The privacy of our users is extremely important to us. We believe you should understand what data we collect and why, where and for how long it is stored, and who we share it with. It is your data and it should be under your control. With your consent, we use your data to support your learning.
1. Personal Information
1.1. What Personal Information we collect and why
We collect your first name, last name and nickname so we can:
- address you in communications;
- help Educators (and sometimes other students) at your institution identify you; and
- award certificates of achievement in your name.
You can update your name in your account settings under Account Details.
We collect your email address(es) so:
- you can login to your account with a unique identifier;
- we can notify you of important information (e.g., password reset, account changes, or policy updates);
- we can support your learning (e.g., encourage you to continue a course or notify you when you earn a certificate), and
- you can receive newsletters (e.g. about new courses and other educational activities), until you opt out.
We only send marketing or sales information to:
- Private Users (those who have registered or purchased products or services themselves),
- Users who have opted-in to receive our marketing emails.
You can change your marketing email preferences in your Account Settings under Communication.
You can optionally specify your gender as female, male, or other. You can change your gender in your account settings under Account Details.
Your gender will never be displayed, and is only aggregated for statistical analysis to ensure that our Grok technology and content is equally effective for everyone.
Country of residence
You can change your country of residence in your account settings under Account Details.
We link you to your Institution(s) (school, university, etc) so we can determine which:
- content to make available to you;
- Educators should have access to your Personal Information;
- Educators should have access to your course progress and marks;
- students (also linked to your Institution(s)) can see your name on leaderboards.
We link you to your Institution(s) so that your Verified Teacher(s) can manage your learning in our Platform. This includes, but is not limited to:
- create and manage their students’ Registered User accounts;
- address their students in communications;
- assign courses for their students to complete;
- access the course progress and submissions of their students; and
- export the course progress and marks of their students.
Your School Year is the school year or grade you are currently in (e.g. Year 10 or Grade 5). It only applies to students enrolled at schools, homeschools and some colleges.
Your School Year is visible to your Verified Teachers and helps them to manage your learning and what content is recommended to you.
Your School Year may qualify you for free access to specific content in the Platform, in some circumstances.
We use School Year to analyse how effective our courses are for different age groups.
Educator phone number(s)
We may (optionally) collect Educator phone numbers for the purposes of providing you with customer support, sales, consulting, or professional development, and as an emergency contact if we have concerns about the behaviour of any of your students within the platform.
We use your IP address to help us determine your geolocation, so that we can comply with relevant privacy regulations and show you content that is relevant for your location. We log your IP address along with the date and time you logged in for security purposes and to protect against cheating in assessment tasks. Your IP address may also be used in threat detection analysis.
Grok may integrate with identity and authentication services provided by your Institution(s) that share your Personal Information with us. These include, but are not limited to:
- Single Sign-On (SSO) authentication services, e.g., OAuth or SAML2; and
- Learning Tools Interoperability (LTI) services, e.g., with Canvas or other learning management systems.
For these services, we must store non-email unique personal identifiers. Depending on how these identifiers are configured for your Institution(s), they may include your Personal Information.
1.2. Where we collect your Personal Information
Your Personal Information can be provided by you, or may be provided by someone on your behalf, such as a parent or guardian, or Educator at your Institutions.
When you register yourself or are registered by a parent or guardian
We collect your full name, email address, and country of residence.
When you are registered by an Educator at an Institution
We collect your full name, nickname, email address, and gender (if available) as provided by your Educator(s). We also collect the registering Institution and your School Year (where applicable).
We set your country of residence to the country of the registering Institution.
When you log in
Each time you log in or access the site when you are logged in, we store your IP address, the date and time you logged in, and that it was you that logged in.
If you log in via some Single-Sign On (SSO) or other identity and authentication services, we may collect or update your full name, nickname, email address, gender (if available), Institution name, and School Year (if available) based on the information provided by the service.
When you as an Educator register students
When you update your account settings
We store any Personal Information you provide via your account settings.
When your Institution updates your information
If we have a data synchronization arrangement with your Institution, we may automatically receive and apply updates from your Institution (See Data Synchronisation below).
When you contact our support services
If you phone us, we will collect your phone number, and your name.
If you email our support team, we will collect your email address, your name, and optionally other Personal Information that you provide as part of your communication with us.
When you attend a workshop or sign up for a newsletter or other outreach activity
We will collect your name, email address, and optionally your phone number.
1.3. How long we keep your Personal Information
We store your Personal Information as detailed above until:
- You delete your account at which point your account is deactivated and all Personal Information is erased. You can delete your account in account settings under Delete Account. Deleted accounts cannot be recovered; or
- Your account expires at which point we erase or obfuscate all Personal Information. Unless you reactivate your account, your expired account is not identifiable in any way. We expire all accounts that have been inactive for more than 18 months; or
- Your Institution deletes your account through our data synchronisation with the Institution (see Data Synchronisation below) or by a request from your Institution.
The record of consent for students registered by Educators, which may include the Educator’s Personal Information, exists until the student account is deleted or expired.
1.4. Who we share your Personal Information with
We will share your Personal Information in our Platform with Verified Teachers at your linked Institutions, or with tutors engaged by Grok, Grok’s Partners, or by your Institution(s).
See the Sharing Information section below for further details.
1.5. What you can do about it
You can delete your account in your account settings under Delete Account or edit your account settings at any time to add, update, or remove Personal Information from your account, except if your account is synchronised with an external Institution (see Data Synchronisation below).In accordance with your right to be forgotten, account deletion erases all of your Personal Information and it cannot be reversed.
1.6. Inadvertent storing of Personal Information in Learning Data
You may inadvertently provide us your Personal Information as part of your learning process, for example, using your name or email address as input to a program you are testing in the platform.
Grok strongly discourages Users from using their Personal Information in this way because we store and treat Learning Data separately, as described below. You accept that by including your Personal Information in the Learning Data that Grok is not responsible for obfuscating or erasing your Personal Information unless you request we do so.
If you believe you have included your Personal Information in your Learning Data, please contact firstname.lastname@example.org.
2. Learning Data
We collect and store Learning Data from your interactions with our Platform. This includes:
- information that you manually enter into the learning interface (e.g., code submissions or discussion in tutor chat);
- data generated by your actions (e.g., changing slides or running examples); and
- data created automatically by the Platform (e.g., the result of marking a code submission).
All of this data is collected to support and encourage you in your learning, give your Verified Teachers more information about your progress, and for Grok to improve our learning technology and content in the Platform.
2.1. What Learning Data we collect and why
Every time you write code or provide other information to solve a problem (collectively, “Code”) in the Platform, we collect and store data associated with your learning, including, but not limited to:
Saved Code: we store your current Code when you click Save (or a synonym) or when the Platform automatically saves your current Code. The date and time is also stored.
We store your Saved Code so that if the browser session ends or you make changes that you do not want to keep, you can recover your work. Saved Code is visible to you and your Verified Teachers in the learning interface.
Saved Code is also compared against other Code or external examples to detect instances of plagiarism and cheating.
Executed Code: we store Code that you execute to explore its behaviour when you click Run (or a synonym). We store which problem or example the Code is associated with, and the date and time when you executed it.
We also store any user input or other data entered while the Code was running, and if the Code terminated abnormally, any termination data.
We store your Executed Code to better understand your learning progress, both individually and aggregated for semantic and statistical analysis. Previously Executed Code is not currently visible to you and/or your Verified Teachers, but it may be in the future.
Submitted Code: we store Code that you submit when you click Mark (or a synonym). We store which problem the Code is associated with, the date and time of the submission, and the number of submissions you have made for each problem.
We also store the response from our automated marking system, which may include whether your Code passed or failed a particular test case, the expected and actual behaviour of your Code, any further analysis or provided hints for your Code, and the number of points awarded.
We store your Submitted Code to give you and your Verified Teachers detailed information about your learning progress, and to aggregate in semantic and statistical analysis.
- Tournament Code: we store Code that you submit to a tournament when you click Submit (or a synonym). We store which tournament the Code is associated with and the date and time of the submission. We compare your Tournament Code against other users’ Tournament Code to create a ranked leaderboard of submissions.
We analyse your Saved, Executed, Submitted, and Tournament Code to better understand your learning progress, and to improve our Platform and Content.
We automatically collect and store data about your learning activities within the learning interface.
This may include, but is not limited to, which content in the learning interface you have viewed, when, and for how long, and how you have interacted with that content (e.g., running and modifying examples, or completing comprehension questions). Activities may also include the completion of particular problems, or sets of problems, within particular time limits or other constraints.
We may present this information to you in the learning interface, including as part of a gamification system, or as achievement or course completion badges.
Progress and Activity Summaries
We summarise your learning progress on the basis of (but not limited to) the Code and Activity data above. We may present this summary to you in views including, but not limited to, your Launchpad (or similar home view), the outline of each course, and within the learning interface.
We also present your Progress Summaries to Verified Teachers on their Teacher Dashboard.
For some courses, we assign points to each problem and calculate a score for attempting or solving the problems. The calculation of the score is described in the course outline. Our competitions may use this score to rank you on the competition leaderboard.
For tournaments, we rank entries to the tournament (submissions) on the tournament leaderboard.
For some of our courses, Grok, your Institution(s), or our Grok partners and volunteers, may provide tutor support, including tutor messaging within the learning interface or shared forums visible to all users enrolled in the course (see Tutoring Support below).
Your Institution(s) may restrict whether you can access tutor messaging or the forums.
We collect and store all of the posts you make and receive within the tutor messaging and forums. You can access these posts through the learning interface or the forums. These posts may also be visible to your Verified Teachers. This is both for your protection and the protection of the tutors.
Feedback to Grok
From time to time, Grok may solicit your feedback on aspects of our Platform, technology and content, either through user surveys or through ratings that you provide on individual content items (such as problems or slides). This may involve a mixture of quantitative and qualitative feedback which will be linked to your Registered User account.
We collect and store this information to improve the quality and effectiveness of our Platform, technology and content, understand how we can make your learning experience better, and ask for your ideas for future technology, courses and problems.
2.2. Where we collect Learning Data
We collect Learning Data as you interact with our content and technology in the learning interface, submit Code to problems or tournaments, make a post on tutor messaging or the forums, or when you complete a survey.
Some Learning Data is collected by manual entering, such as running or submitting Code and survey responses. Other Learning Data is collected automatically based on your activity or from the analysis of your Code. For example, our marking system provides results automatically, and any scores and ranks are calculated from those results.
2.3. How long we keep Learning Data
We keep your Learning Data indefinitely for semantic and statistical analysis to improve our Platform and content. Large-scale Learning Data allows us and our research partners to test pedagogical techniques, identify concepts where we need to provide more learning support or simplify content, and problems that users find ambiguous or difficult.
Due to our Registered User expiry policy, your Personal Information, with the exception of your linked Institutions will be removed or obfuscated after more than 18 months of inactivity, and so will be disconnected from your Learning Data.
2.4. Who we share your Learning Data with
Verified Teachers at your Institution(s) can see your Learning Data (as described above). Tutors can also see learning data for students who are enrolled in a course or competition with Tutoring Support (see below).
We publish leaderboards on our Platform for competitions and tournaments. Your Personal Information (name and/or institution) are only shown to you (so you can find yourself on the leaderboard) and to Eductors at your school. Other users only see your grade, country and state.
2.5. What you can do about it
You can ask for your Code in a course to be reset by contacting our support team at email@example.com.
You can also delete your account in your account settings under Delete Account. Account deletion will anonymise your Learning Data so that it can’t be linked back to you.
Note: you should not include any Personal Information in your Learning Data.
The content in the Platform (especially the problems and surveys) and warnings in the tutor messaging and forums strongly discourage users from entering Personal Information in any free-form text (such as Code, user input to executing code, posts or survey responses). Our tutors are also trained to strongly discourage users from posting Personal Information.
Removing the Personal Information from later Code submissions will not remove it from your earlier Saved, Executed or Submitted Code. If you do inadvertently include Personal Information in your Learning Data, please contact our support team at firstname.lastname@example.org to have it removed.
Grok takes no responsibility and accepts no liability, for removing or obfuscating Personal Information included in Learning Data.
3. Payment Data
When an individual or Institution completes a payment transaction with Grok, we may collect additional information relevant to that transaction.
3.1. What Payment Data we collect and why
For individuals, we may collect and store the following data:
- Billing name of the payer of the transaction and their email address;
- PayPal or other payment gateway transaction ID; and
- Tax status
For Institutions, we may collect and store the following data:
- Name of the Institution;
- PayPal or other payment gateway transaction ID;
- Taxation related identifiers, e.g., the Institution’s ABN;
- Tax status; and
- Finance officer name and email address
We collect and store this information to render valid tax invoices and to facilitate following up the payment of invoices or refunding of payments.
Note: we do not collect or store any credit card information.
3.2. Where we collect Payment Data
We collect this information when you create an invoice, either when purchasing a single subscription, purchasing multiple subscriptions via our bulk subscription process, or purchasing a site licence.
3.3. How long we keep Payment Data
We keep a record of invoices indefinitely.
3.4. Who we share Payment Data with
All Grok invoices are also sent to Xero, an online accounting system. This includes:
- invoice payer details (explicitly entered billing details in the case of an individual, or the Institution name in the case of an Institution);
- invoice amount;
- summary line item descriptions;
- taxation information.
If you choose to pay an invoice by electronic funds transfer (EFT) then your bank will send through transaction data that we store within Xero.
4. Web Traffic Data
Like many other platforms and websites, Grok collects and stores web traffic data. Our web traffic log files record visits to Grok websites and the actions performed by visitors – a standard procedure for maintaining security and the reliability of our service.
4.1. What Web Traffic Data we collect and why
The Web Traffic Data we collect from your web browser is:
- your IP address
- the date and time you accessed the website
- the URL you accessed on our website
- the browser and operating system you used to access our website
- the referring URL (the website that linked you to Grok)
- Log in events
This information is used to analyze trends, administer the site, track user’s movement around the site, and gather demographic information. The browser and operating system information allows us to determine which browsers we should prioritise supporting and for how long.
This information is also used to protect the integrity of the site from accidental or malicious attacks, e.g., denial of service (DoS) attacks.
4.2. Where we collect Web Traffic Data
We collect Web Traffic Data in log files on every page visit to Grok websites.
4.3. How long we keep Web Traffic Data
We keep our Web Traffic log files indefinitely (as long as practical) for cyber security purposes.
4.4. Who we share Web Traffic Data with
We may share your anonymous Web Traffic Data with third parties (e.g., SIEM services) exclusively for the purpose of detecting, assessing, and protecting against cyber security events.
5. Support Data
When you contact our support services either through our Platform or directly by email or phone, we collect and store data related to your support request and our interaction with you.
5.1. What Support Data we collect and why
To enable us to respond to your support request, we collect:
- your name and your email address;
- the names and email addresses of any other recipients of your message or email;
- the contents of your message or email; and
- the date and time of your message.
This is the same data that you typically provide to anyone when you send them an email.
5.2. Where we collect Support Data
Our Microsoft cloud tenant, including Microsoft Dynamics 365, stores all data in Australia.
5.3. How long we keep Support Data
We keep a history of support requests indefinitely.
5.4. Who we share Support Data with
We don’t share your support data with anyone, except in the case where the query is best resolved by one of our partner organisations, in which case we will forward your message to the relevant party (see Partner Organisations below).
5.5. What you can do about it
If you would like us to delete your Support Data, please contact our support service at email@example.com.
"Cookies" are small pieces of information that can be placed on your device by a website in order to identify your web browser to that site.
Cookies are critical to enabling the functionality on our Platform. The functionality on the Grok Platform will be unavailable if your browser is configured to reject cookies.
6.1. What Cookies we use and why
The specific cookies stored on your device are described in detail in our Cookies Policy.
- associate your account with your browser: If you are using an anonymous user account, the information in these cookies is the only way to access your existing course progress. If you are a Registered User, these cookies store information you need to stay logged in.
- simplify single sign on (SSO) access to the Platform by redirecting logged out Registered Users to the authentication service they used previously.
- increase the security of our Platform by protecting against cross-site request forgeries.
- track website visitors and their activity using Microsoft Dynamics 365.
6.2. Who we share our Cookies with
We don’t share Grok cookies with anyone.
We use Microsoft Dynamics 365 to aggregate site usage information across all visitors for the purposes of improving our customer service and marketing effectiveness.
6.3. What you can do about it
If you wish to disable cookies, you may do so through your individual browser options. More detailed information about cookie management with specific web browsers can be found at the browsers’ respective websites.
However, it is not possible to use the features of our Platform without cookies enabled.
7. Sharing Information
Under limited circumstances, Grok will share your data with other entities, specifically:
- your Verified Teachers;
- your Institutions and their systems (including online providers);
- Tutors, provided by Grok or your Institution (who assist students in the platform);
- Grok partners; and
- research organisations.
We share this data where the risk of sharing your data is small, and is substantially outweighed by the benefits to you and your Verified Teachers, and creates a better learning experience for you and/or for future students.
Each scenario has been carefully considered, and where possible we anonymise and aggregate data before providing it to third parties. Some of these scenarios may not apply to you, depending on how you or your Institution(s) use Grok.
Most of these scenarios and the corresponding shared data has been discussed earlier, but has been split across the types of data.
7.1. Your Verified Teachers
If you are a student who belongs to one or more Institutions, we will share your Personal Information and Learning Data with all Verified Teachers at your Institution(s).
Note: any Verified Teacher at your Institution can access your Personal Information and Learning Data.
A Verified Teacher at your Institution(s) can see and update your Personal Information, including (but not limited to) your full name, email addresses, gender, country of residence and School Year. Some exceptions apply for Data Synchronisation (see below).
Verified Teachers at your Institution(s) may also have access to your Learning Data, including (but not limited to) your Saved and Submitted Code, your learning activity, summaries of progress and activity, Tutor Support data, and Feedback data, all via their Teacher Dashboard.
This is essential to allow Verified Teachers to manage their classes, record marks and monitor your learning progress.If you are a Verified Teacher in an Institution then we will share your Personal Information with other Verified Teachers at your Institution. This allows Educators to manage the privacy of students, by controlling who can view student information on Grok.
7.2. Your Institutions and their systems (including online providers)
We will share Personal Information and Learning Data with your Institution(s) and representatives of your Institution(s). In most instances, this will be Verified Teachers, but it may include authorised administrative and technical staff from your Institution(s). This may be required to confirm who is appropriately enrolled in a Grok course (e.g. after a course census date).
We may share your Personal Information with your Institution(s) through integration with their identity provider. This will only be in the cases where they have provided your Personal Information to us in the first place through this identity provider. For instance, some identity provider protocols require us to confirm information we have about a user before we can receive updates.
We may share your Learning Data with your Institution(s) through integration with their learning management system (LMS). Most LMSs have mechanisms, such as LTI, to support automatically pushing course progress in Grok back to the LMS for marks processing (or “gradebook”).
In some instances, the Grok Platform will be integrated with online course providers, such as Coursera, using LTI. These online providers will either be acting as your Institution in these cases, or will be acting on behalf of your Institution.
Some of our courses or competitions have expert tutor support. We may share your Personal Information and course specific Learning Data with our trained expert tutors for the duration of the tutoring support period.
Tutor support may be provided by either:
- Grok staff or volunteers;
- Grok Partner staff; or
- your Institution(s).
See the Tutoring Support section for more detail.
7.4. Grok Partners
Grok may enter into partnerships with organisations to support or promote particular courses, competitions or events.
We may share anonymised and aggregated Learning Data associated with your Institution(s) with our partners for the purposes of measuring and reporting impact. This includes usage and demographics data for the course, competition or event.
We may contact you, your Institution(s) or Educator(s) on behalf of these partners to arrange for certificates or prizes to be distributed. For competitions, users should refer to the Terms and Conditions of the specific competition.
We will never share your Personal Information with our partners without your permission.
7.5. Research organisations
Grok may share your anonymised Learning Data with researchers from reputable research organisations if they propose a clearly-defined research project that we believe will advance the state-of-the-art in computing education and is in keeping with our purpose.
We believe that large-scale scientific research has the capacity to greatly improve education and we may provide your Learning Data so that Grok can contribute to research on computing education and the science of learning.
In some instances, we may work with a research organisation to collect additional data from you (for example, survey data specific to the research) on a purely opt-in basis.
We will never share your Personal Information with a research organisation.
8. Data Synchronisation
If your Registered User account is synchronised with an Institution, for example, through an identity provider or learning management system, then depending on the Institution’s policies, the Institution controls the Personal Information we receive, and when that Personal Information may be changed or deleted.
In many cases, we are unable to modify Personal Information or delete an account which is externally synchronised. Please contact the Institution to update or delete your account. Contact our support service at firstname.lastname@example.org if you are unsure.
9. Tutoring Support
We share limited Personal Information and Learning Data with paid and volunteer tutors. Some of these tutors may be employed or affiliated with a Grok Partner.
All tutors have active New South Wales Working with Children Checks, or the equivalent check from the Australian state or territory in which they reside. All tutors are trained by Grok before they begin tutoring and are overseen and supported by Grok staff, including a 24-hour escalation process to an on-call Grok staff member.
We share this data so that tutors can address you by name, identify your locale, and give you advice about your Code and problem solving strategies.
10. Email support
If you contact us about a topic related to an external organisation, we may forward your query to the relevant organisation.
11. Website Security
We use the industry standard encryption software, Transport Layer Security (TLS), for all communication between you and our website. The URL in your browser will show https (rather than http) to show this security feature is in use.
12. Protecting your children online
We believe it is important to provide added protection for children online. We encourage parents and guardians to spend time online with their children to observe, participate in and/or monitor and guide their online activity. If, as a parent or guardian, you are concerned about any information we hold about your child, please contact us immediately (using the contact in the first paragraph) and we will use our best efforts to promptly remove such information from our records.
14. Personal or Sensitive Information for Events
15. Major and minor policy updates
We classify updates as “minor” where your privacy is not materially reduced, or where your and our obligations are not affected. For example, minor changes may include (but are not limited to):
- increasing your privacy by removing a data sharing arrangement (with a third party or service);
- adding additional privacy obligations on Grok; or
- stating Grok’s obligations under privacy regulations in different jurisdictions.
All updates (minor or major) will be noted as such in the Update Log.
16. Update Log
- 2017-09-13 [Minor] Clarified social sharing is not available for students. Removed mention of Google+ sharing. Clarified the use of Google Analytics.
- 2018-05-24 [Major] Added much more detail about what private information we store, share, and why we use it, in accordance with GDPR guidelines.
- 2021-07-09 [Major] Enable the transfer of the Platform and User Data from Grok Learning Pty Ltd to Grok Academy Limited as part of the merger process. Provided additional detail about Personal Information and Learning Data. Added a new third-party service to store and manage Support Data (Microsoft Dynamics 365).