Privacy Policy
Last updated: June 4th, 2025
CodeDisco LTD ("we", "our", or "us") respects your privacy and is committed to protecting any personal information you share with us. This privacy policy explains how we collect, use, store, and protect your data.
1. Company Information
π Data Controller
CODEDISCO LTD, a limited company registered in London, United Kingdom
2. Data We Collect
We collect the following types of data:
π€ 2.1 Account Information
- Email address - for account creation, login, and communication
- Username - your chosen display name
- Password - encrypted and stored securely, we cannot view your actual password
- Account preferences - language, notification settings, etc.
π 2.2 Service Usage Data
- Input content - information you provide when using our services (name preferences, Bazi information, etc.)
- Generation history - your service usage records and generated content
- Interaction data - clicks, browsing patterns, and feature usage
π§ 2.3 Technical Data
- IP address - for security and geographic analysis
- Device information - browser type, operating system, device model
- Cookies and tracking technologies - see Section 9 for details
π³ 2.4 Payment Information
- Payment details - processed through third parties like Stripe, we do not directly store credit card information
- Billing address - for tax and billing purposes
- Transaction records - subscription history and payment records
3. Purposes of Data Processing
We process your data for the following purposes:
π― 3.1 Service Provision
- Create and manage your account
- Provide AI-powered SaaS services including name generation, fortune analysis, email management, and other intelligent tools
- Save your preferences and history
- Process payments and manage subscriptions
π¬ 3.2 Communication
- Send service-related notifications and updates
- Respond to your inquiries and support requests
- Send marketing information (only with your consent)
π 3.3 Improvement and Security
- Analyze service usage to improve features
- Detect and prevent fraudulent behavior
- Ensure system security and stability
- Train and improve our AI models
4. Legal Basis
Under GDPR and other applicable laws, our legal basis for processing data includes:
- π Contract performance - providing the services you request
- βοΈ Legitimate interests - service improvement, security protection, and business operations
- β
Consent - marketing communications and non-essential data processing
- π Legal obligation - compliance with tax and regulatory requirements
5. Third-Party Services
We work with the following carefully selected third-party services:
- π Google Analytics
Website usage analysis (anonymized data)
- π Vercel
Website hosting and CDN services
- π‘οΈ Cloudflare
Security protection and performance optimization
- π§ Resend
Transactional email service
- π³ Stripe
Secure payment processing
- π€ OpenAI/Anthropic
AI services (anonymized queries only)
These service providers comply with strict data protection standards. We only share minimal necessary data and ensure they process data according to our privacy standards.
6. Data Storage and Security
We employ industry-standard security measures to protect your data:
- π Encrypted transmission - all data transmission uses HTTPS/TLS encryption
- πΎ Encrypted storage - sensitive data is encrypted in our databases
- π Access control - strict limitation of employee access to data
- π½ Regular backups - automated backups ensure data security
- ποΈ Security monitoring - 24/7 system monitoring and threat detection
Data is primarily stored on servers in the EU or UK. If cross-border transfer is necessary, we ensure adequate data protection levels.
7. Data Retention Periods
We retain your data according to the following principles:
- Account data Active period + 30 days after deletion
- Usage records Up to 2 years for service improvement
- Payment records 7 years (tax law requirement)
- Log data 90 days (auto-deletion)
- Marketing data Until unsubscribe or 2 years inactivity
8. Your Rights
Under GDPR and other applicable laws, you have the following rights:
ποΈ Right of Access
You have the right to request access to the personal data we hold about you.
βοΈ Right to Rectification
You can request correction of inaccurate or incomplete personal data.
ποΈ Right to Erasure
In certain circumstances, you can request deletion of your personal data.
βΈοΈ Right to Restrict Processing
You can request restriction of our processing of your data.
π¦ Right to Data Portability
You can request your data in a machine-readable format.
π« Right to Object
You can object to processing based on legitimate interests, including marketing activities.
To exercise these rights, please email privacy@codedisco.com. We will respond to your request within 30 days.
9. Cookies and Tracking Technologies
We use the following types of cookies:
π§ 9.1 Essential Cookies
Used for basic website functionality, such as login status and security features.
π 9.2 Analytics Cookies
Google Analytics used to understand website usage (can be disabled in your browser).
βοΈ 9.3 Functional Cookies
Remember your preference settings, such as language and theme choices.
You can manage cookie preferences through your browser settings. Disabling cookies may affect website functionality.
10. Children's Privacy
β οΈ Age Restriction: Our services are intended for adults aged 18 and above. We do not knowingly collect personal information from children under 13. If we discover we have collected children's information, we will delete it immediately. If you believe we have collected children's data, please contact us.
11. International Data Transfers
We primarily process data in the UK and EU. If we need to transfer data to third countries, we ensure:
- The destination country has an adequacy decision from the European Commission, or
- Appropriate safeguards such as Standard Contractual Clauses protect the data, or
- We obtain your explicit consent
12. Privacy Policy Changes
We may update this privacy policy from time to time. Material changes will be notified 30 days in advance via email or prominent website notice. Continued use of the service indicates your acceptance of the updated policy. We recommend reviewing this policy regularly.
13. Complaints and Regulatory Contact
If you have complaints about our data processing, please contact us first. If you're unsatisfied with our response, you have the right to complain to the relevant data protection authority:
π¬π§ United Kingdom
Information Commissioner's Office (ICO)
πͺπΊ European Union
Data protection authority in your country of residence
14. Contact Us
If you have any questions about this privacy policy or data processing, please contact us:
Thank you for trusting CodeDisco! π
We are committed to protecting your privacy and providing transparent data processing services.