Kodris Privacy Principles
- We’re deeply committed to creating a safe and secure learning environment for our students and teachers. We take the protection of this information seriously.
- We do not require you to provide any Personal Information in order to try our courses (only your IP address is collected). However, learning progress won’t be saved without creating an account.
- The only reason we collect any data from Students or Teachers is to better succeed at our mission of providing a great computer science education for every student in every school.
- We do not sell your Personal Information; we do not sell ads.
- Any Student academic data provided by us or by our school partners to third party evaluators for the purpose of evaluating our courses in meeting our mission will be de- identified (per standard industry practice).
- We strive to provide you with access to and control over the information you give us (as detailed below), and we take the protection of your information very seriously.
- When student Personal Information is provided to Kodris by a school, Kodris agrees to retain such information as directed by the school.
- We hold our partners to privacy and security practices no less stringent than our own.
We are committed to creating a safe and secure environment for learners of all ages on our website located at kodris.com (“Website”). Visitors and users of the Website and participants in our education programs are referred to individually as “User” and collectively as “Users”. Any User that creates a student account is referred to as “Student”. Similarly, any User that creates a teacher account is referred to as “Teacher.” We use the data we receive only insofar as it helps our mission of providing a great computer science education for every student in every school.
Any version of these Terms in a language other than English is provided for convenience and you understand and agree that the English language will control if there is any conflict.
These Terms (including any agreements and policies linked from these Terms) constitute the entire agreement between you and us.
Collection and Use of Your Information
The sections below describe the ways Kodris collects and uses personal data, which refers to any information that identifies you as an individual (directly or indirectly). This includes things like the name, display name, email address, school name and address, telephone number, etc. from Users (“Personal Information”), persistent cookies or IP addresses (“Persistent Identifiers”), as well as some of the non-Personal Information and technical information (described below) we collect. We collectively refer to any of this data we collect from Students, along with any Student information, Student records, and Student-generated content as “Student Data.”
Kodris does not collect any Personal Information from students participating in the tutorials unless they choose to create Kodris accounts. Tutorials do not require login to use.
Kodris accounts: The following table describes the data that Kodris collects from registered Users of kodris.com courses. You can also try Kodris courses without creating an account, but your learning progress won’t be saved and will be limited.
|Data stored by Kodris if you create a Kodris Student account||How and when is the data collected||How this data is used|
|Display Name (e.g., “Coderistanbul” or “Koray”) and username (eg “coderistanbul34”)||Required by User (or their Teacher) on account creation||Display name is used to provide Students a welcoming login and to identify the Student in the Teacher’s view of student progress.|
|Student email address||Email address is required on account creation if Student signs up directly.||A Student’s email address is only used for the purposes of login. See section on “Student Email Addresses”below for more details.|
|Parent or guardian email address||Can be optionally provided by parent to create a login for their child at home.||A Student may want to create a personal login to access their account independently of their Teacher or school, especially if the Teacher decides to delete the classroom section that the Student belonged to or the Student signs in with an account like Google, Twitter, Github or Facebook.
If the Student is under 13, we require a parent email address for password recovery. The Student will then be able to sign in at home with a username and password.
|Login time, IP address, and other technical data||Automatically collected as the site is used.||This data helps Kodris troubleshoot any problems Users experience. It also helps Kodris understand usage patterns, ensure the service can support all Users, and enable site updates with minimal service disruption. See section below on “technical information” for additional details|
|Progress in the course
1.Date/Time each lesson is tried
2.Number of tries to solve a level, and whether it was solved successfully or optimally
3.Information on how the Student solved the level including time to completion and whether they used hints
4.The code that the Student submitted
|Collected as Students work through a tutorial or course progress||This information is displayed to Students and their Teachers to see their progress in a course, to see the code they’ve created, and to identify topics they need help with. It also lets Students pick up where they left off if they sign out and sign in later.
This data, in de-identified form, also helps Kodris improve course effectiveness. For example, if a level is too hard, Kodris may take action (like providing better hints) to improve the learning process.
|Data stored by Kodris if you create a Kodris Teacher account||How and when is the data collected?||How this data is used|
|Email address||Email address is required on account creation||A teacher’s email address is only used for the purposes of login.
All non-transactional emails sent by Kodris contain an unsubscribe link and do not require typing a password to unsubscribe.
|School name and/or school type (private, public, after school, or other) and/or school address||Provided by the Teacher on account creation.||At the Teacher’s option and under their control, we would list their school in the Kodris map and database of schools that teach computer science courses.
Kodris may also use this information to reach out to the Teacher’s school to discuss broader education partnerships or participation in special events.
|Student section data||Collected if Teacher decides to create a section on Kodris to manage their Students.||The Teacher may create accounts for their students (and provide each Student’s display name and optionally their age), and organize these Students into sections. The Teacher may assign each section a display name, a course assignment, and grade level. Th e section grouping data is used to simplify their view of Students across multiple sections.
Teachers are encouraged to share a document with Students and parents informing them about the Kodris course, including the privacy implications.
Students and Teachers may update, correct, or delete Personal Information in their Kodris accounts at any time via the account settings page. Teachers also have the ability to reset the password of any Student in their section. A parent or legal guardian of a Student under the age of 18 may also review Personal Information and correct erroneous information, if any, by asking the Student or Teacher to access the Student account.
Student Data of any Student that is in a Teacher’s section will continue to be under the control of the Teacher. Teachers can get access to the User’s course progress, display name, and their email address If the user’s account is associated with the Teacher’s section
In order to allow Users to recover deleted accounts, we will save progress, code creations and data for a period of time. A User can email email@example.com to request permanent deletion of their account and all the associated data. A Teacher may also request the deletion of Student accounts or particular Student projects or Student Data the same way.
Information from Third Party Authentication Services
Information from Other Sources
To provide a personalized learning and high-quality experience for our Users, we may use various technologies that automatically record certain technical information from your browser or device, including browser language settings, standard log files, web beacons, or pixel tags. This technical information may include your Internet Protocol (IP) address, browser type, internet service provider (ISP), referring or exit pages, clickstream data, operating system, and the dates and times that you visit the Website. This information assists us in understanding how our Users are using our Website.
- Essential cookies: These ensure the Website works properly for Users. As one example, when you authenticate and log in, thanks to essential cookies you aren’t prompted to re- enter your password on every single page you visit during your browsing session.
- Functional cookies: These help us personalize the Website and make it faster or more user- friendly. For example, thanks to functional cookies the Website may remember your language setting (Turkish and English).
- Performance cookies: Use of these cookies allows the owner of the page to gather information, such as the frequency of visits to pages, related error messages (if available), the time users spend on the pages, and how they navigate through the online channels. This information can be used to improve the performance of the online channels.
- Analytical cookies: are used to collect technical information to help us optimize the Website and our courses. For example, thanks to analytical cookies, we can identify which lessons are most popular among students.
Generally, Internet browsers are predefined to accept cookies automatically. Browsers can be adjusted to block cookies or to warn the user when cookies are sent to the device. As the management of cookies may vary from browser to browser, please refer to the help menu of Your browser for further information.
You can visit www.allaboutcookies.org for detailed information about deleting and blocking cookies and for more general information on cookies.
Third Party Service Providers
Kodris may use a variety of third-party service providers, such as email services to send email, analytics companies to understand our Website usage, and social networking platforms to host our videos. We may allow third-party service providers to place and read their own cookies, web beacons, and similar technologies to collect information through the Website. This technical information is collected directly and automatically by these third parties.
We use third party services to implement our Website and all of its associated services and features, including (but not limited to) Yandex (for website hosting and data storage), firstname.lastname@example.org (for sending email), email@example.com for customer support), GüvenSMS (for sending User code-creations to phones), PayTR for payments), and Google Analytics (for understanding how our Website is being used). Personal data will be used and stored by these third parties solely in context as an implementation services provider to Kodris, but these third parties will not receive any ownership or have any other rights to access or use this personal data. In particular, when we use GüvenSMS to send text messages to deliver User code-creations to phones, Kodris store the phone number, and it is possible that underlying phone-service providers may retain this information.
Kodris does not allow advertising on our Website, and we do not have the ability to collect your web search history across third-party Internet websites or search engines. However, if you navigate to the Kodris Website via a web search, your web browser may automatically provide to us the web search term you used in order to find Kodris. Using an account third party social networking services, such as Facebook and Twitter, is entirely at your option and under your control.
Certain capabilities linked from the Kodris Website may be implemented by third parties who collect data. For example, purchase to Kodris are processed via a third party who collects and may store the payment instrument.
Uploading Custom Content
Student and Teacher profiles can NOT be customized with a photo.
Information We Do NOT Collect
Kodris does not directly collect or store payment instruments. We only receive payment fail information (such as ‘3D secure failed’) by the bank.
Student Email Addresses
When User accounts use a Student email address for login, Kodris store the email address provided by those Users. We store the e-email address, and use it only for the purposes of login, account management, and password recovery. The main circumstance when Kodris’s servers receive a Student’s Kodris email address is if the Student forgets their password and asks to reset it. At that point, the Student is prompted to enter their email, which is used to send them a password reset link.
If a User contacts us via our customer support pages, we will also store and use their email address in order to respond to them.
Children Under Age 16 (or under 13 in the United States)
We recognize the privacy interests of children and encourage parents and guardians to take an active role in their children’s online activities and interests. Children under the age of majority should review this agreement with their parent or guardian to ensure that the child and parent or legal guardian understand it.
If you are an Educator and you register an account for a student who is under the age of 16 (a “Child”), you represent and warrant that you or the educational organization you work for has proper permission to register the Child for Kodris, and that you have obtained the necessary parental consent for Kodris’s collection of the Child’s personal information for the use and benefit of the school and for no other commercial purpose. In addition, you agree to be bound by these Terms on behalf of the educational organization you work for.
Personal Information or Persistent Identifiers, and request that we no longer allow the Student to submit their information to Kodris. To make such a request, please contact us at https://www.kodris.com/en/contact Before processing your request, we may verify your identity and your relationship with the Student.
Limitations on Access to your Personal Information by Employees and Authorized Parties
How We Share or Transfer Data
We do not rent or sell Personal Information, Persistent Identifiers, or any other information that we collect from Users, or exploit it for financial gain in any other way. Kodris will never share or grant rights to Personal Information with other third-party organizations to use without your consent, except as part of a specific program or feature for which you will have the explicit ability and choice to opt-in.
Whenever we share Student personal data, we hold our partners to privacy and security practices no less stringent than our own.
We may share Student data with your Teacher and limited Teacher information with the Student
If a Student belongs to a Teacher’s section, we will share Student account information, course progress, and standalone projects with that Teacher so the Teacher can help manage the Student’s progress. The Student will also see limited information about their Teacher including their Teacher’s display name and section information.
We may share Classroom usage and Student achievement data with your school
In order to support school needs to oversee Kodris usage in their classrooms, we may allow your school to access reporting data on student progress and achievement, presented on a student-level, classroom-level, teacher-level, grade-level or school-level basis for Students enrolled.
We may share limited information when you contact us for support
When you contact us with a support request, you may provide Personal Information, which is shared with a Kodris support representative in order to process your request. Kodris support representatives are either employees or independent contractors of Kodris, and will always have signed a contract requiring them to protect and not disclose confidential information including Personal Information of Users, and to use it only in the context of resolving your product support requests.
We may share de-identified data to improve our services and learn more about our Users
In certain occasions, Kodris may work with third parties (such as universities and education research organizations) to improve our services or offerings. We may disclose automatically collected and other aggregated and de-identified non-Personal Information to authorized partners to conduct research on online education or assist in understanding the usage, viewing, and demographic patterns for certain programs, content, services, promotions, and/or functionality on the Website. We require any research partner that receives de-identified data from us to agree in advance that they will not attempt to use this data to identify our Users.
We will share data when required by law
Kodris may also disclose User data including Personal Information or Persistent Identifiers if required to do so by law, or if we have a good-faith belief that such action is necessary to comply with local, state, federal, international, or other applicable laws or respond to a court order, judicial or other government order, subpoena, or warrant, or administrative request. In some cases, we may make such disclosures without first providing notice to Users, Teachers, schools, parents or legal guardians.
We may share data when necessary or appropriate to protect Kodris or others
Kodris may disclose User data including Personal Information or Persistent Identifiers that we believe, in good faith, is appropriate or necessary to: take precautions against liability; protect Kodris from fraudulent, abusive, or unlawful uses; investigate and defend ourselves against any third-party claims or allegations; assist government enforcement agencies; protect the security or integrity of the Website; or protect the rights, property, or personal safety of Kodris, our Users, or others.
We may share data in the context of a change of business, including a merger or acquisition
Our Approach to Data Security
Website security is important to you, and to us
To protect your privacy and security, we take reasonable steps to verify your identity before granting you account access or making corrections to your Personal Information. If you have any questions about how we handle or protect your personal data, please contact us.
We try to ensure that our Website and information sent to us are safe, but no security measures are perfect
Kodris uses certain physical, administrative, and technical safeguards designed to reasonably protect the confidentiality, availability, integrity and security of your Personal Information, Student Data, and other information we maintain in connection with the Website in such a manner that processing will meet the requirements of national, international or other applicable laws and ensure the protection of your rights. These safeguards include restrictions on physical access to the data center, hardened system configuration, two-factor authentication, patch management, disaster recovery process, employee security and privacy training, and employee background checks. We cannot, however, ensure or warrant the security of any or all of the Personal Information and other information you transmit to Kodris, and you do so at your own risk. Once we receive your transmission of information, Kodris maintains and enforces commercially reasonable efforts to ensure the security of our systems. However, please note that this is not a guarantee that such Personal Information and other information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.
If we learn of a data security incident that compromises or appears to compromise your Personal Information or that of your Students, then we will attempt to notify you electronically so that you can take appropriate protective steps.
Users outside of Turkey should note that we transfer and store data to Turkey.
ur Website is operated and managed on servers located within Turkey. Kodris is headquartered in Istanbul, and in order to provide the Services to you, we must transfer your data to Turkey and process it there. If you choose to use our Website from regions of the world with laws governing data collection and use that differ from Turkey law, then you acknowledge and agree that you are transferring information, including your Personal Information, outside of those regions to Turkey and that, by providing your Personal Information on the Website, you consent to that transfer.
Your Rights Regarding to Your Personal Data under the General Data Protection Regulation (GDPR)
If you choose to use our Website from the European Union, please note the following information: Personal Information we collect from you will be processed in Turkey. Turkey has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the Regulation (EU) 2016/679 (General Data Protection Regulation). However, The GDPR does not require the storage of personal data in the EU, and does have specific requirements regarding the transfer of data out of the EU that Kodris complies with those requirements. Kodris relies on derogations for specific situations as set forth in Article 49 of the GDPR. This means we collect and use your information only where:
- We need it to provide you the functionality of the Website, including to operate the Website, provide customer support and personalized features, and to protect the safety and security of the Website;
- It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the Website, and to protect our legal rights and interests;
- You give us consent to do so for a specific purpose;
- We need to process your data to comply with a legal obligation.
If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because we or a third party have a legitimate interest to do so, you may have the right to object to that use though, in some cases, this may mean no longer using the Website.
Additionally, once you have provided us your data, either actively or automatically, you will have the right to:
- Request access to the personal data we have from you;
- Request a rectification, erasure, restriction of processing of your personal data;
- Object to processing in certain circumstances;
- Data portability (meaning you can request your data to be transferred to another organization in machine readable standard format);
- File a complaint with a supervisory authority if you believe that we have violated any of the rights concerning Personal Information about you. We encourage you to first reach out to us at https://www.kodris.com/en/contact so we have an opportunity to address your concerns directly before you do so.
Transfer of your personal data to Turkey
Kodris takes protecting your security and privacy seriously and we’ve put a number of measures in place to protect the integrity of your information in Turkey, including:
- Use of highly secure, access-controlled data centers;
- Routine third-party security audits
- Data encryption in transit
To exercise your rights, please contact us by writing us at https://www.kodris.com/en/contact.
Conditions of Use and Notices
No Commercial Use of Student Data
Kodris shall not use, disclose, or compile any student Personal Information for the purpose of advertising commercial products or services. We do not disclose any student Personal Information to third parties for marketing purposes.
You can review or delete your Personal Information at any time
We keep your personal data only as long as necessary or for the purposes for which it was collected or as required under any contract or by applicable law.
If, at any point, you wish to access, amend, export (i.e., data portability), or object to or restrict the processing of Personal Information collected via our Website, send us a request at https://www.kodris.com/en/contact We will promptly review all such requests in accordance with applicable laws.
Furthermore, there is a buffer period before permanent deletion of your account (to allow for account recovery in case a teacher or student accidentally deleted an account.) You can contact us to have any account permanently deleted sooner.
We also automatically delete any Personal Information associated with inactive Student or Teacher accounts per our data retention policy.
How to delete your Kodris Account
If you would like to delete your Kodris account or any content submitted to Kodris, please send an email to firstname.lastname@example.org.
Users Rights in Turkey Regarding to Personal Data under Law on Protection of Personal Data numbered 6698 (KVKK)
We collect and process information about you only where we have legal bases for doing so under applicable under Law on Protection of Personal Data numbered 6698 (KVKK). This means we collect and use your information only with the reasons and methods above mentioned.
Storing and protection of personal data
Your personal data will be stored in Kodris’s data base and systems as a confidential data in accordance with the Article 12 of KVKK, and your personal data will not share except with any methods above mentioned.
Transfer of your personal data abroad
Your personal data that is collected with any methods above, which is processed in Turkey or which is not storing outside of Turkey, and will not be transferred to any service mediators/providers located outside of Turkey.
Article 11 of KVKK entered into force on 7 November 2016, and pursuant to relevant article, rights of Personal Data Owner are as follows:
Personal Data owner has the right of apply to our firm (data controller) and with respect to himself/herself; 1. learn whether his/her personal data are processed or not, 2. if his/her personal data are processed, request information on such processing, 3. learn the purpose of the processing of his/her personal data and whether this data is used for rightful purposes, 4. know the third parties to whom his/her personal data are transferred in Turkey or abroad, 5. request the rectification of data processed incompletely or inaccurately, if any, 6. request the erasure or destruction of his/her personal data under the conditions laid down in Article 7 of KVKK, 7. in case of rectification, deleting or destruction of personal data, request that such operations are notified to third persons to whom personal data are transferred, 8. object to the negative outcomes, in case there is a negative outcome if processed data is exclusively analyzed by automatic means, 9. in case such data subject incurs damages as a result of unlawful processing of personal data, to request compensation for such damages.
Kodris Education Technologies A.S registered with Istanbul Trade Registry under registration number (411489) and Mersis number , having its headquarters located at (KIZILIRMAK MAH/SEMT DUMLUPINAR BLV. PASIFIK GAYRIMENKUL NO: 3 C-1 IC KAPI NO: 160 CANKAYA/ ANKARA) Turkey is within the scope of KVKK the Data Controller.