Privacy & cookies policy

This is the privacy and data ethics policy of the Micro:bit Educational Foundation. It defines how we deal with your information across all our products and services. Any material changes to this policy will be communicated either directly or via a banner update to the site as relevant.

Our values

Trust

We are committed to keeping your personal data safe and secure, and handling it in accordance with our legal obligations.

Simplicity

We aim to make data collection and removal as simple as possible to ensure privacy.

Partnership

We work with a range of partners who have their own privacy policies. Relevant policies are detailed here under Third-party websites.

Passion

We are passionate about making brilliant products and services. We use data to help us understand which content, products and services are most interesting and useful for our audience. We also use data to help us identify errors and test features. We also use personal data to stay in contact with our audiences.

Audiences - teachers and children

Although we have users of all ages, the BBC micro:bit and the resources provided on this website are designed for those aged between 8-14 and the educators who teach them. We consult with children and educators on a regular basis to help the Foundation design new products, as well as policies on data collection and processing.

The Foundation is based in the UK and subject to GDPR legislation from 25 May 2018. The Foundation is registered with the Information Commissioner’s Office.

Under Article 8 of GDPR legislation (and the UK Data Protection Bill) only children aged 13 or over are able provide their own consent. This age may vary in different nations.

As a responsible global organisation, we therefore request that children under the age of 13 seek consent from whoever holds parental responsibility for the child when using the Foundation services.

Cookies and analytics

Like most websites, the Micro:bit Educational Foundation uses cookies to learn how people are using microbit.org in order to improve it. As well as microbit.org the Foundation uses subdomains; i.e. platforms owned and managed by partners, which provide services such as different code editors, challenges, support and technical information and are subject to the platform’s privacy policies.

We use cookies on subdomains such as python.microbit.org and tech.microbit.org. Some of our subdomains such as makecode.microbit.org and support.microbit.org have their own policies on cookies and analytics.

The Micro:bit Educational Foundation completes a risk assessment before entering into arrangements with platform partners to ensure their policies are in line with our values and practices. Where these are managed by partners we have linked their privacy policies below.

What are cookies?

Cookies are small files that our website places on your device (computer, tablet or phone). They allow us to distinguish you from other users of our website.

Cookies contain an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored on your device by the browser. The identifier is then sent back to the server each time the browser requests a page from the server. Cookies may be either "persistent" or "session": a persistent cookie will be stored by a web browser and will remain valid until its expiry date, unless you delete it; a session cookie, on the other hand, will expire at the end of your session, which is when you close the web browser. We use both of these types of cookie on microbit.org.

What are cookies used for?

Cookies allow us to recognise and count the number of visitors, to see how people move around our website, how long they spend on it and how often they return. Knowing whether you’re visiting for the first time or you’ve been here before helps us work out which features or pages are more popular with you. This lets us improve the way our website works, for example by helping us to ensure that you can easily find what you are looking for. This also helps us create more things on our website that you want to see (and less of what you don’t want). Analytics also tell us which pages on our site were the first and last you visited, which helps us in the same way.

The analytics can tell us where in the world you are and what language you have displayed on your computer. This allows us to focus more on creating exciting content that is relevant to where you live and in your language. As we are committed to users of all backgrounds, we treat all locations the same, so you will see the same content regardless of where you are.

Our website microbit.org does not use cookies to target advertising and, aside from Google Analytics, we do not share cookies with any other third parties. Analytics give us an overview, including how many people are using our site each month, what countries they are in and when are popular times for visiting our site, and we may share this anonymous headline data with our founding members

What are IP addresses?

IP (Internet Protocol) addresses are used to identify computers and devices when they are connected. They are numbers, a bit like telephone numbers, assigned to each device on a network (such as your computer at home or in school) that allow devices to communicate with other devices on a computer network (such as printers, other computers or the internet). Your school, work, home or mobile network may also have its own unique external IP address that allows it to communicate with other computers and websites across the internet.

How we support privacy

On our main site (excluding third party subdomains) we support privacy in the following ways:

We use Google Analytics cookies on microbit.org. Google stores anonymised IP addresses on its servers in the US.
Neither the Micro:bit Educational Foundation nor Google associate your IP address with any information that can identify you personally. We don’t store personal information such as your name, age or email address in cookies.
We do not use geo-location data from your device but, as with other websites, we may be able to determine your approximate location from your IP address. See the section below on server logs.
We only share data with Google for the analytics purposes outlined in this policy.
Our Google Analytics dashboard can only be accessed by people working for, or on behalf of, the Micro:bit Educational Foundation.
We may use Google Analytics cookies on our own subdomains such as our Python editor python.microbit.org.
For more information about Google Analytics cookies see Google’s information about safeguarding your data.
Google have developed the Google Analytics opt-out browser add-on for the Google Analytics JavaScript (ga.js, analytics.js, dc.js). If you want to opt out of Google Analytics, you can download and install the add-on for your web browser here.

How long are cookies kept?

Analytics cookies are kept on your device for up to two years. See Google’s information on cookie usage for more details. You are in control of your cookies - you can delete them by following the guidance below.

On your first visit to this website you will have seen a pop-up to tell you about the purposes for which cookies are being used and the means to opt-out. Please read this cookie policy carefully for more details about the way we use cookies. Although this pop-up will not usually appear on subsequent visits you can withdraw your cookie consent at any time by changing settings in your web browser. The Information Commissioner’s Office has guidance on how to do this: https://ico.org.uk/your-data-matters/online/cookies/

Please note that if you block certain categories of cookies some functionality of our website or third party websites such as makecode.microbit.org will be reduced.

Server logs

Websites like microbit.org need web servers to process all the HTTP requests coming from browsers. Web servers make a note of every request or error in logs. A human or a computer can read these logs and determine:

Which page and feature of the website is being requested
The time and date of the request
The IP address making the request which in turn provides the country where the IP address is located
The HTTP request code and the response the web server gave (e.g 404 for an error)
The browser and build version that made the HTTP request
The operating system and version of the machine making the request

The Foundation web team may look at these internal server logs to fix errors(such as the server being slow or a page being broken). We may use these logs if we think the website is under attack.

We process the data from these logs using analytics software. This assumes that the data isn’t being faked. The software processes the data, essentially counting up all the types of requests. The processed data allows the Foundation to know how the website is being used(popularity of pages or browsers) and from the IP address, we can determine which country or region is making the request.

We never combine this data with any data from any other system. So we never know how you use the website with your unique data provided to the Foundation in 3rd party systems. We also do not use this data to show you content based on a location.(So a student in Edinburgh UK has the same experience as someone in San Paulo, Brazil).

We purge logs to save space and to secure the data on a regular basis.

The Python editor

The editor at python.microbit.org is hosted and maintained by the Foundation and is subject to this policy. This includes the use of server logs and Google Analytics (as stated above).

micro:bit classroom

Student code, names and related information are communicated between the teacher and students using a Micro:bit Educational Foundation Web service running in Amazon Web Services and a third-party communication service provided by Pusher. All data is transmitted securely via HTTPS. The third-party Pusher service cannot read student names or code. We do not retain the content of the messages. Whenever possible we switch to direct connections between the teacher and students (using WebRTC).

After creating or joining a classroom, a strictly necessary cookie containing a temporary identifier for your session is stored by your browser. This identifier is removed when you sign out or end the classroom session.

micro:bit CreateAI

The tool at createai.microbit.org is hosted and maintained by the Foundation and is subject to this policy. This includes the use of server logs and Google Analytics (as stated above).

The tool collects movement data samples to train machine learning models. These data samples are only stored on your computer (in browser local storage); they are not sent to or stored by the Foundation. If you save a hex file or download your data samples from the tool, then these downloads contain your movement data.

To edit code, micro:bit CreateAI embeds Microsoft MakeCode. Read the Microsoft MakeCode privacy statement and their Student Pledge.

Third party web sites

Web sites operated by a third party on our behalf may collect information about you for the purpose of providing you the service. These include:

The makecode.microbit.org editor, provided by Microsoft. Read their privacy statement and their Student Pledge.
The support.microbit.org knowledge base and support site, provided by Freshdesk collects your email address, meta data associated with your device (Operating system and browser version) and any information you provide as part of a support ticket. They also store a password if you choose to create an account. Read their privacy policy.
Content and editors hosted at microbit.co.uk, provided by the BBC. Read their privacy policy.
We use MailChimp to manage our newsletters and they use cookies. Read their privacy policy.
Our translation system, provided by Crowdin. Read their privacy policy.
Our public repositories hosted on Github. Read their privacy statement.
We use Slack as a hub for our developer community. Read their privacy policy.
We previously linked to give.microbit.org page, maintained by Kitronik(which required cookies). Please contact support if you have any questions. Kitronik privacy policy is available here.
We make use of Youtube for publishing our support videos and we use the youtube-nocookie flag to avoid tracking on the site. Use of Youtube is subject to Google's privacy policy.
We make use of Google Ads which is subject to Google's privacy policy
We collect a range of information including surveys and competition entries via Jotform. For more information read Jotform’s Privacy Policy.
We use Thinkific as a platform for our professional development courses. when you click through to the courses you will be taken to their platform Thinkific privacy policy is linked here
We use Short.io to shorten URLs their privacy policy may be found here
We may link to content provided by third parties. These links point to a different website and may open in a new tab.
We store contact information on monday.com where we have your permission to do so. Monday.com's GDPR compliance and privacy information may be found here
Where we collect your data with your consent we will share the purpose, processing and retention period of that data

Apps

Mobile and desktop applications operated by a third party on our behalf may collect information about you for the purpose of providing you the service and are subject to their respective app store policies. These include:

The iOS app, developed in partnership with Insight Resources is subject to this privacy policy and hosted in Apple's iTunes store. Read Apple's privacy policy
The Android App, is provided by The Micro:bit Educational Foundation and is subject to this privacy policy. We use Google Analytics in the Android App. This is opt in and is to understand events, such as using the app to pair a micro:bit device or when the device fails to pair, and improve services. The app is hosted in Google's Play Store, read Google's privacy policy
The Windows App, provided by Microsoft is hosted on the Microsoft App store and subject to their privacy statement and their Student Pledge

Other third parties

We occasionally work with other third parties in ways that require us to share your personal data with them. E.g. if we are conducting research to improve our services with organisations like Discovery. Wherever this is necessary, we will always ask for your consent before sharing any of your data. How third parties manage your data will be subject to their respective privacy policies.

Public platforms

The Foundation is active on a range of public platforms including GitHub, X, Facebook, Instagram, LinkedIn and Slack, and follow their privacy policies. We treat these forums as public. For example, if you say something on Twitter in a public message we might quote you on Facebook, and we might talk to you on Slack about a GitHub pull request.

We may make use of:

X Ads, which complies with X's privacy policy.
Facebook Ads (which complies with Facebook's Privacy Policy) and the Facebook Pixel. The Facebook Pixel is a bit of code that's used on some of the third-party sites we use (Mailchimp, Jotform) to help us reach the right people with our Facebook Ads and to help us know they're working. We don't use it on microbit.org at all.
LinkedIn Ads, which complies with LinkedIn's Privacy Policy.
Social Media Management platforms like Linktree (Linktree's privacy policy)

Your Personal Data

If you wish to remove your data from any of these systems, please follow their respective instructions.

For anything else, please open a support ticket

microbit.co.uk including legacy editors
Unsubscribe from all Foundation communications sent via mailchimp
Github
Please ensure to download any certificates from our CPD platform if you need them and also wish for us to delete your data

Please note further information may be found via the Information Commissioner’s Office which regulates and enforces data protection law in the UK. Details of how to raise any concerns can be found at www.ico.org.uk

You have:

the right to be informed about the personal information we hold about you, we do this via this privacy notice and ensuring a breach policy is in place to mitigate the results of a breach and inform you if a breach occurs. If you think a breach has occurred, please contact info@microbit.org and the data controller (the Head of Operations) will action this information.
the right to access (obtain a copy) of the personal information we hold about you; you may request this via our support desk
the right to have inaccurate information we hold about you rectified; through raising any corrections to us via our support desk
the right to have your data erased or to restrict processing (the right does not apply when there are lawful reasons for the continued processing of the information); also via our support desk
the right to object to your data being used for direct marketing of profiling; via contacting us on the details below
the right to personal data you have provided to us (supplied in a common electronic format) which we process automatically on the basis of your consent or the performance of a contract. Also via raising a ticket on support desk

Questions, complaints or queries

The Foundation is a small, growing organisation. We are always looking to be better. Especially when collecting and using personal information for any individual. For this reason, we take any complaints and suggestions for improvements very seriously. Please contact us: info@microbit.org