OpenDSA Site Privacy Policy

By creating an OpenDSA account, you confirm that you accept the conditions of this policy. The OpenDSA Project may amend this privacy statement at any time by posting the amended terms on the website; such amended terms shall become effective 30 days after being initially posted to the website.

The OpenDSA project team has created this privacy statement as part of our commitment to privacy. This page discloses the information gathering and dissemination practices for OpenDSA-approved web sites.

WARNING: Where is This Content Coming From?

Please note that OpenDSA is an open source project. This is a client-server system. Anyone can clone a copy of our software, and run either a front end content distribution that connects to an OpenDSA-approved back-end server (which should be safe for you since we would have to approve them to accept their data), or run their own server (which could pose a security risk for you). The OpenDSA project team cannot be responsible for third parties that use a copy of our software distribution, or modify our software for their own purposes. You might wish to verify that the content you see is being rendered to you from a source that you trust.

Information is Automatically Logged

OpenDSA sites routinely log all accesses made by all users. We use these data primarily for two reasons. (1) To help us improve the OpenDSA instructional materials. (2) As part of our research mission, we periodically publish in scientific venues data about instructional technology, online instructional materials, algorithm visualizations, and use of this site. Such data are always presented in aggregate form (statements such as "X% of users of the site did Y"). We will never release information about any individual, or information that might allow private information about any individual to be deduced, except as required by law.

Even for users who do not log in, this site records the IP address of users for identification information (for example, to help us relate a series of page accesses). We might record standard session information such as browser type or page referrer data - that is, information about the page that linked you to this page - to determine to what extent our page is referenced by other resources on the Web. These data may be used to preserve the integrity of our computing resources (e.g., to block access from IP addresses that abuse us).

We record all mouse events, page loads, and similar interface actions conducted on OpenDSA site pages along with their time of occurence. We record performance on OpenDSA exercises (number of attempts, successful and unsuccessful outcomes, etc.). We record this information for the following reasons:

Personal Information

When you choose to register an account, this site collects a userID and email address. You may choose to relate yourself to a given "course" or "textbook" for instructional and course credit purposes. While the ID and any associated course-related information such as an individual's scores and exercise or module completion status can be viewed by the OpenDSA research team (or in the case of third party sites using our software, the administrators of this site), OpenDSA team members will not release such data to anyone other than the instructor of that course. We never display your email address in any public fashion, and we never share your email address with any third party. We use your email address only to help identify you to the course instructor, or to provide you with notifications of new and updated site content.

Links to Other Sites

This site contains links to other site's pages. The privacy practices of other pages may vary with the purposes of the page. Consult the privacy statement on each page. Members of the OpenDSA project are not responsible for the privacy practices or the content of non-OpenDSA web sites.

Session Management and Local Storage

This site manages user sessions using information stored and managed on the server. A unique ID is used to identify your browser session. This ID is stored server-side in a Django Python variable as well as in the MySQL database backend. It is also stored on your computer in local storage in a variable which contains only this session ID. This allows us to relate the pages visited during that session. Session information is saved in our database and is regarded (and protected) as personal information. See the personal information section for more information. This site also makes use of the HTML5 local storage mechanism for storing information related to completed exercises and user interactions. This information is periodically transmitted to our servers, in accordance with the privacy restrictions described above.

Security

This site has security measures in place to protect the loss, misuse, and alteration of the information under our control. Log file access is restricted to system administrators while stored on the server. Log files are rotated regularly and archived in a secure location. User and password information is encrypted before it is transmitted across the network (all transmissions should be using the https protocol). The MySQL database is protected and accessible only by the OpenDSA system administrators.

Contact Information

If you have any questions about this privacy statement, the practices of this site, or your dealings with this site, please contact us at .