Privacy Policy

Effective Date: January 1, 2025

This Privacy Policy applies to all users of Codequiry's code plagiarism detection services, including our website, dashboard platform, API, desktop applications, browser extensions, and related services (collectively, the "Services").

Key Definitions

• "Codequiry," "we," "us," or "our" refers to Codequiry, LLC, the data controller responsible for your personal information.
• "Services" refers to our code plagiarism detection platform, including our website, web application, API, desktop apps, and browser extensions.
• "Personal Data" or "Personal Information" means any information relating to an identified or identifiable individual.
• "User," "you," or "your" refers to the individual accessing or using our Services.
• "Processing" means any operation performed on personal data, including collection, storage, use, or disclosure.
• "GDPR" refers to the General Data Protection Regulation (EU) 2016/679.
• "CCPA" refers to the California Consumer Privacy Act.
• "FERPA" refers to the Family Educational Rights and Privacy Act.

We collect information to provide and improve our code plagiarism detection services. The types of information we collect include:

We use the information we collect for the following purposes:

Primary Service Purposes

• Plagiarism Detection: To analyze submitted code and detect similarities, matches, and potential plagiarism
• Account Management: To create and manage your account, authenticate access, and maintain your profile
• Service Delivery: To provide access to our platform, generate reports, and deliver analysis results
• Payment Processing: To process subscription payments, generate invoices, and manage billing
• Customer Support: To respond to inquiries, troubleshoot issues, and provide technical assistance

Platform Improvement

• Service Enhancement: To improve our plagiarism detection algorithms and platform features
• Analytics: To understand usage patterns, optimize performance, and enhance user experience
• Research & Development: To develop new features and improve detection accuracy
• Quality Assurance: To test, debug, and ensure the quality of our services

Security & Legal

• Security Monitoring: To detect and prevent fraud, abuse, and unauthorized access
• Legal Compliance: To comply with legal obligations, court orders, and regulatory requirements
• Terms Enforcement: To enforce our Terms of Service and protect our rights and property
• Dispute Resolution: To resolve disputes and investigate complaints

Communication

• Transactional Emails: To send account notifications, payment confirmations, and service updates
• Marketing Communications: To send product updates, feature announcements, and promotional offers (you can opt out)
• Educational Content: To provide helpful resources, tutorials, and best practices

We may share your information with the following trusted partners who help us operate our platform:

Service Providers

• Amazon Web Services (AWS): Cloud hosting and infrastructure
• Stripe: Payment processing and subscription billing (PCI-DSS compliant)
• Cloudflare: Content delivery network (CDN) and DDoS protection
• Google Analytics: Website analytics and usage tracking
• Intercom: Customer support and live chat
• SendGrid/Mailgun: Transactional email delivery

Required Disclosures

We may disclose your information when required by law or to protect our rights:

• Legal Compliance: To comply with court orders, subpoenas, or legal processes
• Law Enforcement: To respond to lawful requests from government authorities
• Protection of Rights: To protect our rights, property, safety, or that of users and the public
• Business Transfers: In connection with a merger, acquisition, or sale of assets

Academic Institutions

• Within educational institutions, instructors can view submissions from their students
• Institution administrators may access aggregate usage statistics
• We do not share student data outside of the institution without explicit consent

We implement enterprise-grade security measures to protect your personal information:

Technical Security

• Encryption: TLS/SSL encryption for data in transit, AES-256 encryption for data at rest
• Secure Infrastructure: Enterprise-grade AWS cloud infrastructure with multiple redundancies
• Password Security: Passwords hashed using bcrypt with industry-standard salt rounds
• Two-Factor Authentication: Optional 2FA available for enhanced account security
• Firewall Protection: Web Application Firewall (WAF) via Cloudflare
• DDoS Protection: Advanced DDoS mitigation to ensure service availability
• Regular Backups: Automated daily backups with point-in-time recovery

Organizational Security

• Access Controls: Role-based access control (RBAC) limiting data access to authorized personnel
• Employee Training: Regular security awareness training for all team members
• Confidentiality Agreements: All employees sign confidentiality and data protection agreements
• Security Audits: Regular internal security reviews and assessments
• Incident Response: Documented procedures for security breach notification and response

Monitoring & Detection

• 24/7 Monitoring: Continuous system monitoring for suspicious activity
• Intrusion Detection: Automated intrusion detection and prevention systems
• Log Management: Comprehensive logging and audit trails
• Vulnerability Scanning: Regular security vulnerability assessments

Data Breach Notification

In the event of a data breach affecting your personal information, we will:

• Notify affected users via email within 72 hours of discovery (as required by GDPR)
• Notify relevant supervisory authorities as required by law
• Provide details about the nature of the breach and steps taken to mitigate harm
• Offer recommendations for protecting your information

As a U.S.-based company, we provide the following privacy rights and controls under U.S. law. Note: GDPR rights are not applicable as detailed in Section 11.

How to Exercise Your Rights

To exercise any of these rights, please contact us at:

• Email: [email protected]
• Subject Line: "Privacy Rights Request"
• Include: Your name, email address, and specific request

Response Time: We will respond to your request within 30 days (or as required by applicable law). For complex requests, we may extend this period by an additional 60 days with notification.

We use cookies and similar tracking technologies to enhance your experience and analyze platform usage.

Types of Cookies We Use

Managing Cookies

You can control and manage cookies in several ways:

• Browser Settings: Most browsers allow you to block or delete cookies through settings
• Opt-Out Tools: Visit aboutads.info/choices or youronlinechoices.com
• Google Analytics Opt-Out: Install the Google Analytics Opt-out Browser Add-on
• Do Not Track: Enable "Do Not Track" in your browser (note: not all sites honor this)

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention Periods

Data Deletion

When data is no longer needed:

• Personal information is securely deleted or anonymized beyond recovery
• Backups are purged according to our backup retention schedule
• Third-party processors are instructed to delete data
• Physical and digital deletion is performed according to industry standards

Codequiry, LLC is based in the United States. All data is stored and processed in the United States under U.S. law.

Where Your Data is Stored

• Primary Data Centers: Amazon Web Services (AWS) US regions
• Backup Locations: AWS multi-region redundancy within the United States
• CDN: Cloudflare global network for performance and security
• Payment Processing: Stripe (US-based, PCI-DSS Level 1 compliant)

Data Protection Standards

We implement robust security measures for all data:

• Encryption: All data transfers are encrypted using industry-standard protocols (TLS/SSL)
• Access Controls: Strict access controls and authentication
• U.S. Compliance: Full compliance with applicable U.S. data protection laws
• Service Provider Agreements: All service providers sign agreements ensuring secure data handling

Educational Context

While Codequiry is used in educational institutions where students (including minors) may submit assignments:

• Accounts must be created and managed by educators (teachers, professors, administrators) who are 18+
• Student submissions are associated with the educator's institutional account, not individual student accounts
• We collect only the minimum information necessary for plagiarism detection
• Educators are responsible for obtaining necessary parental consents under COPPA and FERPA
• Student data is protected under our institutional agreements and FERPA compliance measures

Student Submissions

When student code is submitted through an educator's account:

• We collect only file names, code content, and minimal identifiers
• Student email addresses or contact information are not required
• Data is used solely for plagiarism detection and reporting to the educator
• Student submissions are deleted when the educator's account is closed or upon request

Parental Rights

If you are a parent or guardian and believe your child under 13 has provided personal information to us:

• Contact us immediately at [email protected]
• We will delete the information within 30 days of verification
• You may request access to your child's information if applicable

Your GDPR Rights

If you are in the EU/EEA/UK, you have the following data protection rights under GDPR:

• Right to Access: Request a copy of your personal data
• Right to Rectification: Correct inaccurate personal data
• Right to Erasure: Request deletion of your personal data
• Right to Portability: Receive your data in a portable format
• Right to Object: Object to certain processing activities
• Right to Restrict: Request restriction of processing
• Right to Withdraw Consent: Withdraw consent at any time

How to Exercise Your Rights

You can exercise most rights directly through your account:

• Data Export: Go to Privacy Settings → Download My Data
• Account Deletion: Go to Account Settings → Delete Account
• Cookie Preferences: Go to Privacy Settings → Cookie Preferences
• Marketing Opt-out: Go to Privacy Settings → Email Communications

For other requests, contact us at [email protected] and we will respond within 30 days.

Data Protection Measures

We implement robust technical and organizational measures to protect your data:

• AES-256 Encryption: Data encrypted at rest and in transit (TLS/SSL)
• Data Minimization: We only collect data necessary for our services
• Access Controls: Strict role-based access to personal data
• Regular Audits: Security assessments and compliance monitoring
• Data Processing Agreements: All vendors comply with GDPR requirements
• International Transfers: Appropriate safeguards for data transfers

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).

Your California Privacy Rights

• Right to Know: Know what personal information we collect, use, disclose, and sell
• Right to Delete: Request deletion of your personal information
• Right to Correct: Request correction of inaccurate personal information
• Right to Opt-Out: Opt-out of the sale or sharing of personal information (we don't sell data)
• Right to Limit Use: Limit use and disclosure of sensitive personal information
• Right to Non-Discrimination: Not receive discriminatory treatment for exercising your rights

Categories of Personal Information

Under CCPA, we collect the following categories:

• Identifiers: Name, email, IP address, account name
• Commercial Information: Purchase history, subscription details
• Internet Activity: Browsing history, search history, interactions
• Geolocation Data: General location from IP address
• Professional Information: Job title, employer, institution
• Education Information: Institution name, courses, assignments
• Inferences: Preferences and characteristics derived from other information

How to Exercise Your CCPA Rights

To exercise your California privacy rights:

• Email: [email protected] with "California Privacy Request" in subject line
• Provide: Your name, email, and specific request
• Verification: We will verify your identity before processing
• Response Time: Within 45 days (extendable by 45 days if needed)

Authorized Agents: You may designate an authorized agent to make requests on your behalf. The agent must provide proof of authorization.

"Shine the Light" Law

California Civil Code Section 1798.83 permits California residents to request information about disclosure of personal information to third parties for direct marketing. We do not disclose personal information to third parties for their direct marketing purposes.

Codequiry complies with the Family Educational Rights and Privacy Act (FERPA) when processing educational records from U.S. educational institutions.

FERPA Protection

When used by educational institutions subject to FERPA:

• School Official Status: We act as a "school official" with legitimate educational interests
• Purpose Limitation: Student data is used solely for plagiarism detection and reporting
• Access Restriction: Only authorized educators can access student submissions
• Parental Rights: Institutions maintain control over parental access rights
• No Unauthorized Disclosure: We do not disclose education records without consent unless permitted by FERPA

Student Data Protection

• Student submissions are stored securely and encrypted
• Access is limited to the submitting educator and authorized institution personnel
• Data is not used for advertising or marketing to students
• Student information is not sold or shared with third parties
• Data is deleted upon request or when no longer needed for educational purposes

Institutional Agreements

Educational institutions using Codequiry enter into agreements that:

• Designate Codequiry as a "school official" under FERPA
• Specify the legitimate educational purpose for data processing
• Establish data security and privacy requirements
• Define data retention and deletion procedures
• Ensure compliance with FERPA and state student privacy laws

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors.

How We Notify You

• Email Notification: For material changes, we will email you at your registered address at least 30 days before the changes take effect
• In-App Notice: Prominent notification in your dashboard when you log in
• Website Banner: Notification banner on our website
• Last Updated Date: Always displayed at the top of this policy

Your Acceptance

By continuing to use our Services after policy changes become effective, you accept the updated Privacy Policy. If you don't agree with the changes:

• You may close your account by contacting us at [email protected]
• We will delete your data in accordance with this Privacy Policy
• Some data may be retained as required by law

Version History

We maintain a version history of material changes to this Privacy Policy. Contact us at [email protected] to request previous versions.

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: