Types of data collected: When you create a user account, the information you give to us (such as your name, email address, password, school, etc.) is stored on our server. We make a log entry every time you log in. We record every time you attempt to solve a problem. This data is collected for all users and is tied back to your user account (i.e., not anonymous). All data is stored into a database on our web server.
Some pages on our site also contain banner ads. Ad agencies may collect their own data on what ads are shown to you. Ads and ad agencies are not able to access your CodeStepByStep account data such as your user name, real name, or password.
Our site uses Google Analytics, which tracks user behavior for later monitoring by the site author. Google collects its own data about which pages you visit, the type of device and browser you are using, how long you spend on the site, language settings, etc. Such data is stored on Google's own servers. Google is not able to access your CodeStepByStep account data such as your user name, real name, or password.
Why data is collected: We retain data on what problems you have solved so that you can track your progress and see what problems are left to complete. We also store the data so that an instructor at your school can check what problems you have solved, possibly as part of a homework assignment in which you are asked to complete CodeStepByStep problems for a grade.
CodeStepByStep will not sell your user data to third parties, nor will we send you email without your consent. CodeStepByStep retains your email address essentially just as a means of authentication, of verifying that you are a real person and not a spam / bot / fake user. We reserve the right to contact you by email if there is an important CodeStepByStep-related piece of information that we feel is urgent for you to know, but our general policy is that we never plan to send email to CodeStepByStep users except to verify their accounts and reset lost passwords and other such features that require email confirmation.
Access to data: In general no other user can see your account information other than yourself. CodeStepByStep has a "leaderboard" page showing top users who have solved the most problems. This page lists the usernames as well as how many problems these users have solved, but does not list real names, email addresses, passwords, or any personal information. Instructors and TAs with authorized accounts are able to view details about which problems have been solved by students at their respective school. Instructors and TAs are not able to view or change users' passwords, but they can see users' real names and email addresses for users at their school. CodeStepByStep administrators (including lead developer Marty Stepp and assistants) personally verify every user who requests Instructor or TA access to make sure that they are who they say they are.
Security: All pages of CodeStepByStep require a valid user login except for a few specific exceptions, such as the front page, this privacy page, and the "about this site" page. Passwords are encrypted in our database so that if there is ever an unauthorized access breach, plain-text passwords will not be visible to the attacker. CodeStepByStep takes some basic precautions to avoid some common security attacks, such as asking users to choose secure passwords of a given length and containing certain characters, and delays between multiple login attempts to thwart dictionary attacks. CodeStepByStep's developers perform security audits of its code to avoid bugs that can lead to unauthorized access.
Where data is processed: CodeStepByStep is run on a server at the University of Washington in the USA. It is subject to any relevant local laws of the United States.
Last updated: 2015/08/23
Is there a problem? Contact a site administrator.