Teacher creates the user name, login and password to establish the Student account, or when the teacher rosters a class using Google Classroom, Clever, or similar authentication service), or (2) created by a Student at the direction of a School or Teacher, using a School email address and associated with a Teacher’s section, are “Student Records.” Student Records do not include information a Student or other individual may provide to Code.org independent of the Student’s use of the Services at the direction of the School. However, if a Student User links their existing personal account to a Teacher’s section, information associated with the personal account may be considered Student Personal Data to the extent it contains data generated as part of the curriculum in the Teacher’s section. In such cases, the account may have hybrid qualities, with some control over the account shared by the Teacher (and school) and the Student. For example, refer to the data deletion discussion above under Managing and Deleting Code.org Accounts.
Children’s Privacy Notice
- We do not collect or maintain actual Student email addresses for Student accounts (even those for Students 13 or older). We only collect and maintain a one-way hashed version of the email address which we cannot reverse.
- We do not collect full dates of birth, only age.
- We do not collect Student physical addresses or phone numbers.
- We do not generally support the display of public user profiles, except when we highlight or profile a user, with appropriate permission.
- We do not support online messaging between Students (except for the Internet Simulator function for classrooms).
- We encourage the use of screen names that are first name or first name and last initial only.
- We only display a Student’s first initial when we display projects on our Services.
- We only provide a mechanism for Students age 13 or over to post projects to their social media accounts.
- We automatically monitor some text entered in projects for elementary school courses, such as Play Lab and Sprite Lab, to help prevent sharing of personal data such as email address and phone number.
- When we allow uploads of custom images, sounds, and videos by Students under age 13, we implement controls that block Student sharing of such projects.
We do not require Users to create a Code.org account or otherwise provide Personal Information in order to participate in the Hour of Code tutorials or to try our courses. However, we cannot save a Student’s learning progress or a Teacher’s class records unless the User has a Code.org account (whether an account with a personal login or an account created by a Teacher).
Code.org account sign-up
When a Child creates a Code.org account using a personal login, we request a username, age (not birthdate), password, and email address (although we retain only a one-way hash of Student email addresses). In some jurisdictions, we may seek the consent of a parent or legal guardian before establishing the account for a Child.
A School may create a Code.org account for a Child
When Code.org is used by a School in an educational setting in classrooms with Children, we strongly recommend that Teachers not ask their students to create Code.org accounts with personal logins. Instead, we recommend that Teachers use one of the account creation methods noted below.
Teachers who have classrooms with Children can create Code.org accounts without personal logins by using either a rostering service like Google Classroom or Clever, or by creating Code.org logins with picture passwords or secret word passwords that Teachers set for each student in a Teacher section (in which case the School may avoid providing any Personal Information). When Schools create Code.org accounts in these manners, we rely on the Teacher/School to obtain required consent, if any.
As previously noted, in some jurisdictions if a Teacher chooses to have students create accounts with personal logins, we may require parental consent for the account creation - which can result in delays and hinder classroom participation. Similarly, if a Child later seeks to add a personal login to access their Code.org account independently of their Teacher or School (e.g., they wish to maintain their account and projects for use outside of school or after the school year ends), we may require parental consent in some jurisdictions to create the personal login - however, the Child will continue to be able to use their existing School login credentials pending the parental consent for the personal login.
How Parents can provide consent (where required)
Although parental consent is not generally required, in those jurisdictions where we require such consent in connection with a Child account, the parent may provide consent by responding affirmatively to an email sent by Code.org to the Parent’s email address provided by the Child during registration. We will send a reminder email after a few days if no response is received, but if we do not receive consent within the time prescribed, the Child’s account will be closed and all account information (including the parent’s email information) will be deleted from our systems. If parental consent is received, the Parent’s email address will be automatically linked to their child’s account to stay updated on their Child’s progress and projects - and the Parent email address can also be used for password recovery and to request support (including account deletion at any time) for the Child’s account. Parents will need to ensure they know their child’s email address and username for support requests.
How we restrict functionality for Child accounts
What information we collect for a Child account, and how we use this information
How we share or transfer information relating to a Child account
No Third Party Tracking and No Targeted Advertising
Code.org does not display targeted advertising on the Service. We do not disclose personal information of Children for direct marketing purposes or for targeted advertising purposes - on our site or on other sites.
How to access, modify and delete Children Accounts
As a Parent, you have the ability to access and control information about your Child - including requesting deletion of the Child account - by either logging into their account with their credentials and using the self-help delete function or by contacting us from your Parent email address associated with the child’s account (if any) at firstname.lastname@example.org.
If Code.org learns that it has inadvertently collected Personal Information or Persistent Identifiers from children under the age of 13 without prior parental or teacher consent, Code.org will take appropriate steps to delete this information. If you are a teacher, parent or legal guardian of a Student on Code.org, you can ask us to deactivate the Student’s account and delete any hashed email address or inadvertently collected Personal Information or Persistent Identifiers. To make such a request, please email us at email@example.com or enter a request at https://code.org/contact. Before processing your request, we may verify your identity and your relationship with the Student.
Links to Other Sites and Services
We Do Not Allow Advertising on Our Services
Code.org does not allow advertising on our Services, and we do not have the ability to collect web search history across third-party Internet websites or search engines. However, if you navigate to the Code.org Services via a web search, your web browser may automatically provide to us the web search term you used in order to find Code.org. Because Code.org doesn’t display advertising or track browsing on third-party sites, we do not do anything different in response to “do not track” signals transmitted by web browsers.
We use the embedded YouTube player in Privacy Enhanced Mode to deliver computer science videos within our curriculum. This means that YouTube does not place cookies or track viewing behavior for advertising purposes. Our student-facing curriculum does not embed any YouTube videos that are not part of our curriculum. We have disabled the “rel” functionality of YouTube, which prevents the embedded YouTube player from playing related content outside of our curriculum. We have also tagged our “YouTube” videos on the site for “child-directed treatment.” Schools can also choose to block access to YouTube, in which case we use a fallback option that plays videos directly from our Services.
We offer clearly marked links to visit Facebook or Twitter to share various things such as User creations or certificates on Code.org. Using an account on these third-party social networking services is entirely at your option and under your control, and will not result in behavioral tracking of your browsing behavior on Code.org. However, because we know that these services use behavioral targeting as part of their advertising business model, on student-facing course and activity pages, we don’t offer links to these services to Students under the age of 13, or in schools that have blocked Internet access to these services.
To opt out of various forms of internet advertising by third parties, you may visit the following links: http://www.networkadvertising.org/choices or http://www.aboutads.info/choices/. If you use these tools, you will need to opt out separately for each of your devices and for each web browser on each device. If you reside in the EU, you may manage certain advertising cookies by visiting the EU-based http://www.youronlinechoices.eu/. You may also be able to limit interest-based advertising through the settings on your mobile device by selecting “limit ad tracking” (iOS) or “opt-out of interest based ads” (Android).
Our Services are operated and managed on servers located within the United States. If you choose to use our Services from regions of the world with laws governing data collection and use that differ from U.S. law, then you acknowledge and agree that you are transferring information, including personal data, outside of those regions to the United States and that, by providing your personal data on the Services, you are providing your consent to that transfer.
Rights Under the General Data Protection Regulation (GDPR)
If you are an individual in the European Economic Area (EEA) and you choose to use our US-based Services, we collect and process personal data about you only where we have a legal basis for doing so under the GDPR or other applicable EU laws. This means we process your personal data only where:
- You give us consent to do so for a specific purpose;
- The processing is necessary for the performance of a contract between us (e.g., our terms of service) or in order to take steps at your request prior to entering into a contract;
- The processing is necessary to provide you the functionality of the Services, including to operate the Services, provide customer support and personalized features, and to protect the safety and security of the Services;
- The processing is necessary for the purposes of our legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the Services, and to protect our legal rights and interests; or
- The processing is necessary to comply with a legal obligation.
If you have consented to our use of personal data for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. When we are using your personal data because we or a third party have a legitimate interest to do so, you may have the right to object to that use though, in some cases, this may mean no longer using the Services.
In most cases, Code.org is the controller of personal data we collect and process through the Services. In some cases, however, such as where we have entered into an agreement with an educational authority to provide the Services to its students, they may be the controller and we may be their processor (in which case you should direct any requests regarding your personal data to the controller). Where we are the controller of your personal data, you have the following rights:
- Right of access and portability. The right to obtain access to your personal data, and to receive the personal data in a commonly used format and to have it transferred to another data controller;
- Right to rectification. The right to obtain rectification of your personal data without undue delay where that personal data is inaccurate or incomplete;
- Right to erasure. The right to obtain the erasure of your personal data without undue delay in certain circumstances, such as where the personal data is no longer necessary in relation to the purposes for which it was collected or processed;
- Right to restriction. The right to obtain the restriction of the processing undertaken by us on your personal data in certain circumstances, such as where the accuracy of the personal data is contested by you;
- Right to object. The right to object, on grounds relating to your particular situation, to the processing of your personal data; and
- Right to Complain. The right to file a complaint with a supervisory authority if you believe that we have violated any of the rights concerning personal data about you. We encourage you to first reach out to us at firstname.lastname@example.org so we have an opportunity to address your concerns directly before you do so. A list of Supervisory Authorities is available here.
To exercise the foregoing rights, please contact us by sending us an email at email@example.com or enter a request at https://code.org/contact. We will consider your request in accordance with applicable law. In some cases our ability to uphold these rights may depend upon our obligations to process personal data for security, safety, and fraud prevention reasons, compliance with regulatory or legal requirements, or because processing is necessary to deliver the services you have requested. Where this is the case, we will inform you of specific details in response to your request.
We stand behind the promises we make, and will not change how we use personal data we have already collected from Users in any material way without also providing notice of the change via email, through the Services, or through other means, and obtaining consent via your continued use to any new data use policies after such notice.