Last modified: January 1 st , 2020

CodeMonkey Privacy Policy

PRIVACY POLICY

PRIVACY POLICY FOR INFORMATION COLLECTED BY CODEMONKEY STUDIOS. ("CODEMONKEY") AND ITS WEBSITES: CODEMONKEY.COM, APP.CODEMONKEY.COM, PLAYCODEMONKEY.COM, CODEMONKEY.CO.IL, CM-STUDIOS.COM, CMONKEY-P.HEROKUAPP.COM, CODEMONKEY JR. (COLLECTIVELY, THE "WEBSITE")

Because your privacy is important to us, we operate by the principles described herein. We have created this Privacy Policy in order to describe to you our practices regarding the information that we collect and how we use it. By accessing and/or using our Website, apps and/or service from any browser, application, or device you are using (collectively, the “Services”), and/or accepting the Terms of Service (which you can review here), you consent to the collection and use of your information as we have outlined in this Policy. Capitalized terms used and not otherwise defined herein, shall have the respective meanings ascribed to them under Terms of Service.

1. The information we collect

INFORMATION YOU PROVIDE

We collect “Personal Information” (which is information that can reasonably be used, alone or in combination with other reasonably available information, to identify or contact a specific individual) through your registration for and/or use of the Services. For example, during the registration process we will ask you for your name and the name of your institution or organization, your e-mail address, the physical address of your institution or organization, the phone number of your institution or organization, and other information related to the Services. Personal Information is also collected when you contact our customer support, send us other communication, or sign up for newsletters or special offers. Any information combined with Personal Information will be treated as Personal Information. We may collect billing and account information for credit cards, payment cards or other payment systems from clients of paid versions of our Services and share this information with our third party billing and payment processors. We do not store credit card or payment card numbers as billing and processing are handled by third parties retained by CodeMonkey billing and payment processors.  Your use of such services are subject to the terms of service and privacy policy of such third parties.

Our Website offers a blog or community forums to allow you to learn more about us. These areas of the site are intended for parents and teachers. You are not required to share personal information, but if you choose to do so, it may be published, read, collected, and used by others who access them. We are not responsible for any personally identifiable information you choose to submit in blogs or any other publicly accessible service or website. To request removal of your personal information from our blog or community forum, contact us via email at privacy@codemonkey.com.

INFORMATION WE COLLECT AUTOMATICALLY

Additional information collected by our Services may include your IP address, web pages that you visit, types of browsers, operating systems, and/or devices you are using as well as their settings, information regarding your mobile network (such as carrier name, phone number, etc.), and any other data normally stored in website logs (collectively, the “Information”).

Like many other websites and apps, we use “cookies” (a small file sent to your computer by a website or device to allow the website or app to store information which uniquely identifies you) or other similar software to collect data in order to assist our users and provide them with a more personal experience visits in our Website or apps. For example, cookies help our systems recognize you if you return to our Services shortly after exiting them.  You can always disable cookies at your browser or device’s settings, but please note that if you do so, some (or all) of the features and functionality of our Services may not be available to you.

We may also use other technologies to collect information automatically. Such information may include your IP address, browser and/or device type and settings, referring website, site usage, and whether you opened emails you received from us.

We may post our own clients testimonials on our Website or apps, which may contain personally identifiable information. We will obtain a customer’s consent to post its name along with its testimonial (unless such information was made public by the customer itself).

CHILDREN UNDER THE AGE OF 13

You must be at least 13 years old to join our Services. We do not knowingly collect Personal Information from visitors under the age of 13. We only collect Personal Information through our Services from visitors under 13 where we have received the confirmation (via our Services and in accordance with our Terms of Services) of such student’s school and/or teacher to obtain the required consent for that student to use our Services and disclose the Personal Information, or where the parent of a child has signed the child up to use the Services. If you believe that we may have unintentionally collected Personal Information from a child under the age of 13, please contact us immediately at privacy@codemonkey.com.

You are not required to provide us with any information, although we may be unable to provide the Services without your information.

2. What we do with your information

Except in a Business transaction as described below, we never sell or rent your personal information.  

We may use your information in the following ways:
(i) To provide the Services as well as for auditing and improving our Services.
(ii) We may occasionally inform you of new features, functionality, services and products, and other promotions from CodeMonkey or our affiliates as well as send you periodic updates, tips and newsletters. You may always opt-out of receiving these correspondences from us by following the unsubscribe instructions included in each Newsletter. Note that regardless of your election, we may continue sending you notices to update you on revisions made to this Privacy Policy or to our Terms of Service.
(iii) We may use and share Information with certain third-parties, including our parent company or affiliates, that help us operate our Website, apps and Services (e.g. cloud provider, email distribution service providers and other similar service providers). When we use such third parties, we restrict them from using or disclosing the information, except as required to perform services on our behalf or to comply with legal requirements. Personal information of our users will not be shared with third parties for marketing purposes.
(iv) We may share Information with third parties in limited circumstances, including when complying with legal process, to protect our intellectual property and other legal rights, seeking to prevent fraud or imminent harm, and securing of our Services.
(v) We reserve the right to disclose your Information as required by law and when we believe that disclosure is necessary to protect our rights and/or comply with a law enforcement order, such as a search warrant, judicial proceeding, or court order.

We will retain your Information for as long as your account is active or as needed to provide our Services. You may cancel your account at any time via the interface of the Services. If you encounter any problem in cancelling your account and you wish that we no longer use or hold your Information, please contact us via privacy@codemonkey.com.  We may also retain and use your Information as necessary to comply with our legal obligations, resolve disputes, and enforce our Terms of Services.

When you send an email or other communication to CodeMonkey, we may retain those communications in order to process and respond to your requests and improve our Services. Please do not send us any communication containing confidential information. Since we are not able to evaluate whether such communication contains confidential information or not, we may retain or use any information relayed in such communication, and such retention or use is not a breach of our obligations.

We may disclose general aggregate non-personal information about our users to potential business partners, investors, or the public, but we will not, without your specific permission, or except in a Business Transaction as described below, disclose any of your Personal Information to third parties.

Except as described herein, we do not disclose your Information or share it with third parties.

3. THIRD PARTIES

Our Website and/or apps may include links to other websites and/or apps whose privacy practices may differ from our own practices. For example, community pages may be available users in a private group on social media platforms such as Facebook.  If you submit personal information to any of those sites, including the community forum, your information is subject to the privacy statements of those sites. We encourage you to carefully read the privacy statement of any website you visit.

We store all the Information with Amazon Web Services (“AWS”) and we encourage you to review the AWS Terms of Service and Privacy Policy, as we will not be responsible for what AWS do with the Information. We do not disclose your Information to any third party or use it in any way, except in order to provide the Services, and as sets forth in our Terms of Use.

4. Information Security

We take information security very seriously. We use industry customary security measures designed to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. These measures include internal reviews of our data collection, storage and processing practices and security measures. However, no method of transmission over the Internet, or method of electronic storage, is 100% secure. Therefore, we cannot guarantee its absolute security.

We restrict access to Personal Information to our employees, contractors and agents who need to know that information in order to operate, develop or improve our Services. These individuals are bound by confidentiality obligations and we require all of them to agree to use your Personal Information solely for the purpose for which we provided it to them and in accordance with our Privacy Policy.

In the event that we become aware of a data breach impacting your Personal Information, we will provide notification in compliance with all applicable laws. For example, we may post a notice on our homepage or elsewhere on the Services, and may send email to you at the email address you have provided to us. Depending on where you live, you may have a legal right to receive notice of a security breach in writing.

We have procedures in place that are designed to stop threats that may expose personally identifiable information, restore Services to full functionality, document and take proactive steps to ensure the incident cannot be repeated. We will also preserve necessary evidence for investigation by security professionals and law enforcement as appropriate. In the unlikely event of an unauthorized disclosure of records, We will follow its Security Incident Response Procedure, which articulates how to report the problem to internal and external stakeholders. The notification process includes any information that can identify which customers and students may have been impacted, the data that may have been accessed, our process to inform affected customers, and steps to prevent the incident from happening again as appropriate.

In the unlikely event of an unauthorized disclosure of Personal Information, we have implemented a process for responding to incidents and notifying affected individuals and, if applicable, law enforcement personnel.

If you have any questions about security on our Services, you can email us at privacy@codemonkey.com.

5. Legal Basis for Processing Personal Information under General Data Protection Regulation (GDPR)

If you are from the European Economic Area (EEA), CodeMonkey Studios Ltd.’s legal basis for collecting and using the Personal Information described in this Privacy Policy depends on the Personal Information we collect and the specific context in which we collect it.

CodeMonkey Studios Ltd. may process your Personal Information because:

  • We need to perform a contract with you;
  • You have given us permission to do so;
  • The processing is in our legitimate interests and is not overridden by your rights; or
  • To comply with any applicable law.

6. Your Data Protection Rights Under General Data Protection Regulation (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. CodeMonkey Studios Ltd. aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Information.

Legal bases for processing

We process your personal information on the following legal bases

Processing purpose (including sharing for such purposes as described above)

Legal basis

To provide the Services

Processing is necessary to provide the Services or to take steps that you request prior to requesting the Services.

To communicate with you about the Services
To send you marketing communications
For research and development
To create aggregated or anonymous data for analytics
For security, compliance, fraud prevention and safety
Business transfers

 

These processing activities constitute our legitimate interests.  We do not use your personal information for activities where your data protection interests override these legitimate interests (unless we have your consent or are otherwise required or permitted to by law).

To comply with law

Processing is necessary to comply with our legal obligations.

With your consent

Processing is based on your consent. Where we rely on your consent you have the right to withdraw it anytime in the manner indicated at the time consent is requested.

Please note that we rely on legitimate interests as the basis for processing your data in the limited circumstances set out below:

  • In situations where we obtain your personal data from a source other than you, we process your data on the basis of legitimate interests, until the earlier of (a) the point at which you provide your consent; or (b) the point at which you ask us to stop processing your data on the basis of our legitimate interests;
  • We will archive information about your use of our Services, even after you withdraw your consent to our processing of your data. This information will only be used in very limited circumstances, such as for defending legal claims relating to contracts we have with you or a third party and retention for audit purposes relating to commercial contracts; and
  • We will use information relating to your use of our Services for statistical analysis and research purposes, however we delete your name and email address from such information before we do so.

Cross-border data transfer

In the event that we transfer your personal information out of the EEA to countries not deemed by the European Commission to provide an adequate level of protection for personal information, the transfer will be based on safeguards recognized by the European Commission as providing adequate protection, where required by EU data protection legislation.  Please contact us to request further information on the specific mechanism used by us when transferring your personal information out of the EEA.

Your Rights

In certain circumstances, you have the following data protection rights:

  • The right to access, update or to delete the information we have on you. Whenever made possible, you can access, update or request deletion of your Personal Information directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
  • The right of rectification.You have the right to have your information rectified if that information is inaccurate or incomplete.
  • The right to object.You have the right to object to our processing of your Personal Information.
  • The right of restriction.You have the right to request that we restrict the processing of your personal information.
  • The right to data portability.You have the right to be provided with a copy of the information we have on you in a structured, machine-readable and commonly used format.
  • The right to withdraw consent.You also have the right to withdraw your consent at any time where CodeMonkey Studios Ltd. relied on your consent to process your personal information.

You may send us these requests by emailing us at privacy@codemonkey.com using the email associated with your account.  We may request information from you to help us confirm your identity and process your request. Applicable law may require or permit us to reject part or all of your request.  If we reject your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or response to your requests regarding your personal information, you may contact us as described here or submit a complaint to the data protection regulator in your jurisdiction.  You can find your data protection regulator here. 

7. YOUR DATA PROTECTION RIGHTS UNDER THE CALIFORNIA CONSUMER PRIVACY ACT

If you are a resident of the state of California, you have certain data protection rights. CodeMonkey Studios Ltd. aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Information.  This section describes how we collect, use and share Personal Information of California residents in operating our business, and their rights with respect to that Personal Information.  For purposes of this section, “Personal Information” has the meaning given in the California Consumer Privacy Act of 2018 (“CCPA”) but does not include information exempted from the scope of the CCPA.

Your Rights

In certain circumstances, you have the following data protection rights

  • Information. You can request the following information about how we have collected and used your Personal Information during the past 12 months:
        • The categories of Personal Information that we have collected.
        • The categories of sources from which we collected Personal Information.
        • The business or commercial purpose for collecting and/or selling Personal Information.
        • The categories of third parties with whom we share Personal Information.
        • Whether we have disclosed your Personal Information for a business purpose, and if so, the categories of Personal Information received by each category of third party recipient.
        • Whether we have sold your Personal Information, and if so, the categories of Personal Information received by each category of third party recipient.
  • Access. You can request a copy of the Personal Information that we have collected about you during the past 12 months.
  • Deletion. You can ask us to delete the Personal Information that we have collected from you.
  • Opt-out of sales. We do not currently sell your Personal Information.  If we plan to sell your Personal Information, you will be notified and you can opt-out.   In addition, if you direct us not to sell your Personal Information, we will consider it a request pursuant to California’s “Shine the Light” law to stop sharing your personal information covered by that law with third parties for their direct marketing purposes.
  • Opt-in. We do not currently sell your Personal Information.  If we know that you are younger than 16 years old, we will ask for your permission (or if you are younger than 13 years old, your parent’s or guardian’s permission) to sell your Personal Information before we do so.
  • Nondiscrimination. You are entitled to exercise the rights described above free from discrimination in the form of legally prohibited increases in the price or decreases in the quality of our Services.

How to Exercise Your Rights

You may exercise your California privacy rights described above as follows:

  • Right to information, access and deletion. You can request to exercise your information, access and deletion rights by:
  • Right to opt-out of the “sale” of your Personal Information. We currently do not sell your Personal Information.  If we plan to sell your information, you will be notified and you can request to opt-out of this “sale” of your personal information via a link we will provide at such time.

We reserve the right to confirm your California residence to process your requests and will need to confirm your identity to process your requests to exercise your information, access or deletion rights.  As part of this process, government identification may be required.  Consistent with California law, you may designate an authorized agent to make a request on your behalf. In order to designate an authorized agent to make a request on your behalf, you must provide a valid power of attorney, the requester’s valid government-issued identification, and the authorized agent’s valid government issued identification.  We cannot process your request if you do not provide us with sufficient detail to allow us to understand and respond to it.

Personal information that we collect, use and share

The chart below summarizes how we collect, use and share Personal Information by reference to the categories specified in the CCPA, and describes our practices during the 12 months preceding the effective date of this Privacy Policy. 

Categories in the chart refer to the categories described above in the general section of this Privacy Policy.

We have not sold your personal information in the preceding 12 months.

Category of personal information (PI)

PI we collect

Source of PI

Business/
commercial purpose for collection

Categories of third parties to whom we “disclose” PI for a business purpose

Categories of third parties to whom we “sell” PI

Identifiers

·   Contact data

·   Identity data

·  Data about others

·  You

·  Public sources

·  Business partners

 

·   Service delivery

·   Research & development

·   Marketing

·   Compliance & Operations

·   Aggregated or anonymous data for analytics

·   Security, fraud protection, and safety

·   Business transfers

·  Affiliates

·  Advertising partners

·  Professional advisors

·  Authorities and others

·  Business transferees

None

Financial Information

·   Financial data

 

·  You

 

·   Service delivery

·   Marketing

·   Compliance & Operations

·   Aggregated or anonymous data for analytics

·   Security, fraud protection, and safety

·   Business transfers

·  Affiliates

·  Professional advisors

·  Authorities and others

·  Business transferees

None

Online Identifiers

·   Device data

·   Identity data

·  Automatic collection

 

·   Service delivery

·   Research & development

·   Marketing

·   Compliance & Operations

·   Aggregated or anonymous data for analytics

·   Security, fraud protection, and safety

·   Business transfers

·  Affiliates

·  Professional advisors

·  Authorities and others

·  Business transferees

None

 

Internet or Network Information

·   Device data

·   Online activity data

·  Automatic collection

·   Service delivery

·   Research & development

·   Marketing

·   Compliance & Operations

·   Aggregated or anonymous data for analytics

·   Security, fraud protection, and safety

·   Business transfers

·  Affiliates

·  Professional advisors

·  Authorities and others

·  Business transferees

None

 

Inferences

May be derived from your:

·   Device data

·   Online activity data

·  Automatic collection

·   Service delivery

·   Research & development

·   Marketing

·   Compliance & Operations

·   Aggregated or anonymous data for analytics

·   Security, fraud protection, and safety

·   Business transfers

 

·  Affiliates

·  Professional advisors

·  Authorities and others

·  Business transferees

None

Professional or Employment Information

·   Job title

·  You

 

·   Service delivery

·   Research & development

·   Marketing

·   Compliance & Operations

·   Aggregated or anonymous data for analytics

·   Security, fraud protection, and safety

·   Business transfers

 

·  Affiliates

·  Professional advisors

·  Authorities and others

·  Business transferees

None

Protected Classification Characteristics

We do not intentionally collect this information but it may be revealed in identity data or other information we collect

·  You

·  Public sources

·  Business partners

 

·   Service delivery

·   Research & development

·   Marketing

·   Compliance & Operations

·   Aggregated or anonymous data for analytics

·   Security, fraud protection, and safety

·   Business transfers

 

·  Affiliates

·  Professional advisors

·  Authorities and others

·  Business transferees

None

Education Information

· Contact data

· Identity data

·  You

 

·   Service delivery

·   Research & development

·   Marketing

·   Compliance & Operations

·   Aggregated or anonymous data for analytics

·   Security, fraud protection, and safety

·   Business transfers

·  Affiliates

·  Advertising partners

·  Professional advisors

·  Authorities and others

·  Business transferees

None

 

8. Business transactions

We may share Personal Information with our parent, subsidiaries and affiliates, and investors primarily for business and operational purposes so long as any recipient agrees to comply with this Privacy Policy and applicable law with regard to such Personal Information. In the event that CodeMonkey goes through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its assets, bankruptcy, or other corporate change, including, without limitation, during the course of any due diligence process, your information, including Personal Information, will likely be among the assets transferred.

You will be notified via email and/or a prominent notice on Services of any completed change in ownership or uses of your Personal Information, as well as any choices you may have regarding your Personal Information. This Privacy Policy will become binding upon the new owner of the information until amended. 

If you have any concerns or questions regarding this policy or our practices related to this policy, please notify us by email to privacy@codemonkey.com and we will use all commercially reasonable efforts to promptly respond.

To make any requests for changes to your child’s account or requests for the removal of personal information collected about you or your child from our Services (as applicable), or to request that we stop the further collection or use of your or your child’s personal information in connection with the Services (as applicable), please contact us at privacy@codemonkey.com.

We reserve the right to change this Privacy Policy from time to time, so please review it frequently. If we make material changes to this policy, and you are a registered user of the Services, we will notify you by email. We will obtain prior parental consent if any changes we make to this Privacy Policy affect users under the age of 13 in a way that requires such consent under COPPA or other applicable law.

This policy shall be construed in accordance with and governed for all purposes by the substantive laws of the State of Israel without regard to conflicts of law provisions. You agree that any claim or dispute you may have against the Company and its affiliates, directors, officers, employees and representatives must be resolved by a court located in Tel-Aviv, Israel, and waive any jurisdictional, venue or inconvenient forum objections to such courts.

questions or concerns

If you have any question about our privacy policy, please contact us using the following information:

privacy@codemonkey.com

CodeMonkey Studios Ltd. 2345 Yale St. 1st Floor Palo Alto, CA 94306, USA

1-888-299-3294