Privacy Policy

By koder.com Legal Team
Published 5 months ago

We at koderAI Corp. (“koderAI,” "koder.com", “we,” “us,” or “our”) respect your privacy and are committed to keeping information we obtain from you or about you secure.

We follow strict U.S. privacy requirements (including the California Consumer Privacy Act and California Privacy Rights Act — CCPA/CPRA) and incorporate privacy by design into everything we build.

This Privacy Policy explains how we collect, use, share, and safeguard your personal information when you use our website koder.com, platform, and related Services.

1. Scope

This Privacy Policy applies to personal information collected by koderAI Corp. from individuals located in the United States who use our website, platform, or related Services.

It does not apply to non-U.S. residents, employees, contractors, or business-to-business contacts unless otherwise specified.

2. Notice at Collection (California CPRA)

At or before the time we collect personal information, we will notify you of:

  • Categories of data collected

  • Purposes of collection and processing

  • Your privacy rights under the CCPA/CPRA

  • A link to “Do Not Sell or Share My Personal Information,” where applicable

This notice appears during account creation, app/agent setup, and other relevant in-product flows.

We do not collect new categories of personal information without providing an updated notice. See Section 9 (“Your U.S. Privacy Rights”) for how to exercise your rights.

3. Personal Information We Collect

We collect personal information (“Personal Information”) that identifies, relates to, or could reasonably be associated with you, including:

  • Identifiers — Name, email, username, mailing address, phone number.

  • Device Data — IP address, device ID, operating system, browser type/version.

  • Account & Billing — Payment information (processed via PCI-compliant third-party providers). koderAI does not store or directly process credit or debit card numbers; all payments are handled by secure processors._

  • Project & Agent Data — Code, files, datasets, prompts, and configurations you create or upload.

  • Usage Data — Logs, performance metrics, deployment statistics.

  • Communications — Support tickets, feedback forms, in-platform chat logs, and email correspondence.

  • Integration Data — Minimal data from services (e.g., GitHub, Google Drive) you connect, with your consent.

We do not knowingly collect sensitive personal information (as defined under the CPRA) unless required by law and with explicit notice.

4. How We Collect Data

  • Directly from you — through sign-ups, billing, or project uploads.

  • Automatically — via cookies, telemetry logs, and device/browser data.

  • From partners — through integrations or fraud-prevention tools.

  • From public sources — only with your consent for product improvement or research purposes.

5. How We Use Personal Information

We use your information to:

  • Deliver, maintain, and operate our Services.

  • Personalize and improve your user experience.

  • Secure the platform and prevent misuse or fraud.

  • Analyze aggregated usage trends to enhance functionality.

  • Communicate updates, legal notices, or marketing (with opt-out options).

  • Comply with U.S. legal, tax, and regulatory obligations.

We may also use aggregated, de-identified data for research, optimization, and analytics in ways that do not identify any individual user.

6. Sharing and Disclosure

We do not sell or share your personal information for cross-context behavioral advertising.

We may disclose limited data to:

  • Vendors/Service Providers — payment processors, cloud hosts, analytics partners.

  • Legal Authorities — when required by law or valid process.

  • Business Transfers — in the event of a merger, acquisition, or reorganization.

All third-party processors are contractually bound to handle personal data in accordance with this Policy and applicable law.

If future data sharing expands beyond what is described, we will provide prior notice and an opt-out option.

7. Cookies and Tracking

We use:

  • Essential cookies — required for security and core site functionality.

  • Analytics cookies — used to measure usage and improve product performance.

  • Preference cookies — store settings such as language or theme.

You may manage cookies through your browser settings.

We do not currently respond to “Do Not Track” (DNT) signals due to the absence of a uniform standard, but you can restrict non-essential cookies at any time.

8. Data Retention

We retain information only as long as necessary for service delivery, compliance, or dispute resolution.

  • Account data is deleted within 30 days of closure (backups retained up to 90 days).

  • Project and agent data may remain for up to 60 days post-deletion unless you request earlier removal.

  • Aggregated, anonymized data may be retained for legitimate business or research purposes.

9. Your U.S. Privacy Rights

Under the CCPA/CPRA (California) and similar state laws, you may have the right to:

  • Know what data we collect and how it’s used.

  • Request deletion or correction of your data.

  • Access and export your data.

  • Opt out of certain uses or sharing of your data.

To exercise any rights, email legal@koder.com with your request.

We may verify your identity before processing.

Authorized agents may act on your behalf with valid written permission.

10. Data Security

We protect your information using:

  • TLS 1.3 encryption in transit.

  • AES-256 encryption at rest.

  • Role-based access controls and principle-of-least-privilege systems.

  • Sandboxed AI environments operated within user-defined boundaries.

  • SOC 2 and ISO 27001-compliant infrastructure through our hosting partners.

While no system is perfectly secure, we promptly notify affected users of any data breach in accordance with applicable U.S. state laws.

11. Children’s Privacy

Our Services are not directed to children under 13 years of age (per U.S. COPPA).

We do not knowingly collect information from such users.

If we discover that information from a child under 13 has been collected, we will delete it immediately.

12. Billing and Cancellation Policy

You may upgrade, downgrade, or cancel your paid subscription at any time in your account settings.

Cancellations take effect at the end of the current billing cycle, and your access continues until that time.

No refunds are issued for unused time or partial billing periods, except where required by law.

Billing and payment data are processed securely by third-party payment providers and are not stored directly by koderAI.

13. State-Specific Disclosures

We extend the privacy rights outlined above to all U.S. users, including residents of:

  • California (CCPA/CPRA)

  • Virginia (VCDPA)

  • Colorado (CPA)

  • Connecticut (CTDPA)

  • Utah (UCPA)

  • Oregon (OCPA)

  • Texas — effective July 1, 2025, under the Texas Data Privacy and Security Act (TDPSA)

Requests may be submitted via legal@koder.com. We will respond within 45 days or as otherwise required by state law.

14. Changes to This Policy

We may update this Privacy Policy periodically for legal, technical, or operational reasons.

You will be notified via email or in-product notice at least 30 days prior to any material change.

The “Updated” date at the top reflects the most recent version.

15. Contact Us

koderAI Corp.
14271 Jeffrey Rd #105 Irvine, CA 92620
Email: legal@koder.com