Skip to main content

What are the GWC-Led Services Privacy Key Terms?

Updated

Below are definitions for key terms that are used in our GWC-Led Services Terms of Service and GWC-Led Services Privacy Policy for our Girls Who Code products:  

Application Data Caches

An Application Data Cache is a data repository on a device. It can, for example, enable a web application to run without an internet connection and improve the performance of the application by enabling faster loading of content.

Authentication Services

An Authentication Service is a system that verifies a user's identity by checking their credentials, like a password or biometric data, to confirm they are who they claim to be,  before granting access to a system or service, essentially acting as a security gatekeeper to prevent unauthorized access.

Behaviorally-Targeted Advertising or Targeted Advertising

Behaviorally-Targeted Advertising (also referred to as online behavioral advertising [OBA] or interest-based advertising) is defined by the Digital Advertising Alliance (DAA) as "the collection of data online from a particular computer or device regarding Web viewing behaviors over time and across non-affiliate Websites for the purpose of using such data to predict user preferences or interests to deliver advertising to that computer or device based on preferences or interests known or inferred from the data collected." Behaviorally-targeted advertising does not include i) contextual targeting; ii) advertising or marketing to an individual in response to that individual's specific request for information or feedback; or iii) processing personal information solely for measuring or reporting advertising performance, reach or frequency.

This definition has largely been accepted by the Federal Trade Commission, and is described in similar fashion in its Self-Regulatory Principles for Online Behavioral Advertising. This type of advertising is precluded by the Children’s Online Privacy Protection Act (COPPA) for children under 13 without prior, verifiable parental consent, as well as by the existing self-regulatory advertising groups, including DAA and the Network Advertising Initiative (NAI). This is in contrast to contextual targeting or advertising which is permitted under COPPA.

* Please also see the definition of “Targeted Advertising” in the Colorado Student Data and Transparency Act here (and below) as well as Florida here as an example of the definition of “Targeted Advertising” in state student privacy laws, with similar definitions in many other state student privacy laws, as well as our Student Data Protection Addendum for more information on the prohibition of using Student Data for targeted advertising to students.  Also see the California Attorney General's guidance on the Student Online Personal Information Protection Act (SOPIPA) here.   

Colorado Student Data Transparency Act:

"Targeted Advertising" means selecting and sending advertisements to a student based on information obtained or inferred over time from the student's online behavior, use of applications, or personally identifiable information. "Targeted Advertising" does not include: (a) advertising to a student: (i) at an online location based on the student's current visit to that location or in response to the student's request for information or feedback; and (ii) without the collection and retention of a student's online activities over time; (b) adaptive learning, personalized learning, or customized education; or (c) with the consent of a student or the student's parent, using the student's personally identifiable information to identify for the student institutions of higher education or scholarship providers that are seeking students who meet specific criteria.

Child or Children

A child is defined as an individual under the age of thirteen (13) years. For the avoidance of doubt, the GWC Direct Services are not intended for use by Children. 

Contextually Relevant Advertising

Contextually Relevant Advertising (also referred to as contextual targeting) is defined by DAA as advertisements that are delivered “based on the content of a Web page, a search query, or a user’s contemporaneous behavior on the website.” NAI expands a bit further explaining, “the ad selected depends upon the content of the page on which it is served, or ‘first party’ marketing in which ads are customized or products are suggested based on the content of the page or users’ activity on the page (including the content they view or the searches they perform).”

The FTC echoes this in policy statements and in comments surrounding COPPA as well as the legislative history of COPPA where they proposed the following definition: 

Contextually Relevant Advertising is ‘‘the delivery of advertisements based upon a consumer’s current visit to a Web page or a single search query, without the collection and retention of data about the consumer’s online activities over time.’’ The FTC notes that Contextually Relevant Advertising, “is more transparent and presents fewer privacy concerns as compared to the aggregation and use of data across sites and over time for marketing purposes.”  Contextually Relevant Advertising is permitted under COPPA.

Additionally, under Colorado’s Student Data and Transparency Act and several other state student privacy laws, the following is allowed: 

"Targeted Advertising" does not include: (a) advertising to a student: (i) at an online location based on the student's current visit to that location or in response to the student's request for information or feedback; and (ii) without the collection and retention of a student's online activities over time; (b) adaptive learning, personalized learning, or customized education; or (c) with the consent of a student or the student's parent, using the student's personally identifiable information to identify for the student institutions of higher education or scholarship providers that are seeking students who meet specific criteria.

Cookies and similar technologies

Cookies

A Cookie is a small text file containing a string of characters that is placed on your browser or device when you visit a website. When you visit the website again, the Cookie allows that site to recognize your browser. Cookies may store user preferences and other information. Cookies may involve the transmission of information from us to you and from you directly to us, to another party on our behalf, or to another party in accordance with its privacy policy. For example, Cookies can store your session information for easy sign-in to a website or your language preferences or may allow sites to record your browsing activities – like what pages and content you’ve looked at, when you visited, and whether you clicked on a piece of content. The site or service that places a particular Cookie has permission to read the contents of that Cookie each time it communicates with your browser. Some Cookies are set by the site you are visiting, and others are set by that site’s service partners.

Cookies may be placed in your browser by Third Party advertising companies when you view content off of our site (such as an embedded YouTube video) to help deliver the ads you see online. These “Third Party Cookies” may be used to “remember” parts of your online activities in order to deliver ads tailored to your interests. For example, if you read an article online about running, a Cookie may be used to note your interest in running. As you continue to surf the web, you may see coupons to save money on running shoes. We do not allow any third parties to place Cookies on our site for advertising purposes in any areas where a student, learner or child using our service in the non-school context (e.g. Outside School Minor User) is logged into his or her account.

Learn more about how Girls Who Code uses Cookies in our Online Tracking Technologies Policy.

Other similar technologies

Other technologies are used for similar purposes as a Cookie on other platforms where Cookies are not available or applicable, such as the Advertising ID available on Android mobile devices and the Identifiers for Advertiser (“IDFA’) on iOS devices. Most modern mobile devices (iOS, Android, and Windows 10 and above) provide mobile advertising identifiers. These are randomly-generated numbers that are associated with your device that often come with options to reset the identifier and opt-out of advertising across apps (“Cross-App Advertising”) and in some cases (such as with the IDFA) opt-in to advertising. They are included to provide advertisers a method to identify your devices without using a permanent device identifier, like your phone’s serial number. We do not use any of these technologies where a student, learner or child using our service is logged into his or her account. 

Club Services

The Girls Who Code Clubs Services provided through the Clubs HQ Platforms ( https://clubs-hq@girlswhocode.com ) or any Club Services that link to the Club Privacy Policy that Girls Who Code, Inc. (“GWC”, “we”, “us”, “our”, and our subsidiaries or affiliates) may provide now or in the future (collectively, the “Club Services”).

Community Partner

“Community Partner” means a GWC partner, sponsor, or third party research institution or organization that works with GWC to provide the GWC-Led Services and to support GWC as a whole. 

Community Partner Third Party Links

“Community Partner Third Party Links” are links to websites, platforms, applications, services, content or other resources Community Partners may choose to place within the Direct Services.

De-Identified

“De-Identified or De-Identified Data” is information that has all direct and indirect personal identifiers removed such that the data cannot reasonably be used to identify, describe, or contact an individual. This includes, but is not limited to, Persistent Unique Identifiers, name, ID numbers, date of birth, and school ID.

For EU and UK residents, anywhere we use the term De-Identified, we will apply the General Data Protection Regulation, including as implemented or adopted under the laws of the United Kingdom (GDPR) definition of "pseudonymization" which states that pseudonymization is "the processing of personal data in such a way that the data can no longer be attributed to a specific data subject without the use of additional information.” Additionally, consistent with the GDPR, we will ensure that the “additional information” is kept separately and subject to technical and organizational measures to ensure non-attribution to an identified or identifiable person.

If you are a resident of the Province of Quebec, anywhere we use the term “De-Identified”, we will apply the Quebec’s Act Respecting the Protection of Personal Information in the Private Sector definition of “anonymized” which states that anonymized is information concerning a natural person that is processed in such a way that it is “irreversibly no longer allows the person to be identified directly or indirectly”.  

If you are a resident of California, we follow the definition of De-identified as set forth under the California Consumer Privacy Act of 2018 (CCPA) as amended and its implementing regulations, including amendment by the California Privacy Rights and Enforcement Act of 2020 (CPRA) and its implementing regulations.

For residents located in additional states with a consumer privacy law (such as Colorado, Utah, or Virginia) and such law has also defined the term “De-identified”, we will apply such definition as applicable. 

Girls Who Code commits to maintaining and using De-identified Data only in a De-identified form and will not attempt to re-identify the information, except that Girls Who Code may attempt to re-identify the information solely for the purpose of determining whether or not its De-identification processes are sufficient. 

Device

A device is a computer that can be used to access our website or services. For example, a device could be a desktop, tablet or smartphone.  

US State Data Protection Laws

The applicable US state privacy laws by which we process your Personal Information, which include Some U.S. state privacy laws, like the (i) CCPA, the (ii) Virginia Consumer Data Protection Act (VCDPA), the (iii) Colorado Privacy Act of 2021, as amended (CPA), and the (iv) Utah Consumer Privacy Act (UCPA) of 2022, as amended (UCPA); (v) Connecticut Act Concerning Personal Data Privacy and Online Monitoring (CTDPA);(vi) Montana Consumer Data Privacy Act;  (vii) Oregon Consumer Privacy Act of 2023; (viii) Texas Data Privacy and Security Act  of 2023; (ix) the Maryland Online Data Privacy Act; (x) the Nebraska Data Privacy Act; (xi) the New Jersey Data Privacy Law (effective January 15, 2025); (xii) the Delaware Personal Data Privacy Act (effective January 1, 2025); (xiii) the Indiana Consumer Data Protection Act (effective January 1, 2026); (xiv) the Iowa Consumer Data Protection Act (effective January 1, 2025); (xv) the Kentucky Consumer Data Protection Act (effective January 1, 2026); (xvi) the Minnesota Consumer Data Privacy Act (effective July 31, 2025); (xvii) the New Hampshire Act Relative to the Expectation of Privacy (effective January 1, 2025); (xviii) the Rhode Island Data Transparency and Privacy Protection Act (effective January 1, 2026); (xix) the Tennessee Information Privacy Act (effective July 1, 2025); or (xx) any other applicable US state law that may be enacted for the purpose of protecting personal information and do not apply solely to specific industry sectors (e.g., financial institutions) or specific classes of information (e.g., health or biometric information).

Girls Who Code HQ (or GWC HQ)

“Girls Who Code HQ” or “GWC HQ” means a custom web application built to support GWC-Led Services, similar to a learning management system.

Girls Who Code HQ Account (or GWC HQ Account)

“Girls Who Code HQ Account” or “GWC HQ Account” is an account for users of GWC HQ for purposes of engaging in the GWC-Led Services. 

GWC-Led Services

“GWC Services” at Girls Who Code consists of all non-Club activities (e.g. GWC Summer Immersion Programs, Self Paced Programs, College Loops, and College and Career Programs). GWC-Led Services are not connected to a school, and are not intended for individuals under the age of 13. To learn more about those services, please see here

GWC-Led Services Minor User

“GWC-Led Services Minor User” means a user between the ages of 13-17 years of age using the GWC-Led Services

GWC-Led Services User

“GWC-Led Services User” means an individual using the GWC-Led Services.

GWC Personnel

“GWC Personnel” means an individual who is GWC staff, a GWC activity sponsor, and/or a GWC or Community Partner volunteer administering some of the GWC-Led Services.  

GWC Website

“GWC Website” refers to the Girls Who Code informational website, located at www.girlswhocode.com, which supports organization wide initiative and learnings and has its own separate privacy policy and terms of service as related to the use of that site.

HTTP Referrer

An HTTP Referrer is information transmitted to a destination webpage by a web browser, typically when you click a link to that webpage. The HTTP Referrer contains the URL of the last webpage the browser visited.  

IP Address

Every device connected to the Internet is assigned a number known as an Internet protocol (IP) address. These numbers are usually assigned in geographic blocks and are typically controlled by your Internet Service Provider (ISP), your company, or your university. An IP address can often be used to identify the location from which a device is connecting to the Internet.  IP addresses can be used to combat fraud and compliance with geographical legal restrictions and can be used to target advertising. When Girls Who Code stores an IP address, we store it in truncated or encrypted form. Additionally, we only use IP address information collected from students under 13 for internal business purposes.  

Local Storage

Local Storage enables websites to store and retrieve data in a browser on a device. When used in “Local Storage” mode, it enables data to be stored across sessions (for example, so that the data is retrievable even after the browser has been closed and reopened). One technology that facilitates web storage is HTML 5. Other technologies include local shared objects, sometimes known as “Flash Cookies.” For more information, please see our Online Tracking Technologies Policy. 

Non-Personally Identifiable Information

This is information that on its own does not permit direct association with any specific individual. For example, we consider the following to be non-personally identifiable information: your zip code, approximate location (e.g region, city, zip), your browser type, and non-unique device identifiers (e.g. Chromebook model). We also consider aggregated, De-identified and/or anonymized data to be non-personally identifiable information. Anything that is Personal Information is excluded from the definition of non-personal information. Not all jurisdictions have the same definition for Personal Information and non-personally identifiable information.  

Persistent Identifiers

This is a persistent and unique identifier that can be used to recognize a user over time and across different websites or online services. For example, this can be an IP address, a unique device identifier or a device serial number. 

Personal Information

Personal Information is data that can be used to identify or contact a particular individual, such as the individual’s name, email address or billing information, or other data which can be reasonably linked to that data or to that individual’s specific computer or device. When anonymous or non-personal information is directly or indirectly linked with personal information, this anonymous or non-personal information is also treated as Personal Information. We will consider persistent identifiers that are not anonymized, de-identified or aggregated as Personal Information. Not all jurisdictions have the same definition for Personal Information and non-personally identifiable information. 

If you are a resident of California, we follow the definition of Personal Information as set forth under the California Consumer Privacy Act of 2018 (CCPA) as amended and its implementing regulations, including amendment by the California Privacy Rights and Enforcement Act of 2020 (CPRA) and its implementing regulations.

For residents located in additional states with a consumer privacy law (such as Colorado, Utah, or Virginia) and such law has also defined the term “Personal Information”, we will apply such definition as applicable. 

For EU and UK residents, anywhere we use the term Personal Information, we will apply the General Data Protection Regulation, including as implemented or adopted under the laws of the United Kingdom (GDPR), definition of "personal data" which states that “personal data” means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Pixel Tag

A Pixel Tag is a type of technology placed on a website, or within the body of an email for the purpose of tracking activity on websites or when emails are opened or accessed, and is often used in combination with Cookies. Pixel refers to the software code that is placed within a web page in order to trigger the placing of Cookies and transmits information to us or our third party service providers. This enables two websites to share information. The resulting connection can include information such as a device’s IP address, the time a person viewed the pixel, an identifier associated with the browser or device, the type of browser being used and the URL of the web page from which the pixel was viewed. A Pixel Tag is also known as a web beacon or Clear GIFs. There may or may not be a visible graphic image associated with the pixel, and often the image is designed to blend into the background of a web page or email. 

Program Applicant

A Program Applicant is an individual who provides information to GWC-Led Services as part of their interest in applying for, signing up for, or otherwise requesting to participate in a GWC-Led Service.

Program Participant

A Program Participant is an individual who provides information and engages in a GWC-Led Service

Sell

“Sell” or “Selling” ​does not include or apply to a purchase, merger or other type of acquisition of a company by another entity, provided that the company or successor entity continues to treat the personal information in a manner consistent with our GWC privacy policies with respect to the previously acquired Personal Information. We apply this same principle to all Personal Information we collect or receive.

Sell also does not include sharing, transferring or disclosing of Personal Information with a service provider that is necessary to perform a business purpose (such as detecting security incidents, debugging and repairing, analytics, storage or other processing activities) provided that the service provider does not further use or sell the Personal Information except as necessary to perform the business purpose.  Girls Who Code is also not “Selling” Personal Information (i) if a user ​directs Girls Who Code to intentionally disclose Personal Information or uses Girls Who Code to intentionally interact with a third party, provided the third party does not also sell the Personal Information; or (ii) if a parent or a third party authorized by a parent, lawfully acquires Personal Information.

If you are a resident of California, we follow the definition of Sell or sale as set forth under the California Consumer Privacy Act of 2018 as amended (“CCPA) and its implementing regulations, including an amendment by the California Privacy Rights and Enforcement Act of 2020 (CPRA) and its implementing regulations.

Server Log Data

Like most websites, our servers automatically record the page requests made when you visit our websites. These “server logs” or “log data” typically include your web request, IP address, browser type, browser language, the date and time of your request and one or more Cookies that may uniquely identify your browser.

Third Party Advertising

We consider Third Party Advertising on our service to mean third-parties that would directly advertise their products or services on our service (i.e., such as when an advertiser would bid to place an advertisement directly on a platform such as Facebook). We don’t allow third parties to advertise directly on our service in user logged-in areas of our service. We also do not use Third Party ad servers (such as Google AdWords or AdSense) in user logged-in areas of our Service. However, we may serve Contextually Relevant Advertising for Third Party products and services ourselves that we believe may be of interest to you (e.g., our collaboration with an in-person learning opportunity in their geographical area).  

Third Party Service Providers

We consider Third Party Service Providers on our GWC-Led Services to mean Third Party partners, sponsors, vendors, or trusted organizations that process GWC-Led Service Users data and information on our behalf in accordance with our instructions, Privacy Policy, and any other appropriate confidentiality and security requirements. 

Third Party Platform Providers

We consider Third Party Platforms on our GWC-Led Services to mean any service where GWC-Led Service Users must create an account on a third party platform in order to engage in certain GWC-Led Services. These Third Party Platforms have their own privacy policies, and we encourage you to review them before providing them with Personal Information.

Unique Device Identifier

A Unique Device Identifier (sometimes called a universally unique ID or UUID) is a string of characters that is incorporated into a device by its manufacturer and can be used to uniquely identify that device (for example an IMEI-number of a mobile phone). Different Unique Device Identifiers vary in how permanent they are, whether they can be reset by users, and how they can be accessed. A given device may have several different Unique Device Identifiers. Unique Device Identifiers can be used for various purposes, including security and fraud detection, syncing services such as a user’s email inbox, remembering the user’s preferences and providing relevant advertising. 

 

Related articles

Comments

0 comments

Article is closed for comments.