Date of Last Revision: 01.09.2019
Kodris Information Technologies (hereinafter "Kodris") is a company that presents the “Kodris Web 2.0” version platform, which made available to the public for use on 01.09.2019, that consists of 100+ screens and provides the opportunity to learn computer science at primary, middle and high school level students within the specified time period. As a part of that mission, Kodris operates the websites located at https://kodris.com, information, text, curricula, videos, graphics, photos, APIs, email notifications and other materials and related products and services (the “Services”).
Kodris Privacy Principles
- We’re deeply committed to creating a safe and secure learning environment for our students and teachers. We take the protection of this information seriously.
- We do not require you to provide any Personal Information in order to try our courses, most of which are accessible without a User account (only your IP address is collected). However, learning progress won't be saved without creating an account.
- The only reason we collect any data from Students or Teachers is to better succeed at our mission of providing a great computer science education for every student in every school.
- We do not sell your Personal Information or exploit it for financial gain
- Any Student academic data provided by us or by our school partners to third party evaluators for the purpose of evaluating our courses in meeting our mission will be de- identified (per standard industry practice).
- We strive to provide you with access to and control over the information you give us (as detailed below), and we take the protection of your information very seriously.
- When student Personal Information is provided to Kodris by a school, Kodris agrees to retain such information as directed by the school or school district.
- We hold our partners to privacy and security practices no less stringent than our own.
We are committed to creating a safe and secure environment for learners of all ages on our website located at kodris.com (“Website”). Visitors and users of the Website and participants in our education programs are referred to individually as “User” and collectively as “Users”. Any User that creates a student account is referred to as “Student”. Similarly, any User that creates a teacher account is referred to as “Teacher.” We use the data we receive only insofar as it helps our mission of providing a great computer science education for every student in every school.
- Any version of these Term in a language other than English is provided for convenience and you understand and agree that the English language will control if there is any conflict.
- These Terms (including any agreements and policies linked from these Terms) constitute the entire agreement between you and us.
Collection and Use of Your Information
The sections below describe the ways Kodris collects and uses personal data, which refers to any information that identifies you as an individual (directly or indirectly). This includes things like the name, display name, email address, school name and address, telephone number, etc. from Users (“Personal Information”), persistent cookies or IP addresses (“Persistent Identifiers”), as well as some of the non-Personal Information and technical information (described below) we collect. We collectively refer to any of this data we collect from Students, along with any Student information, Student records, and Student-generated content as “Student Data.”
Kodris does not collect any Personal Information from students participating in the tutorials unless they choose to create Kodris accounts. Tutorials do not require login to use.
Kodris accounts: The following table describes the data that Kodris collects from registered Users of kodris.com courses. You can also try Kodris courses without creating an account, but your learning progress won't be saved and will be limited.
|Data stored by Kodris if you create a Kodris Student account||How and when is the data collected?||How this data is used|
|Display Name (e.g., “Coderistanbul” or “Koray”) and username (eg "coderistanbul34")||Required by User (or their Teacher) on account creation||Display name is used to provide Students a welcoming login and to identify the Student in the Teacher’s view of student progress.|
|Student email address||Email address is required on account creation if Student signs up directly.||A Student's email address is only used for the purposes of login. See section on "Student Email Addresses"below for more details.|
|Parent or guardian email address||Can be optionally provided by parent to create a login for their child at home.||Can be optionally provided by parent to create a login for their child at home.|
|Login time, IP address, and other technical data||Automatically collected as the site is used||This data helps Kodris troubleshoot any problems Users experience. It also helps Kodris understand usage patterns, ensure the service can support all Users, and enable site updates with minimal service disruption. See section below on “technical information” for additional details.|
|Progress in the course
||Collected as Students work through a tutorial or course progress||
This information is displayed to Students and their Teachers to see their progress in a course, to see the code they’ve created, and to identify topics they need help with. It also lets Students pick up where they left off if they sign out and sign in later.This data, in de-identified form, also helps Kodris improve course effectiveness. For example, if a level is too hard, Kodris may take action (like providing better hints) to improve the learning process.
|Data stored by Kodris if you create a Kodris Teacher account||How and when is the data collected?||How this data is used|
|Email address||Email address is required on account creation||
A teacher’s email address is only used for the purposes of login.
All non-transactional emails sent by Kodris contain an unsubscribe link and do not require typing a password to unsubscribe.
|School name and/or school type (private, public, after school, or other) and/or school address||School name and/or school type (private, public, after school, or other) and/or school address||
At the Teacher's option and under their control, we would list their school in the Kodris map and database of schools that teach computer science courses.
Kodris may also use this information to reach out to the Teacher's school to discuss broader education partnerships or participation in special events.
|Student section data||Collected if Teacher decides to create a section on Kodris to manage their Students.||
The Teacher may create accounts for their students (and provide each Student’s display name and optionally their age), and organize these Students into sections. The Teacher may assign each section a display name, a course assignment, and grade level. Th e section grouping data is used to simplify their view of Students across multiple sections.
Teachers are encouraged to share a document with Students and parents informing them about the Kodris course, including the privacy implications.
Students and Teachers may update, correct, or delete Personal Information in their Kodris accounts at any time via the account settings page. Teachers also have the ability to reset the password of any Student in their section. A parent or legal guardian of a Student under the age of 18 may also review Personal Information and correct erroneous information, if any, by asking the Student or Teacher to access the Student account.
Student Data of any Student that is in a Teacher's section will continue to be under the control of the Teacher. If a Student over the age of 16 or a parent of a Student of any age attaches a personal email login to a Student account, the Student can add or remove themselves from a Teacher's section. Users over the age of 16 who use email or a third party login such as Github, Facebook, Twitter, Google Account or Microsoft Account can also add or remove themselves from as many sections as they want. The Teachers for these sections get access to the User's course progress and display name, their email address. If a Student is no longer associated with a Teacher’s section, that means the Student Data will no longer be managed by the school or Teacher and the Student may retain possession and control of the Student-generated content.
In order to allow Users to recover deleted accounts, we will save progress, code creations and data for a period of time. A User can email firstname.lastname@example.org to request permanent deletion of their account and all the associated data. A Teacher may also request the deletion of Student accounts or particular Student projects or Student Data the same way. Deleting a Student’s project will not delete other Students’ creations that were previously remixed from the deleted project.
Information from Third Party Authentication Services
Information from Other Sources
To provide a personalized learning and high-quality experience for our Users, we may use various technologies that automatically record certain technical information from your browser or device, including browser language settings, standard log files, web beacons, or pixel tags. This technical information may include your Internet Protocol (IP) address, browser type, internet service provider (ISP), referring or exit pages, click stream data, operating system, and the dates and times that you visit the Website. This information assists us in understanding how our Users are using our Website.
To track information about use of our Sites, we use various technological tools. For example: Like most websites, whether or not you are a registered member, we may send one or more cookies – small text files containing a string of alphanumeric characters that save to your computer or mobile device when you visit our Website. Cookies remember information about your activities on a website and enable us to provide you with a more personalized learning experience. We collect this information for various purposes:
- Essential cookies: these ensure the Website works properly for Users. As one example, when you authenticate and log in, thanks to essential cookies you aren’t prompted to re- enter your password on every single page you visit during your browsing session.
- Functional cookies: these help us personalize the Website and make it faster or more user- friendly. For example, thanks to functional cookies the Website may remember your language setting (Turkish, English, Spanish, etc).
- Analytical cookies are used to collect technical information to help us optimize the Website and our courses. For example, thanks to analytical cookies, we can identify which lessons are most popular among students.
Kodris may use both session cookies and persistent cookies. A session cookie disappears automatically after you close your browser. A persistent cookie remains after you close your browser and may be used by your browser on subsequent visits to the Website. You can, however, remove a persistent cookie at any time. Please review your web browser Help file, Tools menu, or other similar menu options to learn the proper way to modify your cookie settings. Please note that without cookies you will not have access to certain services and features on the Website.
A pixel tag (also known as a “clear GIF” or “web beacon”) is a tiny image – typically just one pixel – that can be placed on a Web page or in an email to you to tell us when you have displayed that page or opened that email.
Third Party Service Providers
Kodris may use a variety of third-party service providers, such as email services to send email, analytics companies to understand our Website usage, and social networking platforms to host our videos. We may allow third-party service providers to place and read their own cookies, web beacons, and similar technologies to collect information through the Website. This technical information is collected directly and automatically by these third parties.
We use third party services to implement our Website and all of its associated services and features, including (but not limited to) Yandex (for website hosting and data storage),email@example.com (for sending email), firstname.lastname@example.org(for customer support), GüvenSMS (for sending User code-creations to phones), PayU for payments), and Google Analytics (for understanding how our Website is being used). Personal data will be used and stored by these third parties solely in context as an implementation services provider to Kodris, but these third parties will not receive any ownership or have any other rights to access or use this personal data. In particular, when we use GüvenSMS to send text messages to deliver User code-creations to phones, Kodris store the phone number, and it is possible that underlying phone-service providers may retain this information.
Kodris does not allow advertising on our Website, and we do not have the ability to collect your web search history across third-party Internet websites or search engines. However, if you navigate to the Kodris Website via a web search, your web browser may automatically provide to us the web search term you used in order to find Kodris. Because Kodris doesn’t display advertising or track browsing on third party sites, we do not do anything different in response to “do not track” signals transmitted by web browsers. Using an account third party social networking services, such as Facebook and Twitter, is entirely at your option and under your control, and will not result in behavioral tracking of your browsing behavior on Kodris. However, because we know that these services use behavioral targeting as part of their advertising business model, on student-facing course and activity pages, we don’t offer links to these services to Students under the age of 16, or in schools that have blocked Internet access to these services.
Uploading Custom Content
Student and Teacher profiles can NOT be customized with a photo.
Information We Do NOT Collect
Kodris does not directly collect or store payment instruments. We only receive payment fail information (such as ‘3D secure failed’) by the bank.
Student Email Addresses
When User accounts use a Student email address for login, Kodris store the email address provided by those Users. We store the e-email address, and use it only for the purposes of login, account management, and password recovery. The main circumstance when Kodris's servers receive a Student's Kodris email address is if the Student forgets their password and asks to reset it. At that point, the Student is prompted to enter their email, which is used to send them a password reset link.
If a User contacts us via our customer support pages, we will also store and use their email address in order to respond to them. If a User over the age of 16 o signs our online petitions, or a User creates a Teacher account on Kodris or offers to help us as a software industry volunteer, we will store and use their email address.
Under Age 16 (or under 13 in the United States)
We recognize the privacy interests of children and encourage parents and guardians to take an active role in their children’s online activities and interests. Children under the age of majority should review this agreement with their parent or guardian to ensure that the child and parent or legal guardian understand it.
If you are an Educator and you register an account for a student who is under the age of 16 (a “Child”), you represent and warrant that you or the educational organization you work for has proper permission to register the Child for Kodris, and that you have obtained the necessary parental consent for Kodris’s collection of the Child’s personal information for the use and benefit of the school and for no other commercial purpose. In addition, you agree to be bound by these Terms on behalf of the educational organization you work for.
Personal Information or Persistent Identifiers, and request that we no longer allow the Student to submit their information to Kodris. To make such a request, please contact us at http://www.kodris.co.uk/contact.html. Before processing your request, we may verify your identity and your relationship with the Student.
Limitations on Access to your Personal Information by Employees and Authorized Parties
How We Share or Transfer Data
We do not rent or sell Personal Information, Persistent Identifiers, or any other information that we collect from Users, or exploit it for financial gain in any other way. Kodris will never share or grant rights to Personal Information with other third-party organizations to use without your consent, except as part of a specific program or feature for which you will have the explicit ability and choice to opt-in.
Whenever we share Student personal data, we hold our partners to privacy and security practices no less stringent than our own.
We may share Student data with your Teacher and limited Teacher information with the Student
If a Student belongs to a Teacher’s section, we will share Student account information, course progress, and standalone projects with that Teacher so the Teacher can help manage the Student’s progress. The Student will also see limited information about their Teacher including their Teacher’s display name and section information.
We may share Classroom usage and Student achievement data with your school or school district
In order to support school needs to oversee Kodris usage in their classrooms, we may allow your school to access reporting data on student progress and achievement, presented on a student-level, classroom-level, teacher-level, grade-level or school-level basis for Students enrolled in a Teacher’s section.
We may share limited information when you contact us for support
When you contact us with a support request, you may provide Personal Information, which is shared with a Kodris support representative in order to process your request. Kodris support representatives are either employees or independent contractors of Kodris, and will always have signed a contract requiring them to protect and not disclose confidential information including Personal Information of Users, and to use it only in the context of resolving your product support requests
We may share de-identified or aggregate data to improve our services and learn more about our Users
In certain occasions, Kodris may work with third parties (such as universities and education research organizations) to improve our services or offerings. We may disclose automatically collected and other aggregated and de-identified non-Personal Information to authorized partners to conduct research on online education or assist in understanding the usage, viewing, and demographic patterns for certain programs, content, services, promotions, and/or functionality on the Website. We require any research partner that receives de-identified data from us to agree in advance that they will not attempt to use this data to identify our Users.
We will share data when required by law
Kodris may also disclose User data including Personal Information or Persistent Identifiers if required to do so by law, or if we have a good-faith belief that such action is necessary to comply with local, state, federal, international, or other applicable laws or respond to a court order, judicial or other government order, subpoena, or warrant, or administrative request. In some cases, we may make such disclosures without first providing notice to Users, Teachers, schools, parents or legal guardians.
We may share data when necessary or appropriate to protect Kodris or others
Kodris may disclose User data including Personal Information or Persistent Identifiers that we believe, in good faith, is appropriate or necessary to: take precautions against liability; protect Kodris from fraudulent, abusive, or unlawful uses; investigate and defend ourselves against any third-party claims or allegations; assist government enforcement agencies; protect the security or integrity of the Website; or protect the rights, property, or personal safety of Kodris, our Users, or others.
We may share data in the context of a change of business, including a merger or acquisition
Our Approach to Data Security
Website security is important to you, and to us
To protect your privacy and security, we take reasonable steps to verify your identity before granting you account access or making corrections to your Personal Information. If you have any questions about how we handle or protect your personal data, please contact us.
We try to ensure that our Website and information sent to us are safe, but no security measures are perfect
Kodris uses certain physical, administrative, and technical safeguards designed to reasonably protect the confidentiality, availability, integrity and security of your Personal Information, Student Data, and other information we maintain in connection with the Website in such a manner that processing will meet the requirements of national and European Union laws and ensure the protection of your rights. These safeguards include restrictions on physical access to the data center, hardened system configuration, two-factor authentication, patch management, disaster recovery process, employee security and privacy training, and employee background checks. We cannot, however, ensure or warrant the security of any or all of the Personal Information and other information you transmit to Kodris, and you do so at your own risk. Once we receive your transmission of information, Kodris maintains and enforces commercially reasonable efforts to ensure the security of our systems. However, please note that this is not a guarantee that such Personal Information and other information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.
If we learn of a data security incident that compromises or appears to compromise your Personal Information or that of your Students, then we will attempt to notify you electronically so that you can take appropriate protective steps.
Our Website is operated and managed on servers located within Turkey. If you choose to use our Website from regions of the world with laws governing data collection and use that differ from Turkey law, then you acknowledge and agree that you are transferring information, including your Personal Information, outside of those regions to Turkey and that, by providing your Personal Information on the Website, you consent to that transfer.
Users outside of Turkey should note that we transfer and store data to Turkey.
Kodris is headquartered in Istanbul, and in order to provide the Services to you, we must transfer your data to Turkey and process it there. By visiting or using our Services, you consent to storage of your data on servers located in Turkey. If you are using the Services from within the EEA, you consent to the transfer, storage, and processing of your data in and to Turkey or other countries. Specifically, personal data collected in the United Kingdom (“UK”), Switzerland, and the European Economic Area (“EEA”) is transferred and stored outside those areas. Additionally, if you are located in the UK, EEA, or Switzerland, you also have the right to lodge a complaint with your data supervisory authority.
That data is also processed outside of the UK, Switzerland, and the EEA by our Udemy group companies, or our service providers, including to process transactions, facilitate payments, and provide support services as described in Section 4. We have entered into data processing agreements with our service providers that restrict and regulate their processing of your data on our behalf. By submitting your data or using our Services, you consent to this transfer, storage, and processing by Kodris.
Conditions of Use and Notices
Commercial Use of Student Data
Kodris shall use or compile any student Personal Information for the purpose of marketing or advertising commercial products or services. However, we do not disclose any student Personal Information to third parties for marketing purposes. In very rare cases, you may receive promotional message or e-mail from us.
You can review or delete your Personal Information at any time
We keep your personal data only as long as necessary or for the purposes for which it was collected or as required under any contract or by applicable law.
If, at any point, you wish to access, amend, export (i.e., data portability), or object to or restrict the processing of Personal Information collected via our Website, send us a request at http://www.kodris.co.uk/contact.html. We will promptly review all such requests in accordance with applicable laws. If you wish to delete your information on the Kodris learning platform, you may delete your account from the account settings page.
Furthermore, there is a buffer period before permanent deletion of your account (to allow for account recovery in case a teacher or student accidentally deleted an account.) You can contact us to have any account permanently deleted sooner.
We also automatically delete any Personal Information associated with inactive Student or Teacher accounts per our data retention policy.
How to delete your Kodris Account
If you would like to delete your Kodris account or any content submitted to Kodris, please send an email to email@example.com.
Your Rights Regarding to Your Personal Data under the General Data Protection Regulation (GDPR)
If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have legal bases for doing so under applicable EU laws. This means we collect and use your information only where:
- We need it to provide you the functionality of the Website, including to operate the Website, provide customer support and personalized features, and to protect the safety and security of the Website;
- It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the Website, and to protect our legal rights and interests;
- You give us consent to do so for a specific purpose; or
- We need to process your data to comply with a legal obligation.
If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because we or a third party have a legitimate interest to do so, you may have the right to object to that use though, in some cases, this may mean no longer using the Website.
Additionally, once you have provided us your data, either actively or automatically, you will have the right to:
- Request access to the personal data we have from you;
- Request a rectification, erasure, restriction of processing of your personal data;
- Object to processing in certain circumstances;
- Data portability (meaning you can request your data to be transferred to another organization in machine readable standard format);
- File a complaint with a supervisory authority if you believe that we have violated any of the rights concerning Personal Information about you. We encourage you to first reach out to us at http://www.kodris.co.uk/contact.html so we have an opportunity to address your concerns directly before you do so.
To exercise your rights, please contact us by writing us at http://www.kodris.co.uk/contact.html.
Transfer of your personal data to Turkey
The GDPR does not require the storage of personal data in the EU. The GDPR does have specific requirements regarding the transfer of data out of the EU and Kodris complies with those requirements. Your personal data that is collected with any methods above, which is processed in Turkey or which is storing in Turkey, and will not be transferred to any service mediators/providers located outside of Turkey.
Kodris takes protecting your security and privacy seriously and we've put a number of measures in place to protect the integrity of your information in Turkey, including:
- Use of highly secure, access-controlled data centers
- Routine third-party security audits
- Data encryption in transit
Users Rights in Turkey Regarding to Personal Data under Law on Protection of Personal Data numbered 6698 (KVKK)
We collect and process information about you only where we have legal bases for doing so under applicable under Law on Protection of Personal Data numbered 6698 (KVKK). This means we collect and use your information only with the reasons and methods above mentioned.
Storing and protection of personal data
Your personal data will be stored in Kodris’s data base and systems as a confidential data in accordance with the Article 12 of KVKK, and your personal data will not share except with any methods above mentioned.
Transfer of your personal data abroad
Your personal data that is collected with any methods above, which is processed in Turkey or which is not storing outside of Turkey, and will not be transferred to any service mediators/providers located outside of Turkey.
Article 11 of KVKK entered into force on 7 November 2016, and pursuant to relevant article, rights of Personal Data Owner are as follows:
Personal Data owner has the right of apply to our firm (data controller) and with respect to himself/herself; 1. learn whether his/her personal data are processed or not, 2. if his/her personal data are processed, request information on such processing, 3. learn the purpose of the processing of his/her personal data and whether this data is used for rightful purposes, 4. know the third parties to whom his/her personal data are transferred in Turkey or abroad, 5. request the rectification of data processed incompletely or inaccurately, if any, 6. request the erasure or destruction of his/her personal data under the conditions laid down in Article 7 of KVKK, 7. in case of rectification, deleting or destruction of personal data, request that such operations are notified to third persons to whom personal data are transferred, 8. object to the negative outcomes, in case there is a negative outcome if processed data is exclusively analyzed by automatic means, 9. in case such data subject incurs damages as a result of unlawful processing of personal data, to request compensation for such damages.
Kodris Education Technologies A.Ş registered with Istanbul Trade Registry under registration number (411489) and Mersis number , having its headquarters located at (KIZILIRMAK MAH/SEMT DUMLUPINAR BLV. PASİFİK GAYRİMENKUL NO: 3 C-1 İÇ KAPI NO: 160 ÇANKAYA/ ANKARA) Turkey is within the scope of KVKK the Data Controller.