Coding Stars: Privacy Policy

Effective Date: April 1, 2025 Last Updated: Jun 14, 2025

Coding Heroes is committed to safeguarding your privacy. Whether you’re a student, parent, or educator, we want you to feel confident that your data is handled responsibly and securely. This Privacy Policy details how we collect, use, protect, and share your data in compliance with the UK GDPR and the EU GDPR.

Who We Are

Coding Heroes is the data controller responsible for your data. We determine the reasons for collecting your information and how we process it, including how long we keep your data, who it may be shared with, and how we ensure it’s kept secure.

Contact Our Data Protection Officer (DPO): If you have any questions or concerns about this policy or how your data is handled, please contact our DPO:

• Email: info@codingheros.co.uk

The DPO ensures we comply with data protection laws and is a point of contact for privacy inquiries.

What Data We Collect

We collect various types of personal data based on your interaction with Coding Heroes. This includes:

• User Information: Name, username, email address, date of birth, and password for account setup and identity verification.
• Parental or Guardian Details: For child users, we may collect parent/guardian contact information for consent and oversight.
• Educational Activity: Course enrollment, lesson progress, assignment submissions, test scores, and participation logs to support and personalise learning.
• Technical Data: IP addresses, device information, browser type, system logs, and usage data via cookies to understand platform use and improve functionality.
• Communications: Messages and feedback, including support requests and survey responses.

We ensure data collected is adequate, relevant, and limited to what is necessary for educational and operational purposes.

How We Use Your Data

Your data is used to deliver high-quality, personalised educational experiences. This includes:

• Account Management: To create, verify, and maintain user accounts.
• Educational Services: To enrol users, track progress, and adapt content.
• Communication: To send important information like class updates, schedule changes, reminders, or support responses.
• Platform Improvement: To analyse usage patterns, identify technical issues, and enhance features.
• Security: To detect and prevent fraud, unauthorised access, or harmful behaviour.
• Legal Compliance: To fulfil legal responsibilities, including safeguarding obligations for minors.

We do not use your data for purposes beyond those described here without explicit permission.

Legal Bases for Processing Your Data

We process personal data only when permitted by law. Our main legal grounds include:

• Consent: We obtain clear permission from users (or parents/guardians for minors) for non-essential purposes like marketing. You have the right to withdraw consent at any time.
• Contractual Obligation: Processing data is necessary to fulfil our agreement when you sign up for services, including managing access to content.
• Legal Requirements: We may be legally required to process certain data, for example, for child safety regulations or financial audits.
• Legitimate Interests: We process some data to improve services and user experience, provided it doesn’t infringe on your rights and freedoms.

Children’s Data and Privacy Protection

Children’s privacy is especially important. For users under 18 (especially under 13), we implement enhanced safeguards:

• Parental Consent: Verifiable consent from a parent or legal guardian is required before collecting data from children under 13, complying with laws like COPPA and GDPR.
• Minimal Data Collection: We collect only necessary data for educational services, avoiding unnecessary or sensitive information.
• Age-Appropriate Explanations: Privacy information is presented in simple, child-friendly language.
• Security Measures: Children’s data is stored and transmitted securely with strict access controls.
• No Targeted Ads or Profiling: We do not use children’s data for advertising, profiling, or marketing.

We aim to create a safe, respectful, and transparent digital enviro

nment for learners of all ages.

How We Share Your Data

We share your data only when necessary, securely and legally. Data may be shared with:

• Trusted Service Providers: Companies providing cloud hosting, technical support, analytics, and customer communication services, contractually obligated to keep your data safe.
• Educators or Learning Facilitators: Instructors may access student data relevant to course progress and learning outcomes.
• Parents or Guardians: For minors, we may share certain data like learning progress or account activity.
• Authorities: If required by law, we may share data with regulators, government bodies, or law enforcement.

We do not sell or rent your data to third parties for any purpose.

International Data Transfers

Your data may be transferred to countries outside the UK or EEA, for example, if a cloud service provider is based abroad. We ensure protection through:

• Standard Contractual Clauses: Contracts approved by UK/EU authorities guarantee high data protection.
• Adequacy Decisions: Transfers to countries recognised by the UK/EU as having adequate protection laws.
• Additional Safeguards: Including encryption, pseudonymization, and strict access controls.

We assess risks and take precautions for international data transfers to protect your rights.

How We Keep Your Data Secure

Security is built into our platform. We apply multiple safeguards against unauthorised access, loss, or misuse:

• Encryption: All data is encrypted during transfer and storage.
• Access Controls: Only authorised personnel can access sensitive data for stated purposes.
• Regular Audits: We perform routine security checks and vulnerability assessments.
• Employee Training: Our team receives regular training on cybersecurity, child safety, and data protection.
• Incident Response Plans: Protocols are in place for a quick and effective response to data breaches.

Your data security is a responsibility we take seriously.

Data Retention

We keep your data only as long as necessary for its collection purposes. We retain data to:

• Provide educational services and track student progress.
• Maintain records required by law or regulation.
• Investigate or resolve disputes.
• Ensure platform integrity and security.

When data is no longer needed, it is securely deleted or anonymised. We follow strict internal policies for retention and deletion, especially for children’s data.

Your Data Protection Rights

Under UK and EU data protection laws, you have rights regarding your data:

• Right to Access: Request a copy of your personal information.
• Right to Rectification: Ask us to correct inaccurate or incomplete information.
• Right to Erasure: In certain circumstances, ask us to delete your data.
• Right to Restrict Processing: Ask us to temporarily stop using your data.
• Right to Data Portability: Request a copy of your data in a structured, commonly used format.
• Right to Object: Object to data being used for specific purposes, like direct marketing.
• Right to Withdraw Consent: If processing is based on your consent, you can withdraw it any time.

To exercise these rights, contact our DPO; we typically respond within one month.

Automated Decision-Making and Profiling

We do not make decisions solely on automated processing that significantly affects you. Any profiling, like recommending educational content, enhances learning and is subject to human oversight.

Changes to This Privacy Policy

We may update this policy to reflect changes in technology, services, or legal obligations. Significant changes will involve:

• Posting an updated version on our website or app.
• Notifying users directly when required.

We encourage you to review this policy periodically to stay informed.

Raising Concerns or Making a Complaint

If you have concerns about data collection or use, we encourage you to contact our Data Protection Officer at [dpo@codinghero.com]. You also have the right to complain to a data protection authority:

• In the UK: Information Commissioner’s Office (ICO)
• In the EU: Contact your local data protection authority

We are committed to resolving all privacy-related concerns respectfully and promptly.

By using Coding Heroes, you confirm that you have read and understood this Privacy Policy. Thank you for trusting us with your learning journey.