Privacy Policy

Last updated: May 26, 2026

ComputerScienceHomeworkHelp.com is operated by WitNip Inc, a Delaware-incorporated company. This page describes what personal data we collect, why we collect it, who else processes it, how long we keep it, and the rights you have over it.

Data Controller

The data controller for personal information collected through this service is WitNip Inc, 600 N Broad Street, Middletown, Delaware 19709, United States. For privacy questions, contact [email protected] with subject line "Privacy".

1. Information We Collect

We collect four categories of data, each tied to a specific service function:

  • Submission data: the assignment brief, attached source files, rubric, deadline, and any code or coursework you upload through the contact or upload form.
  • Contact data: email address (required for delivery), optional name, optional university and course code (whatever your institution uses), optional WhatsApp or Telegram handle if you provide one.
  • Technical data: IP address, browser type and version, device class, referring URL, pages viewed, and request timestamps. Captured for security, debugging, and aggregate analytics only.
  • Inferred data: the language of your submission (Java, Python, C++, C, JavaScript, Assembly, or other), the topic class (data structures, algorithms, operating systems, databases, networks, AI/ML, etc.), and an internal difficulty estimate. Inferred locally to route the assignment to a matching expert.

We do not solicit special-category data as defined by GDPR Article 9. If your submission file contains sensitive personal data about you or a third party, you are responsible for redacting it before upload.

2. Legal Basis for Processing

Each processing purpose maps to one of the lawful bases set out in GDPR Article 6(1):

  • Performance of a contract (Art. 6(1)(b)): to deliver the homework help you ordered, assign an expert, exchange revisions, and process payment.
  • Legitimate interest (Art. 6(1)(f)): to prevent fraud, protect our experts and other students, detect abuse, and improve the quality of our service. You may object at any time under §7.
  • Legal obligation (Art. 6(1)(c)): to retain financial records for tax and accounting compliance and to respond to lawful regulator requests.
  • Consent (Art. 6(1)(a)): for optional live-chat support and for any future marketing email (we currently send none). Withdrawable at any time.

3. How We Use Your Data

Your data drives five concrete operations:

  • Service delivery: routing the submission to a matched expert, exchanging revisions, and returning the completed solution to your email.
  • Expert assignment: matching language, topic, course, and difficulty against the verified specialization of available CS graduates.
  • Payment processing: tokenizing and forwarding payment card data to PCI-DSS-compliant processors. Card numbers never touch our servers.
  • Fraud prevention: detecting bot submissions, scraped briefs, chargeback patterns, and abusive use of the upload endpoint.
  • Service improvement: aggregating anonymized request patterns to measure turnaround time, surface bugs, and prioritize features. No individual-level profiling.

4. Anonymous Communication With Experts

A core architectural choice: the expert assigned to your submission never sees your real name, email address, university, or any other personal contact detail. Every order operates under an internal handle (for example, ByteScholar99). All messages between you and the expert pass through our operations layer. Your identity is held in the order-management system; the deliverable surface is anonymous by design.

5. Subprocessors

We use the following third parties to operate the service. Each acts as a processor under our written instructions, except where the entity is an independent controller for the data it sees (payment processors).

  • Hostinger International Ltd (Lithuania, EU): web hosting, file storage, and the Express runtime that serves this site. Data residency: EU.
  • Mailgun Technologies, Inc. (United States, EU SMTP endpoint): outbound transactional email for assignment notifications, expert handoff, and delivery confirmation. We route through Mailgun's EU SMTP gateway (smtp.eu.mailgun.org), so message bodies land first in EU infrastructure. Cross-border transfer basis: Standard Contractual Clauses and the EU-US Data Privacy Framework where applicable.
  • Cloudflare, Inc. (United States): DDoS protection, edge caching, and CDN. Cloudflare sees the IP address, user agent, and request path of every visit and sets two technical cookies (cf_clearance, __cf_bm) for bot detection. Cross-border transfer basis: Standard Contractual Clauses.
  • JivoChat (Jivosite Ltd) (British Virgin Islands registration, EU and Russian processing): live-chat widget. Loads on every page; sets first-party and third-party cookies for session continuity, chat history, and visitor identification. Cross-border transfer basis: your explicit interaction with the widget.
  • Sentry (Functional Software, Inc.) (United States): server-side error and performance tracking. Captures stack traces, request paths, and a session cookie for error correlation. No assignment content is transmitted to Sentry.
  • Plausible Analytics (Germany, EU): privacy-focused page-view analytics. Cookie-free, IP-anonymized, no personal data collected. Data residency: EU.
  • WitNip Inc shared operations: your inquiry may be handled by team members supporting other properties under the same WitNip Inc legal entity. No third party outside WitNip Inc sees your data.

We do not sell your data. We do not rent your data. We do not share it with advertising networks. We run no behavioural advertising cookies.

6. Cross-Border Data Transfers

Your data may transit the European Economic Area, the United Kingdom, the United States, the British Virgin Islands, and the Russian Federation through the subprocessors listed in §5. For every transfer outside the EEA or UK, we rely on one of three lawful mechanisms: the European Commission's Standard Contractual Clauses (SCCs), the EU-US Data Privacy Framework where the recipient is certified, or your explicit consent in the case of the JivoChat live-chat widget. Copies of the relevant SCCs are available on request.

7. Data Retention

Each data category has a fixed retention window:

  • Submission files (assignment briefs, source uploads): automatically purged 30 days after delivery from our operational storage and from the Mailgun mail relay where they transit. No portfolio retention without your separate written consent.
  • Email correspondence: 2 years from the last message, then archival deletion. Earlier deletion on request.
  • Transaction records: 7 years from the order date for tax and accounting compliance under Delaware and US federal law. Minimum required by law only.
  • Server logs: 30 days, then aggregated and stripped of IP addresses.
  • Consent records: lifetime of the underlying consent plus 1 year, retained as defensive evidence under GDPR Art. 7(1).
  • Chat transcripts (JivoChat): 12 months from the end of the conversation, then deletion. Earlier deletion on request to both us and Jivosite Ltd.

8. Your Rights

Depending on your jurisdiction, you hold some or all of the rights set out in GDPR Articles 15 to 22 and the comparable US state and Canadian privacy laws:

  • Access: request a copy of the personal data we hold about you.
  • Rectification: ask us to correct inaccurate or incomplete data.
  • Erasure: ask us to delete data we no longer need, subject to legal retention duties (Art. 17).
  • Restriction: ask us to pause processing while a dispute is resolved (Art. 18).
  • Portability: receive your data in a structured, machine-readable format (Art. 20).
  • Objection: object to processing based on legitimate interest (Art. 21).
  • Automated decisions: opt out of solely automated decisions producing legal effects (Art. 22). We do not make such decisions today.
  • Withdraw consent: withdraw any consent at any time. Prior lawful processing is unaffected.
  • Complaint: lodge a complaint with your local supervisory authority (UK ICO, French CNIL, Irish DPC, German BfDI, or the California Attorney General).

US state residents also hold rights under the California Consumer Privacy Act (Title 1.81.5 of the California Civil Code), the Virginia Consumer Data Protection Act, the Colorado Privacy Act, the Connecticut Data Privacy Act, the Texas Data Privacy and Security Act, and the equivalent statutes of Utah, Oregon, Montana, Iowa, Tennessee, Indiana, Delaware, New Jersey, New Hampshire, and Kentucky. Canadian residents are covered by PIPEDA.

9. How to Exercise Your Rights

Email [email protected] with subject line "Privacy, Data Subject Request" and a brief description of which right you are exercising. We respond within 30 days (45 days for CCPA and CPRA requests where the volume justifies the longer window, with notice). There is no fee. We may ask for identity verification before releasing data; the verification step is proportionate to the sensitivity of the request.

10. Children's Privacy

ComputerScienceHomeworkHelp.com is intended for university-age learners. We do not knowingly accept submissions from children under 13 (COPPA threshold) anywhere, and we require parental authorization for users under 16 in the European Economic Area (GDPR Article 8 default). The submission form asks you to attest that you meet the age threshold for your jurisdiction. If we learn that we have collected data from a child below these thresholds, we delete it and notify the parent or guardian where contact information exists.

11. Data Security

TLS 1.3 protects every connection to the site (HSTS preloaded). Server-side secrets are stored as encrypted environment variables on Hostinger's panel and are never committed to our git repository. Submission files transit Mailgun's EU SMTP relay over authenticated SMTP. Operational access is restricted to named WitNip Inc personnel and audit-logged. Payment card data is handled exclusively by PCI-DSS Level 1 certified processors; we never see the full card number. We make commercially reasonable security efforts and do not guarantee absolute security.

12. Data Breach Notification

If a personal data breach occurs that creates a likely risk to your rights and freedoms, we notify the lead supervisory authority within 72 hours of becoming aware, as required by GDPR Articles 33 and 34. We notify affected individuals without undue delay where the risk is high. The notification names the breach, the categories and approximate volume of data affected, the likely consequences, and the remediation actions in progress.

13. Cookies and Third-Party Services

This site uses cookies and third-party services for limited purposes:

  • JivoChat: a live chat widget (Belize-registered Jivosite Ltd.) loads on every page and may set first-party and third-party cookies for session management, chat history, and visitor identification. Data is processed in the European Union and Russia.
  • Plausible Analytics: a privacy-focused, cookie-free analytics service. No cookies set; no personal data collected.
  • Sentry: error tracking. May set a session cookie for error correlation. Data is processed in the United States.
  • Cloudflare: CDN service. Sets technical cookies for security and performance (cf_clearance, __cf_bm).

We do not use cookies for cross-site advertising. We do not sell or share visitor data with advertising networks.

To block JivoChat or other third-party services, use browser-level controls or extensions such as uBlock Origin.

14. California Privacy Rights (CCPA and CPRA)

California residents hold the rights to know, delete, correct, and limit the use of sensitive personal information under the California Consumer Privacy Act as amended by the California Privacy Rights Act. We do not sell or share personal information for cross-context behavioural advertising, so we do not display a "Do Not Sell or Share My Personal Information" link; if our practices change, we will add one and notify users 30 days in advance.

We do not knowingly collect sensitive personal information categories (precise geolocation, racial or ethnic origin, religious beliefs, union membership, mail and email contents, genetic data, biometric identifiers, health information, sex life, or sexual orientation) from California residents. Email address and submission content are the only personal information categories we routinely collect, and both are used only for service delivery.

15. UK and EU Residents

Residents of the United Kingdom, the European Union, the European Economic Area, and Switzerland are protected by the General Data Protection Regulation, the UK GDPR, the UK Data Protection Act 2018, and the Swiss Federal Act on Data Protection. Your rights and our obligations are set out in §2 through §9. You may lodge a complaint with the supervisory authority of your country of residence; the UK ICO sits at ico.org.uk and the Irish Data Protection Commission (lead authority for several US tech firms operating in the EU) sits at dataprotection.ie.

16. Changes to This Policy

We update this policy when our processing changes. The "Last updated" date at the top of the page reflects the current version. Material changes (new subprocessors, new data categories, new processing purposes) are announced on the homepage for at least 30 days before they take effect.

17. Contact

Privacy contact: [email protected] (subject line: "Privacy")
General contact: contact page
Copyright complaints: DMCA notice procedure
Postal: WitNip Inc, 600 N Broad Street, Middletown, Delaware 19709, United States