We, Educody GmbH, are very pleased about your interest in our website and our educational offer, the Coding Club. Child and data protection has a particularly high priority for us as an educational institution.

Our principles

  • No unnecessary collection of your child’s private data.
  • No advertising or micro-transactions
  • Privacy by design

Because of the nature of our educational program, it is not possible to use the services of the Coding Club without providing personal data. This would simply not make sense, because we take you very seriously as individuals and persons, want to address you by your name, organise you sensibly in groups and offer lessons that suit you. Of course, you can also ask at any time where and how your personal data may be processed.

If the processing of personal data is necessary and there is no legal basis for such processing, we generally obtain your consent.

For the operation of the Coding Club and the handling of data of underage students, the Educody GmbH shall:

  • not collect or use student personal data beyond that needed for authorized educational or school purposes;
  • not sell or rent student personal data;
  • not use or share student personal data for advertising or similar commercial purposes, such as behavioral targeting of advertisements to students;
  • not build a personal profile of a student, other than for supporting authorized educational or school purposes or as authorized by the parent, guardian, or student of appropriate age; and require that our vendors and partners with whom student personal data is shared to deliver the educational service, if any, are obligated to implement these same commitments for student personal data.

Personal data processing

The processing of personal data, such as the name, address, e-mail address, or telephone number of a data subject shall always be in line with the country-specific data protection regulations applicable to the Educody GmbH. By means of this data protection declaration, our company would like to inform the public about the type, scope and purpose of the personal data we collect, use and process. Furthermore, data subjects are informed of their rights by means of this data protection declaration. 

The personal data of users processed within the framework of this online offer includes inventory data (e.g. names and addresses of parents and their children), pupil data for educational operations, contract data (e.g. services used, payment information), usage data (e.g. the web pages visited on our online offer, interest in our courses), and content data (e.g. entries in forms). 

As the controller, Educody GmbH has implemented numerous technical and organisational measures to ensure the most complete protection of personal data processed through this website. Data transmissions of any kind can always have security gaps, so that absolute protection cannot be guaranteed. 

How we manage data privacy

  • Employee training in data protection
  • Obligation of employees to handle personal data confidentially
  • Appointment of a data protection officer
  • Guidelines for employees on handling personal data
  • Keeping a register of processing operations within the meaning of Art. 30 (1) and (2) DSGVO
  • Selection of data processing contractors under due diligence aspects

Responsible Party 

The responsible party within the meaning of the General Data Protection Regulation, other data protection laws applicable in the Member States of the European Union and other provisions of a data protection nature is:

Educody GmbH
Schwedler Str. 1-5
60314 Frankfurt am Main

Phone: +49 69 21009822
E-Mail: info@educody.com

Data Protection Officer

If you have any questions about the processing of your personal data, you can contact our data protection officer directly at any time.

E-Mail: datenschutz@educody.com
Phone: +49 69 21009822

Collection of general data and information

The website of the Educody GmbH collects a series of general data and information every time a data subject or automated system calls up the website. This general data and information is stored in the log files of the server. The following data may be collected: (1) the browser types and versions used, (2) the operating system used by the accessing system, (3) the website from which an accessing system accesses our website (so-called referrer), (4) the sub-websites that are accessed via an accessing system on our website, (5) the date and time of an access to the website, (6) an Internet protocol address (IP address), (7) the Internet service provider of the accessing system and (8) other similar data and information that serve to avert danger in the event of attacks on our information technology systems. 

When using these general data and information, the Educody GmbH does not draw any conclusions about the data subject. Rather, this information is needed (1) to deliver the contents of our website correctly, (2) to optimise the contents of our website and the advertising for these, (3) to ensure the long-term functionality of our information technology systems and the technology of our website, and (4) to provide law enforcement authorities with the information necessary for prosecution in the event of a cyber attack. Therefore, the Educody GmbH analyzes anonymously collected data and information on one hand, and on the other hand, with the aim of increasing the data protection and data security of our enterprise so that we can ultimately ensure an optimal level of protection for the personal data we process. The anonymous data of the server log files are stored separately from any personal data provided by a data subject. 

Routine deletion and blocking of personal data 

The responsible party shall process and store personal data of the data subject only for the period necessary to achieve the purpose of storage or where provided for by the European Directive and Regulation or other legislator in laws or regulations to which the controller is subject. If the storage purpose ceases to apply or if a storage period prescribed by the European Directive and Regulation Maker or another competent legislator expires, the personal data shall be routinely blocked or deleted in accordance with the statutory provisions.

Product recommendations and practical tips by e-mail 

As an Educody customer or parent of participants in our educational services (e.g. Coding Club lessons), you will regularly receive product recommendations and practical tips from us by email. You will receive these product recommendations from us regardless of whether you have subscribed to a newsletter. In this way, we want to inform you about products from our range that might be of interest to you. You will also receive valuable tips on how to use the Coding Club offer. 

If you no longer wish to receive product recommendations or promotional messages from us, you can object to this at any time. Please send your objection in text form (e.g. e-mail, fax, letter) to our contact address.  

The legal basis is Art. 6 para. 1 lit. f DSGVO and § 7 para. 3 UWG (German law).

Data Security

We have taken technical and organisational security measures to protect your personal data from loss, destruction, manipulation and unauthorised access. All our employees and all third parties involved in data processing are obliged to handle personal data confidentially in accordance with the General Data Protection Regulation. 

In the event that personal data is collected and processed via our website, the information is transmitted in encrypted form to prevent misuse by third parties. Our security measures are continuously revised in line with technological developments. 

Contact option via the website 

The website of the Educody GmbH contains legal requirements which enable a quick electronic contact to our enterprise, as well as direct communication with us, which also includes a general address of the so-called electronic mail (e-mail address). If a data subject contacts the controller by e-mail or by using a contact form, the personal data transmitted by the data subject will be stored automatically. Such personal data transmitted on a voluntary basis by a data subject to the controller will be stored for the purposes of processing or contacting the data subject. 

In addition to the purely informational use of our website, we offer various services that you can use if you are interested. For this purpose, you usually have to provide further personal data which we use to provide the respective service and for which the aforementioned data processing principles apply. 

For the arrangement of consulting and support appointments we use the service Microsoft Bookings (part of Microsoft Office 365) of the provider Microsoft Ireland Operations Limited, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18 D18 P521 (in the following: “Microsoft”). With the software it is possible to book a telephone appointment with an employee of Educody GmbH (e.g. for a consultation or for support on distance learning) and / or after conclusion of the contract). The connection to the service is only established when you call up the online booking function via a link or button on our website, in an email or in the newsletter. To make an appointment, your entries in the appointment form are transferred to Microsoft. You can find further information on the handling of your data in the Microsoft Privacy Statement. The legal basis for processing your data in relation to the “Microsoft Bookings” service is Art. 6 para. 1 sentence 1 letter f) DSGVO (legitimate interest in data processing). The legitimate interest results from our claim to offer you a user-friendly website with a wide range of functions and to give you the opportunity to make a telephone appointment with our staff quickly and easily at any time if required. Please note that you are not obliged to use Microsoft Bookings to make an appointment. If you do not wish to use the service, please use another of the contact options offered to make an appointment.

Data protection in applications and the application process 

The responsible party collects and processes the personal data of applicants for the purpose of managing the application procedure. The processing may also be carried out by electronic means. This is in particular the case when an applicant submits relevant application documents to the controller by electronic means, for example by e-mail or via a web form available on the website. If the controller concludes an employment contract with an applicant, the transmitted data will be stored for the purpose of processing the employment relationship in compliance with the statutory provisions. 

If we are unable to offer the applicant a vacancy to be filled, but believe on the basis of the applicant’s profile that the application could possibly be of interest for future vacancies, we will store the personal application data for twelve months unless the applicant objects to such storage and use. Your data will not be passed on to third parties under any circumstances. 

Legal basis for processing (German Law) 

Article 6 I lit. a DSGVO serves as the legal basis for our company for processing operations in which we obtain consent for a specific processing purpose. If the processing of personal data is necessary for the performance of a contract to which the data subject is a party, as is the case, for example, with processing operations that are necessary for the delivery of goods or the provision of another service or consideration, the processing is based on Article 6 I lit. b DSGVO. The same applies to processing operations that are necessary for the implementation of pre-contractual measures, for example in the case of enquiries about our products or services. If our company is subject to a legal obligation by which the processing of personal data becomes necessary, such as for the fulfilment of tax obligations, the processing is based on Art. 6 I lit. c DSGVO. 

In rare cases, the processing of personal data might become necessary in order to protect the vital interests of the data subject or another natural person. This would be the case, for example, if a visitor were to be injured on our premises and as a result his or her name, age, health insurance details or other vital information had to be passed on to a doctor, hospital or other third party. Then the processing would be based on Art. 6 I lit. d DSGVO. Finally, processing operations could be based on Art. 6 I lit. f DSGVO. Processing operations which are not covered by any of the aforementioned legal bases are based on this legal basis if the processing is necessary to protect a legitimate interest of our company or a third party, provided that the interests, fundamental rights and freedoms of the data subject are not overridden. Such processing operations are permitted to us in particular because they were specifically mentioned by the European legislator. In this respect, it took the view that a legitimate interest could be assumed if the data subject is a customer of the controller (recital 47, sentence 2 of the GDPR). 

Legitimate interests in the processing pursued by the responsible party or a third party If the processing of personal data is based on Article 6 I lit. f DSGVO, our legitimate interest is the performance of our business activities for the benefit of the well-being of all our employees and our shareholder. 

Duration for which the personal data are stored 

The criteria for the duration of the storage of personal data is the respective statutory retention period. After expiry of the period, the corresponding data is routinely deleted if it is no longer required for the performance of the contract or the initiation of the contract.

Legal or contractual provisions for the provision of personal data; necessity for the conclusion of the contract; obligation of the data subject to provide the personal data; possible consequences of non-provision 

We inform you that the provision of personal data is sometimes required by law (e.g. tax regulations) or may also result from contractual regulations (e.g. information on the contractual partner). Sometimes, in order to conclude a contract, it may be necessary for a data subject to provide us with personal data that must subsequently be processed by us. For example, the data subject is obliged to provide us with personal data if our company concludes a contract with him or her. 

Failure to provide the personal data would mean that the contract with the data subject could not be concluded. Before providing personal data by the data subject, the data subject must contact one of our employees. Our employee will explain to the data subject on a case-by-case basis whether the provision of the personal data is required by law or contract or is necessary for the conclusion of the contract, whether there is an obligation to provide the personal data and what the consequences of not providing the personal data would be. 

Change to our privacy policy 

We reserve the right to amend this privacy policy on occasion should this be necessary due to legal requirements, new technologies or changes to our services, e.g. the introduction of new services. If fundamental changes are made to our data protection declaration, we will announce these on our website. The new data protection declaration will then apply to your repeated visits to our website.

This privacy policy was last modified on Oktober 17, 2021.
Effective Date: August 01, 2021