Home > Articles > Programming > Windows Programming

Effective Use of ADO.NET: Creating a Survey Application

This chapter is from the book

In This Chapter:

  • ADO.NET Overview

  • The Survey Application

  • Extending and Modifying the Survey Application

  • Deploying the Survey Application

This chapter talks about effectively using ADO.NET. I'll spend the first part of the chapter introducing ADO.NET, mostly how it relates to the SQL Server managed provider. In the second half of the chapter, I'll walk you through a Survey application that was built using ADO.NET, and which focuses on a number of best practices along with some recommended design patterns.

Because this is an odd-numbered chapter, the featured program's (the Survey application's) source code is shown in VB.NET (VB). For the full C#.NET (C#) source code, just go to www.ASPNET-Solutions.com, follow the links to the examples for Chapter 3, and download the C# source code. (You can also download the VB.NET source code from a link on the same page.)

I have included a section toward the end of the chapter named “Extending and Modifying the Survey Application.” In this section, I talk about ways to enhance the application so that it's even more useful. I'll post any changes I make to the Survey application (including these suggestions) on the Web site. Check for them on the Chapter 3 page. The site also includes a forum for discussion about the Survey application. And if you want to send me your modifications, I'll gladly post them for other users.

ADO.NET Overview

Before you can use ADO.NET components, the appropriate namespaces must be included. The System.Data namespace always needs to be included because it contains the core database components. Next, depending on the source of your data, one of two namespaces needs to be included. For a direct SQL Server connection, the System.Data.SqlClient namespace should be used for best performance. For all other connection types, such as Access and Oracle, the System.Data.OleDb namespace is required. (An Oracle provider is now available at http://msdn.microsoft.com/downloads/default.asp?url=/downloads/sample.asp?url=/msdn-files/027/001/940/msdncompositedoc.xml.)

The SqlClient data provider is fast. It's faster than the Oracle provider, and faster than accessing a database via the OleDb layer. It's faster because it accesses the native library (which automatically gives you better performance), and it was written with lots of help from the SQL Server team (who helped with the optimizations).

Managed Providers

Managed providers are a central part of the ADO.NET framework. Managed providers enable you to write language-independent components that can be called from C# and VB. Currently, managed providers come in two types: one for direct access to Microsoft SQL Server 7.0 and higher, and one for accessing data via an OLE DB layer. Both types use similar naming conventions, with the only difference being their prefixes.

The managed provider classes include Connection (SqlConnection class), Command (SqlCommand class), DataReader (SqlDataReader class), and DataAdapter (SqlDataAdapter class). The first two classes provide the same functionality that was found in ADO: creating a connection to a data source and then executing a command. A data reader has a close resemblance to a read-only, forward-only recordset that is very optimized. Last, the DataAdapter allows for the retrieval and saving of data between a DataSet and the data source. The DataSet is covered in Chapter 4.

Connection

To create a database connection, you need to include the appropriate namespaces in your application. This requires the data provider to be known, so either a SqlClient or OleDb namespace connection can be included for the best performance. The following code samples (Listings 3.1 and 3.2) show how both SqlClient and OleDb connections are made in C# and VB.

Listing 3.1 Using the SqlConnection Object

C#

SqlConnection myConnection  =
      new SqlConnection( "server=localhost;uid=sa;pwd=;database=pubs" );
myConnection.Open();
// Do Something with myConnection.
myConnection.Close();

VB

Dim myConnection As New SqlConnection("server=localhost;uid=sa;pwd=;database=pubs")
myConnection.Open()
' Do something with myConnection.
myConnection.Close()

Listing 3.2 Using the OleDbConnection Object

C#

OleDbConnection myConnection =
  new OleDbConnection("Provider=SQLOLEDB.1;" +
    "Data Source=localhost;uid=sa;pwd=;Initial Catalog=pubs" );
myConnection.Open();
// Do something the myConnection.
myConnection.Close();

VB

Dim myConnection As New _
    OleDbConnection("Provider=SQLOLEDB.1;Data " + _
    "Source=localhost;uid=sa;pwd=;Initial Catalog=pubs")
myConnection.Open()
' Do something the myConnection.
myConnection.Close()

Note

RECOMMENDED PRACTICE: The above connection strings are hard-coded into the source code. If at any time you need to change the connect strings (such as when the database server changes), you'll need to change the connection strings. If the connection strings are scattered all over the code, changing them will be difficult, and there's a chance you'll miss one.

The usual recommended practice is to store the connection string in the Web.config file that I discuss in detail in Chapter 7 in the section entitled “Retrieving the Database Connection String from Web.config.” For this application, though, I use an application variable and initialize it in the Global. asax file. I chose to do it this way to give you an example of another way to store a connection string. The following code shows how to initialize an application variable in a Global.asax file:

protected void Application_Start(Object sender,
    EventArgs e)
{
    Application["DBConnectionString"] =
      "server=localhost;uid=sa;pwd=;database=Survey";
}

Sub Application_Start(ByVal sender As Object, _
    ByVal e As EventArgs)
    Application("DBConnectionString") = _
       "server=localhost;uid=sa;pwd=;database=Survey"
End Sub

C#

VB

Both managed provider connection strings look similar. In fact, the OleDb connection string is exactly the same as its predecessor in ADO, which should be obvious if you are familiar with programming in ADO. Now look at the differences. The SQL Server managed provider uses the private protocol called tabular data stream that is designed to work with SQL Server 7.0 and later. It does not use OLE DB, ADO, or ODBC. You can use an OleDb connection to SQL Server, but if you do, you will see performance degradation. The SQL Server connection also supports a variety of connection string keywords. Table 3.1 shows the OLE DB providers that are available in ADO.NET.

Command

The Command object allows direct interaction with the data through the database connection. The example shown in Listing 3.3 returns all rows from the Publishers table in Microsoft's Pubs database and loads them into a SqlDataReader using the Command object's ExecuteReader() method. The SqlDataReader enables the information to be accessed and processed accordingly.

Table 3.1. OLE DB Providers

Driver

Provider

SQLOLEDB

SQL OLE DB Provider (for SQL Server 6.5 and earlier)

MSDAORA

Oracle OLE DB Provider

JOLT

Jet OLE DB Provider

Listing 3.3 Using the Command Object

C#

SqlConnection myConnection  =
new SqlConnection( "server=localhost;uid=sa;pwd=;database=pubs" );
SqlCommand myCommand = new SqlCommand( "SELECT * FROM Publishers", myConnection );

myConnection.Open();
myReader = myCommand.ExecuteReader();

while( myReader.Read() )
{
  // Do something with the data.
}

myReader.Close();
myConnection.Close();

VB

Dim myConnection as new SqlConnection("server=localhost;uid=sa;pwd=;database=pubs")
Dim myCommand as new _
  SqlCommand("SELECT * FROM Publishers", myConnection)

myConnection.Open()
myReader = myCommand.ExecuteReader()

While myReader.Read()
  // Do something with the data.
End While

myReader.Close()
myConnection.Close()

In the example, the System.Data and System.Data.SqlClient namespaces must be included to get the correct SQL methods. Next, a SqlConnection is created to the Pubs database. A SQL SELECT statement and the reference to the Connection object are passed as SqlCommand parameters. The last declaration is a SqlDataReader that allows processing of the data fetched from the database. Finally, the connection and SqlDataReader are closed.

The example shown uses the SQL managed provider. However, if a connection to another database is required and the connection is using the OLE DB provider, then simply change the SQL command references to OleDb commands, and the remaining code will be the same.

Note

RECOMMENDED PRACTICE: Garbage collection is non-deterministic. For this reason, you should always close ADO.NET objects, such as theSqlDataReader.

The best way to do that is in the finally block of a try/catch/finally construct, as follows:

// Declare objects here.
try
{
  // Open objects and use them here.
}
catch
{
}
finally
{
  // If objects are open here, close them.
}

DataReader

The DataReader object provides an easy and efficient way to parse a series of records, or even one record. The DataReader object behaves as a read-only, forward-only stream returned from the database, and only one record at a time is ever in memory. However, the DataReader object is not intended to handle large, complex relationships between tables and records, nor does it have the capability to pass data back to a database—a responsibility best left to the DataSet and DataRelation objects. In the previous example, the SqlDataReader was used to contain the data returned from the server. In this example, shown in Listing 3.4, I've expanded the code to display all the data from the Authors table.

Listing 3.4 Displaying Data from the Authors Table

C#

SqlConnectiion myConnection = new SqlConnection("server=localhost;
graphics/ccc.gif uid=sa;pwd=;database=pubs" );
   SqlCommand myCommand = null;
   SqlDataReader myReader = null;
   SqlDataReader myReader = null;
   
   try
   {
   myConnection.Open();
   myReader = myCommand.ExecuteReader();
   myCommand =  new SqlCommand( "SELECT * FROM Authors ",
   myConnection );
   
   Response.Write( "<table border=1>" );
   while( myReader.Read() )
   {
   Response.Write("<tr>");
   for( int i=0; i<myReader.FieldCount; i++ )
   {
   Response.Write( "<td>" + myReader[i].ToString() + "</td>" );
   Response.Write( "</tr>" );
   }
   }
   Response.Write( "</table>" );
   }
   catch
   {
   }
   finally
   {
   
   if ( myReader != null )
   {
   myReader.Close();
   }
   if( myConnection.State == ConnectionState.Open )
   {
   myConnection.Close();
   }
   }
   }
   

VB

Dim myConnection as new _
  SqlConnection("server=localhost;uid=sa;pwd=;database=pubs" )
Dim myCommand as new _
  SqlCommand( "SELECT * FROM Authors ", myConnection )
Dim myReader As SqlDataReader = nothing

Try
  myConnection.Open()
  MyReader = myCommand.ExecuteReader()

  Response.Write( "<table border=1>" )
  While myReader.Read()
    Response.Write("<tr>")
    Dim i as Integer
    For i=0 To MyReader.FieldCount-1
      Response.Write( "<td>" + myReader(i).ToString() + "</td>" )
      Response.Write( "</tr>" )
    Next
  End While
  Response.Write( "</table>" )
Catch
Finally
  If myReader <> nothing Then    myReader.Close()
  End If
  If myConnection.State = ConnectionState.Open Then
    myConnection.Close()
  End If
End Try

The output of this example can be seen in Figure 3.1, which creates an HTML table for displaying the data. From the code, you will first notice the MoveNext() method is not part of the while loop for the SqlDataReader. The SqlDataReader's Read() method automatically advances the cursor and initially sets the cursor to the beginning of the data. To create the table dynamically, we use the FieldCount property of the DataReader to determine the number of columns, which allows sequencing through each column to get its value. Once all the data has been parsed, the Read() method will return a null. An alternate method to use to check for more data is the HasMoreResults property. This method is useful if you need to check for more records within a loop condition without advancing the record pointer.

03fig01.jpgFigure 3.1. An HTML Representation of the Authors Table

Note

CAUTION: One of the most common errors my students make is using a data reader when they're looking only for a single record. They almost always try to retrieve data from the DataReader before they call the Read() method. Remember: You must call the Read() method before you get any data from a DataReader.

The DataReader also contains a variety of Get methods that enable you to access field values, such as GetInt(), GetDouble(), GetInt32(), and GetString(), in native formats. To determine which one to use, the GetFieldType property can be called to get the appropriate column type. Then the correct Get method can be called to fetch the column data in its native format. To see the property type of each column, I could add the following code to my write statement:

myReader[i].GetFieldType.ToString();

Figure 3.2 shows the column-type name added to the output of the previous example by using the added statement.

03fig02.jpgFigure 3.2. An HTML Representation of the Authors Table with Column Data Types Shown

The DataReader (unlike classic ADO) does not use the MoveFirst(), MoveNext(), and MoveLast() commands, or the EOF property. The initial call to the DataReader object's Read() command positions the record cursor at the beginning of the data and advances it after each subsequent call until all the data is processed. After all the data is processed, the Read() method returns a Boolean value. Moving the cursor back to the beginning is not permitted—remember, the DataReader is forward only. The DataSet object now provides bi-directional movement through the data.

Parameter Binding with SQL Commands

Another feature of the SqlCommand object is its ability to easily bind parameter data for SQL statements and stored procedures. Each parameter has four key pieces of information: the name, the type, its data size, and the direction of the parameter.

For the SQL Server Managed provider, the parameter construction uses actual names of the parameters, just like regular T-SQL syntax uses. For example, the following code contains a single ID parameter that is passed to the SELECT command:

SELECT * FROM Authors WHERE au_id=@ID

To return values, I need to add parameters to the SELECT statement:

SELECT @Fname=au_fname, @Lname=au_lname FROM Authors WHERE au_id=@ID

Now I have one input and two output parameters. The code to bind the parameters to the SELECT command starts with a standard SQL connection, followed by the SQL SELECT statement, and finally a set of parameter bindings. The following code illustrates how the binding process works:

SqlConnection myConnection =
new SqlConnection( "server=localhost;uid=sa;pwd=;database=pubs" );
SqlCommand myCommand =
  new SqlCommand(
    "SELECT @Fname=au_fname, @Lname=au_lname_FROM " +
    "Authors WHERE au_id=@ID", myConnection );

myCommand.Parameters.Add( "@ID", SqlDbType.VarChar, 11 );
myCommand.Parameters["@ID"].Direction = ParameterDirection.Input;
myCommand.Parameters["@ID"].Value = "172-32-1176";

myCommand.Parameters.Add( "@Fname", SqlDbType.VarChar, 20 );
myCommand.Parameters["@Fname"].Direction = ParameterDirection.Output;

myCommand.Parameters.Add( "@Lname", SqlDbType.VarChar, 40 );
myCommand.Parameters["@Lname"].Direction = ParameterDirection.Output;

myConnection.Open();
myCommand.Execute();
Response.Write( "First Name " + myCommand.Parameters["@Fname"].Value. ToString() + "<br>" );
Response.Write( "Last Name " + myCommand.Parameters["@Lname"].Value. ToString() );
myConnection.Close();

Dim myConnection as new _
  SqlConnection( "server=localhost;uid=sa;pwd=;database=pubs" )
Dim myCommand as New _
  SqlCommand( "SELECT @Fname=au_fname, @Lname=au_lname FROM " + _
    "Authors WHERE au_id=@ID", myConnection )

myCommand.Parameters.Add( "@ID", SqlDbType.VarChar, 11 )
myCommand.Parameters("@ID").Direction = ParameterDirection.Input
myCommand.Parameters("@ID").Value = "172-32-1176"

myCommand.Parameters.Add( "@Fname", SqlDbType.VarChar, 20 )
myCommand.Parameters("@Fname").Direction = ParameterDirection.Output

myCommand.Parameters.Add( "@Lname", SqlDbType.VarChar, 40 )
myCommand.Parameters("@Lname").Direction = ParameterDirection.Output

myConnection.Open()
myCommand.Execute()
Response.Write( "First Name " + _
  myCommand.Parameters("@Fname").Value.ToString() + "<br>" )
Response.Write( "Last Name " + _
  myCommand.Parameters("@Lname").Value.ToString() )
myConnection.Close()

C#

VB

Notice in the example that the names of the parameters must match the names declared in the SQL SELECT statement. Otherwise, the parameters do not match up correctly. The data types are standard SQL types.

Note

RECOMMENDED PRACTICE: If your query will return only a single record (rowset), then using a SqlDataReader object into which the data will be retrieved is unnecessary overhead. Using bound parameters instead will cause your code to execute faster.

Note

NOTE: In the examples I use in this book in which parameters are added to a SqlCommand, I access the parameters by name. For instance, I might call a parameter @ID or @Name. You can alternatively use ordinals, which are zero-based numbers that identify a particular parameter from the collection. Using ordinals as opposed to names will give you a performance boost because a name lookup isn't performed during parameter access. I have been down this road, though, too many times to advise you to use ordinals. I have seen my students get into too many situations in which the ordinals got mixed up, and they ended up using the wrong ones. Consider this choice carefully. If performance is important, use ordinals; otherwise, keep with names.

The size value is necessary only for fields that contain an actual size. For values such as numeric, this value can be omitted. Finally, the direction value indicates how the parameter will be used. Table 3.2 shows the four different direction values.

Stored Procedures and Parameter Binding

Calling stored procedures and binding parameter data work much like the SQL EXEC statement. This section shows how to call stored procedures, pass parameters in and out, and return the exit value of the stored procedure. I will create a stored procedure, pass values in and out of the procedure, and access the stored procedure's return value.

First, I have to create a stored procedure that does all this. For this example I'll take the SELECT statement used in the “Parameter Binding with SQL Commands” section and create a stored procedure in the Microsoft SQL Server Pubs database, as shown below.

Create Procedure sp_GetAuthor
    @ID varchar(11),
    @Fname varchar(20) output,
    @Lname varchar(40) output

Table 3.2. Direction Values for Parameterized Queries

Direction

Description

Input

The parameter is an input parameter.

InputOutput

The parameter is capable of both input and output.

Output

The parameter is an output parameter.

ReturnValue

The parameter represents a return value.

AS
    SELECT @Fname = NULL
    SELECT @LName = NULL
    SELECT @Fname=au_fname, @Lname=au_lname FROM authors WHERE au_id=@ID
    if(@Fname IS NULL)
      return -100
    else
      return 0

To illustrate the return value parameter, I have included an error condition in the stored procedure. When the SELECT statement fails, a –100 is returned after the procedure checks the @Fname value for null. The initialization of the two output parameters is a precaution in the event a value is passed.

Note

RECOMMENDED PRACTICE: Use nVarChar whenever possible. It looks like this may not make sense for the Pubs database, but nVarChar is better in most cases. Essentially, using NVarChar makes internationalization much easier and is inexpensive to do up front.

If you don't use nVarChar whenever you can, then you must have custom installations of SQL Server that use a different alphabet for each language you need to support. I've seen successful sales or company growth turn this simple mistake into something very expensive.

The SQL Server parameter binding works exactly the same as the SQL command statement. The only parameter addition is the binding to reference the stored procedure's return value.

SqlConnection myConnection =
      new SqlConnection( "server=localhost;uid=sa;pwd=;database=pubs" );
SqlCommand myCommand =
  new SqlCommand("sp_GetAuthor", myConnection );
myCommand.CommandType = CommandType.StoredProcedure;

myCommand.Parameters.Add( "@ID", SqlDbType.VarChar, 11 );
myCommand.Parameters["@ID"].Direction = ParameterDirection.Input;
myCommand.Parameters["@ID"].Value = List1.SelectedItem.Text;

myCommand.Parameters.Add( "@Fname", SqlDbType.VarChar, 20 );
myCommand.Parameters["@Fname"].Direction = ParameterDirection.Output;

myCommand.Parameters.Add( "@Lname", SqlDataType.VarChar, 40 );
myCommand.Parameters["@Lname"].Direction = ParameterDirection.Output;

myCommand.Parameters.Add( "RETURN_VALUE", SqlDbType.Int );
myCommand.Parameters["RETURN_VALUE"].Direction = ParameterDirection.ReturnValue;

myConnection.Open();
myCommand.ExecuteNonQuery();

string strFirstName = myCommand.Parameters["@Fname"].Value.ToString();
string strLastName = myCommand.Parameters["@Lname"].Value.ToString();
strError = myCommand.Parameters["RETURN_VALUE"].Value.ToString();

myConnection.Close();

Dim myConnection as _
 new SqlConnection( "server=localhost;uid=sa;pwd=;database=pubs" )
Dim myCommand as new SqlCommand("sp_GetAuthor", myConnection )
myCommand.CommandType = CommandType.StoredProcedure

myCommand.Parameters.Add( "@ID", SqlDbType.VarChar, 11 )
myCommand.Parameters("@ID").Direction = ParameterDirection.Input
myCommand.Parameters("@ID").Value = List1.SelectedItem.Text

myCommand.Parameters.Add( "@Fname", SqlDbType.VarChar, 20 )
myCommand.Parameters("@Fname").Direction = ParameterDirection.Output

myCommand.Parameters.Add( "@Lname", SqlDataType.VarChar, 40 )
myCommand.Parameters("@Lname").Direction = _
  ParameterDirection.Output

myCommand.Parameters.Add( "RETURN_VALUE", SqlDbType.Int )
myCommand.Parameters("RETURN_VALUE").Direction = ParameterDirection. ReturnValue

myConnection.Open()
myCommand.ExecuteNonQuery()

string strFirstName = myCommand.Parameters("@Fname").Value.ToString()
string strLastName = myCommand.Parameters("@Lname").Value.ToString()
strError = myCommand.Parameters("RETURN_VALUE").Value.ToString()

myConnection.Close()

C#

VB

Note

RECOMMENDED PRACTICE: Stored procedures are almost always preferred over ad hoc queries in your code. The following list summarizes the reasons:

  • Stored procedures execute faster than ad hoc SQL because SQL Server has already compiled the procedures and created a plan.

  • Stored procedures give you a single place to make changes or fix bugs when queries need changes.

  • Stored procedures offer an abstraction to the application code under circumstances in which data access is separated from code.

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.

Overview


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information


To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.

Surveys

Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.

Newsletters

If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information


Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.

Security


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.

Children


This site is not directed to children under the age of 13.

Marketing


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information


If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.

Choice/Opt-out


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information


Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents


California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure


Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.

Links


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact


Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice


We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020