Hello World Privacy Policy

1. Introduction.

HW Tech Studio, Inc. also known as Hello World ("HW", "we", "us", "our") partners with institutions, such as a school, school district, non-profit, or private company (collectively "Customer") to offer computer science and AI literacy courses to students aged 8-18.

This Privacy Policy (“Policy”) describes how we collect, use, disclose, and protect information collected through our website at helloworldcs.org (the “Website”) or when you participate in courses we offer through our website, app, or virtual or in-person programming (the “Services”). This Policy applies to all users of the Website and Services. By using our Website or our Services, you acknowledge that you have read and understood this Policy. 

2. Scope of the Policy 

This Policy applies to information that Hello World collects. Some of our Services integrate third-party tools to support the learning objectives in a given course. Hello World only shares personal information in a few limited circumstances. Hello World does not rent or sell information for marketing purposes and will never share or sell students of Customer information with third parties for marketing purposes.

AI-Powered Learning Tools: Our AI Literacy curriculum utilizes OpenAI's ChatGPT API to provide interactive AI learning experiences. When students interact with AI features in our courses, their prompts and AI-generated responses are processed by OpenAI as a service provider. We do not send structured student or teacher personally identifiable information (PII) such as names, email addresses, or student ID numbers to OpenAI. OpenAI retains chat interaction data for up to 30 days for safety and abuse monitoring purposes, after which it is deleted. OpenAI's use of this data is governed by their privacy policy and API data usage policies, which we have reviewed for compliance with student privacy laws.

Information collected by third parties that operate these tools are subject to those third parties' privacy policies. HW has reviewed those policies and believes they comply with the Hello World privacy policy and requirements. HW will provide those third parties' privacy policies upon request. This Policy only applies to information collected, used, stored or disclosed by Hello World.

Note that we offer services to Customer students on the Customer’s behalf. While this Policy explains our data collection and use practices generally, any information we collect from Customer students is the property of and under the control of the Customer, and we use, disclose, and retain such information in accordance with the terms of our agreement with the Customer, instructions provided by the Customer, and applicable law (including the Family Educational and Privacy Rights Act ("FERPA") and the Children’s Online Privacy Protection Act (“COPPA”). If there is any conflict between the Hello World terms of use for Services (“Terms of Use”) and this Policy, the Terms of Use will govern. 

3. Information We Collect and How We Use It 

a. Information collected through the Website and other channels. When you visit our Website or communicate with us via our Website, by email, or other channels, we may collect the following information:

• ● Information you provide to us, such as when you contact us via email or our online contact form. This may include name, email address, and any other information that you provide to us. 
• Order information, such as name of the course purchased, date and time of order, and amount paid. 
• Payment information. When you purchase a course, our third-party payment service provider collects and processes the payment card information you provide on our behalf. Please note that HW does not store, transmit, or process payment card information. 
• Registration information collected when registering for the Services. ▪ First and last name 
  
  • Current school and grade level 
  • Email address 
  • Additional information parents provide about a Student. 
• Information collected automatically when you visit our Website, including: o Analytics information. We automatically collect data via analytics services, including your IP address, Internet service provider (ISP), date and time of your visit, browser language, browser type, referring and exit pages and URLs, amount of time spent on particular pages, which parts of our Website you visit, which links you click, search terms, operating system, traffic and related statistics, keywords, and/or other general browsing or usage data. o Log information. We collect log information such as service diagnostics and technical logging information, which may include IP address, usage time, browser type, and browser configuration. 
  
  • Device information. We collect information about the devices that visit our Website, including type of device, device settings, and operating system. o Cookies. We use cookies on our Website to understand usage of the Website, remember your settings and for retargeting. For more information about cookies and your choices regarding them, please see our Cookies Notice below. 

In accordance with applicable law, we may use information collected through our Website for our business purposes, including to: 

• Respond to your requests and provide customer support 
• Prevent or address technical or security issues 
• Maintain, provide, and improve the Website and Services 
• Send you important operational or legal notices about our site, such as updates to our Privacy Policy and Terms of Use 
  
  • Notify you of new features and products, company updates, and notable events through update and marketing communications (you can opt out of marketing or promotional communication by following the instructions in the communication) 
• Engage in analysis, research, and reports about use of the Website
• Help secure our Website, prevent fraud, and enforce our Terms of Use and this Policy
• Comply with a valid legal subpoena, request, or other lawful process

b. Information collected through the Services. 

• Login information for the Services, including username and password. 
• Content information generated by students as they use the Services, such as content of projects, codes generated, content responses, student presentations, etc. In AI Literacy courses, this includes student prompts and interactions with AI tools (such as questions asked to ChatGPT and the AI-generated responses), which are processed through our AI service providers to deliver the educational experience. These interactions do not include structured PII and are used solely for providing the interactive learning experience.
• Course information, including progress in each course, lessons completed, etc. 
• Information collected automatically when you use the Services, including: 
  
  • Analytics information. We automatically collect data via analytics services, including your IP address, Internet service provider (ISP), date and time of your visit, browser language, browser type, referring and exit pages and URLs, amount of time spent on particular pages, which parts of the Services you use, which links you click, search terms, operating system, traffic and related statistics, keywords, and/or other general browsing or usage data. 
  • Log information. We collect log information such as service diagnostics and technical logging information, which may include IP address, usage time, browser type, and browser configuration. 
  • Device information. We collect information about the devices that log in to the Services, including type of device, device settings, and operating system. o Cookies. We use cookies to understand usage of the Services and remember your settings. For more information about cookies and your choices regarding them, please see our Cookies Notice below. 

In accordance with applicable law and our contracts with Customers, we may use such information to: 

• Maintain, provide, and improve the Services 
• Prevent or address technical or security issues 
• Help secure our Services, prevent fraud, and enforce our Terms of Use and this Policy
• Comply with a valid legal subpoena, request, or other lawful process

c. Information collected from Customers. We may receive information about students from Customers, such as student names, student ID numbers, and student email addresses. Such information is the property of and under the control of the Customer. Consistent with the terms of our agreement with the Customer, instructions provided by the Customer, and applicable law, we may use such information to: 

• Maintain, provide, and improve the Services 
• Prevent or address technical or security issues 
• Help secure our Services, prevent fraud, and enforce our Terms of Use and this Policy
• Comply with a valid legal subpoena, request, or other lawful process 

d. Use of AI-Powered Learning Tools

Our AI Literacy curriculum incorporates artificial intelligence tools to provide students with hands-on experience learning about and interacting with AI technology. Here's how we handle data in these AI-powered learning experiences:

What information is processed: When students use AI features in our courses (such as ChatGPT-powered activities), the following information may be processed by our AI service providers:

• Student prompts and questions submitted to the AI
• AI-generated responses
• General usage data necessary to deliver the service

What information is NOT shared: We do not share structured personally identifiable information, including:

• Student names
• Email addresses
• Student ID numbers
• School or district identifiers
• Any other direct identifiers

Data retention: We prioritize data security and compliance with applicable data protection laws. However, we recommend reviewing the privacy policies of our AI providers to understand their specific data handling practices.

Educational purpose: AI interactions are used solely to provide the educational experience outlined in our AI Literacy curriculum and to help students develop critical AI literacy skills.

Parental rights: Parents and Customers maintain all rights under FERPA and COPPA regarding student data. If you have questions about AI tool usage in courses, please contact your school or district, or reach out to us at support@helloworldcs.org.

4. How We Share Information 

We may share or disclose the information we collect in the following ways: 

     Service Providers: We share limited information with third parties that have agreed to use such information only to provide services on our behalf ("Service Providers"). Our service providers include:

• Infrastructure and hosting providers (e.g., Google Cloud) that store and process data to operate our platform
• Customer support and analytics tools (e.g., Delightex) that help us provide technical support and improve our services
• Educational technology platforms (e.g., Pickcode) integrated into our curriculum
• AI service providers (e.g., OpenAI) that power interactive AI learning experiences in our AI Literacy courses

For our AI Literacy courses specifically, we utilize OpenAI's ChatGPT API to enable students to interact with AI as part of their learning objectives. Student-generated prompts and AI responses in these courses are processed by OpenAI to deliver the educational experience. We do not share structured student or teacher PII (such as names, email addresses, or student ID numbers) with OpenAI. OpenAI retains interaction data for up to 30 days for safety and abuse monitoring purposes in accordance with their API data usage policies, after which it is deleted. All service providers, including OpenAI, are contractually required to use data only as necessary to provide services to us and in compliance with applicable privacy laws.

• With Customers: We may share information collected from students through the Services with a student’s own Customer in accordance with our Terms of Use and Customer Agreement Form. 
• Protection of Hello World and others. We may share or disclose information if we believe in good faith that doing so is necessary or appropriate to (1) protect or defend the rights, safety, or property of HW or third parties, including to defend or enforce our Terms of Use, Customer Agreement form, this Policy, or any other contractual arrangement or (2) to respond to claims that content violates the rights of third parties. 
• Legal requirements. We may share or disclose information if we believe in good faith that doing so is necessary or appropriate to comply with any law enforcement, legal, or regulatory process, such as to respond to a warrant, subpoena, court order, or other applicable laws and regulations. 
• With your consent. We may disclose information when you consent to such disclosure. We may share or disclose the information of students with their parent’s consent or at their parent’s direction. 
• Business transfer: We may share or disclose certain of the information we collect in connection with or during negotiations of any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. If such a transfer is subject to additional mandatory restrictions under applicable laws, HS will comply with such restrictions. The successor entity will be subject to all applicable federal and state laws, including privacy laws and student privacy laws. In connection with a transaction involving Student information, we will also work to ensure that the successor entity has a commitment to student privacy. 
• De-Identified information: We may use, share, or disclose de-identified information (as defined by applicable law) for various purposes such as product development, research, and marketing, in compliance with relevant laws. 

Please note that Customers determine how and to whom we disclose Customer student information. If you are a Customer student or a parent of a Customer student, please contact the Customer if you have questions about how such information is shared or disclosed. 

5. Information Retention and Deletion 

We retain information for as long as needed to fulfill the purpose for which it was collected, as set forth in our Customer agreements, or as otherwise permitted or required by applicable law. Unless agreed to otherwise in writing, HW shall, within sixty (60) days of expiration or termination of Services, securely destroy all remaining hard copies of Customer data in HW’s possession or control; and purge all electronic data from HW’s network in a manner that does not permit retrieval. 

For active customers, we retain all user data for the current school year and the immediately preceding school year. If a user has not been enrolled in a class during either of these periods, we will permanently delete their work and permanently redact any personally identifiable information (PII) from our systems.

6. Cookies Notice

Cookies are small text files stored on your computer that allow us to understand usage of our Website. Cookies include cookies, Internet server logs, tags, Software Development Kits (SDKs), tracking pixels, and other similar tracking technologies. A number of cookies that we use last only for the duration of your session, expiring when your session ends (the so-called "session cookies"). Other cookies are used to help our systems recognize you if you return to our Website and will thus be retained longer (the so-called "persistent cookies"). Some of the cookies used on our Website are set by us, and some are set by third parties that are delivering services on our behalf (e.g., payment services and products used in our courses or cookies that give us the ability to send you information about our services when using other services, like Facebook). 

On our Website, we use cookies that automatically collect information to:

• Understand usage of, and improve, the Website and the Services; 
• Deliver advertising to you when you are using third party services, like the Facebook social media platform through Facebook’s Custom Audience service.

On our Services, we use cookies that automatically collect information only to:

• Understand usage of, and improve, the Website and the Services; 
• Authenticate your account; and 
• Remember your settings and account information. 

We neither have access to, nor does this Policy govern, the use of cookies or other tracking technologies that may be placed on your computer, mobile phone, or other device you use to access the Services by non-affiliated, third-party ad technology, ad servers, ad networks or any other non-affiliated third parties. Those parties that use these technologies may offer you a way to opt out of ad targeting as described below. If you are interested in more information about tailored browser advertising and how you can generally control cookies from being put on your computer to deliver tailored advertising, you may visit the Network Advertising Initiative’s Consumer Opt-Out link, the Digital Advertising Alliance’s Consumer Opt-Out link or TRUSTe’s Advertising Choices Page to opt-out of receiving tailored advertising from companies that participate in those programs. We cannot guarantee that these instructions will not change, or that they will continue to be available; they are controlled by each third-party service provider, not us. 

You also can learn more about how cookies work generally and how to turn them off in your particular browsers. Please remember that if you replace, change or upgrade your browser, or delete your cookies, you may need to use these opt-out tools again. 

For information about cookies used by the developers of these browsers, please visit:

• Internet Explorer
• Google Chrome
• Internet Explorer 9
• Mozilla Firefox
• Safari (Desktop)
• Safari (Mobile)
• Android Browser

For controls specific to advertising and analytics services offered by Google, click here from each of your browsers.

7. Changes to This Policy 

We may change this Policy to reflect changes in the law, our information practices, or components of our Website. We will indicate the date of the most recent update at the top of this Policy. Where required by applicable law, we will apply changes only after notifying and/or obtaining your consent before any material changes to the Policy apply to you. 

8. How to Contact Us 

If you have any questions or concerns, please email us at support@helloworldcs.org.