This Privacy Statement explains how DeeplyCode (“we”, “us”, “our”) collects, uses, shares, and protects information relating to users of our all-in-one coding education platform (the “Platform”). By using the Platform, you acknowledge that you have read and understood this Privacy Statement and agree to our handling of your information as described here, in accordance with applicable law.

If this Privacy Statement conflicts with applicable law, we will follow the applicable law.

1. Information We Collect

We may collect the following categories of information:

1.1 Account and Profile Information

• Name, email address, username, password
• Institution or organization details (if provided)
• Role (e.g., student, instructor, admin)
• Other information you choose to add to your profile

1.2 User Content

• Questions, assignments, solutions, code, and submissions
• Comments, messages, feedback, and other content you create or upload
• Files or other materials you provide through the Platform

1.3 Usage and Technical Data

• Log data (IP address, browser type, operating system, access times, pages viewed)
• Clickstream data and activity logs (actions taken, features used, interactions with content and AI tools)
• Device identifiers and configuration
• Performance and grading results (e.g., test cases passed, scores, time spent)

1.4 Payment Information (if applicable)

• Limited payment details (e.g., transaction IDs, billing address) collected via our payment processors.
• We do not typically store full credit card numbers; these are handled by third-party payment providers.

1.5 Cookies and Similar Technologies

We use cookies, local storage, and similar technologies to:

• keep you signed in,
• remember your preferences,
• understand how the Platform is used,
• improve performance and security.

You can manage cookies through your browser settings, but disabling certain cookies may affect your use of the Platform.

2. How We Use Your Information

We use the information we collect for the following purposes:

2.1 Providing and Operating the Platform

• Creating and managing your account
• Delivering coding exercises, automated grading, and learning content
• Processing submissions and generating results or feedback
• Enabling collaboration and communication features

2.2 Improving and Developing the Platform

• Analyzing usage patterns and performance
• Debugging, monitoring, and securing our systems
• Enhancing features, content, and user experience
• Training and improving algorithms and AI models, including models that analyze or generate code, hints, or feedback

2.3 Personalization

• Recommending content, exercises, or resources
• Adapting difficulty and feedback to your performance and behavior

2.4 Communication

• Sending service-related notifications (e.g., changes to policies, system alerts)
• Responding to your inquiries or support requests
• Sending optional updates, announcements, or marketing communications (where permitted by law, and with opt-out options)

2.5 Legal, Safety, and Compliance

• Enforcing our Terms of Service and other policies
• Detecting and preventing fraud, abuse, cheating, or security incidents
• Complying with legal obligations or lawful requests by public authorities

3. Data Sharing and Transfers

We may share your information in the following ways:

3.1 Service Providers

With trusted third-party service providers who help us operate the Platform (e.g., hosting, storage, analytics, email services, AI infrastructure, payment processors). These providers process data on our behalf and are contractually obligated to protect it.

3.2 Institutional Administrators

If you access DeeplyCode through an institution (e.g., university, school, training provider), we may share relevant information (such as progress, scores, and usage) with authorized administrators or instructors in accordance with our agreement with that institution.

3.3 Other Users

Depending on your settings and role, certain information (e.g., your name, questions, comments, or shared solutions) may be visible to other users on the Platform.

3.4 Aggregated, De-Identified, or Pseudonymized Data

We may create and use aggregated, de-identified, or pseudonymized datasets derived from your information for purposes including:

• analytics and reporting,
• research and education,
• developing and training AI models and algorithms,
• improving and marketing our services,
• commercial activities, including licensing such datasets to third parties.

These datasets are intended not to identify you personally.

3.5 Sale of Data / “Sale” as Defined by Law

In some jurisdictions, certain sharing of personal data may be considered a “sale” of personal data. Where that is the case:

• We will only engage in such activities in compliance with applicable data protection laws;
• We will provide the required notices; and
• Where required (for example, under the CCPA), we will offer a means to opt out of such “sales” or equivalent transfers.

3.6 Business Transfers

If we are involved in a merger, acquisition, restructuring, sale of assets, or similar transaction, your information may be transferred as part of that transaction, subject to appropriate protections.

3.7 Legal Requirements

We may disclose information if we believe in good faith that it is reasonably necessary to:

• comply with any applicable law, regulation, legal process, or governmental request;
• protect the rights, property, or safety of DeeplyCode, our users, or the public;
• enforce our Terms of Service, including investigating potential violations;
• detect, prevent, or address security or fraud issues.

4. Legal Bases for Processing (Where Required)

Where applicable laws (such as the GDPR) require a legal basis for processing personal data, we may rely on one or more of the following:

• Contract performance: To provide and operate the Platform under our agreement with you.
• Legitimate interests: To improve, secure, and operate our services in a way that is reasonable and balanced against your rights.
• Legal obligation: To comply with our legal duties.
• Consent: For certain activities, such as some types of marketing or data sharing, where we ask for your explicit consent. You can withdraw consent at any time, where applicable, without affecting prior processing.

5. Data Retention

We retain your information for as long as necessary to:

• provide the Platform and related services,
• fulfill the purposes described in this Privacy Statement,
• comply with legal, accounting, or reporting obligations,
• resolve disputes and enforce agreements.

We may retain aggregated, de-identified, or pseudonymized data for longer periods, as it no longer reasonably identifies you.

6. Security

We use reasonable technical and organizational measures to protect your information from unauthorized access, disclosure, alteration, or destruction. However, no system is completely secure, and we cannot guarantee absolute security.

You are responsible for maintaining the security of your login credentials and for notifying us promptly if you suspect any unauthorized access to your account.

7. Your Rights and Choices

Depending on your jurisdiction and applicable law, you may have some or all of the following rights:

• Access to the personal data we hold about you
• Correction (rectification) of inaccurate or incomplete data
• Deletion (erasure) of your personal data in certain circumstances
• Restriction of or objection to certain processing
• Data portability
• Withdrawal of consent (where processing is based on consent)
• The right to opt out of certain types of data “sale” or targeted advertising, where applicable

To exercise these rights, contact us using the details in Section 10. We may need to verify your identity before responding. Where your account is managed by an institution, some requests may need to be coordinated with that institution.

8. Children’s Privacy

The Platform is not intended for children under the age permitted by applicable law. We do not knowingly collect personal data from children under that age without appropriate consent (e.g., from a parent, guardian, or institution). If you believe we have collected such data without proper consent, please contact us so we can take appropriate action.

9. International Transfers

Your information may be transferred to and processed in countries other than your own, where data protection laws may differ. In such cases, we will take reasonable steps to ensure an adequate level of protection in accordance with applicable law (for example, by using standard contractual clauses or equivalent safeguards).

10. Changes to This Privacy Statement

We may update this Privacy Statement from time to time. When we do, we will update the “Last updated” date above and, where appropriate, notify you (for example, via email or in-app notice). Your continued use of the Platform after such changes take effect signifies your acceptance of the updated Privacy Statement.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Statement or our handling of your data, you can contact us at:

• Email: info@ashrafsmadi.com
• Address: Amman, Jordan