Privacy policy

1. Privacy Policy

Protecting your privacy and personal data is very important to us. We therefore only use your personal data within the scope of legal regulations, in particular the General Data Protection Regulation ("GDPR"). With this privacy policy, we would like to inform you - regardless of whether you set up a free codito.io account, use our paid services, our various apps or visit our website - about the nature, scope and purposes of the collection, use and processing of your personal data by us.

2. Data administrator / Contact

The co-administrators of the data are: Fundacja AIP with its registered office in Poland, 03-901 Warszawa, Al. Ks. J. Poniatowskiego 1, entered into the Register of Entrepreneurs of the National Court Register kept by the Sąd Rejonowy dla M. St. Warszawy w Warszawie, XII Wydział Gospodarczy Krajowego Rejestru Sądowego, under KRS number 0000199402, holding NIP 5242495143 (hereinafter referred to as "Foundation" or "Administrator No. 1") and Tomasz Gemza running StartUp called SimpleDesign (hereinafter "Administrator No. 2" or "StartUp"), jointly Administrator No. 1 and Administrator No. 2 referred to as: "Co-Administrators", "we" or "us". If you have questions about how your personal data is collected, stored and used, please contact Administrator 2: contact(at)codito.io. You can also contact Administrator No. 1 via e-mail: growh(at)aip.link.

3. Scope of Data Protection

Data protection applies to personal data as defined by the GDPR, i.e. all information relating to an identified or identifiable natural person. An identifiable natural person is deemed to be a natural person who can be identified directly or indirectly, in particular by means of assignment to an identifier such as a name, an identification number, location data, an online identifier or to one or more specific attributes.

4. Free random code generator

When using our free services, you must only enter the texts you wish to upload to our servers. The uploading of these texts is necessary so that we can provide you with our services. We use the data you have entered to generate codes for you according to the settings you have chosen. The data you have entered is immediately deleted from our servers after processing and sending you a reply. During the processing stage, we use the data you have entered to create fully anonymous usage statistics for the free generator, which do not contain any personal data.

5. Automatic Collection of Data via Website Access

When you use our services, your device automatically transmits certain data for technical reasons when you access our website. The following data that you may send us will be stored:

  • Date and time of access
  • Browser type and version
  • Operating system
  • URL of the website previously visited
  • Volume of data transmitted
  • Requested domain
  • Notification of successful data retrieval
  • Search term when using a web browser
  • Full IP address
  • Diagnostic information in the event of errors

Processing is carried out in accordance with Art. 6 para. 1 sentence 1 lit. f) GDPR based on our legitimate interest in improving the stability and functionality of our website. The data is stored for purely technical reasons. Website access data is used for error analysis, ensuring system security, logging access, rate limiting and for improving our services. Based on your IP address, we also use geolocation to determine the region from which you are visiting our website. We use this information to check whether we can offer you our services in your region, which corresponds to our legitimate interests pursuant to Art. 6 para. 1 sentence 1 lit. f) GDPR. The storage of the full IP address for a maximum period of 14 days is also justified by our legitimate interest in achieving the listed purposes, Art. 6 para. 1 sentence 1 lit. f) GDPR.

Our website also uses services of Cloudflare, Inc, 101 Townsend St, San Francisco, CA 94107, USA ("Cloudflare"), which operates a so-called Content Delivery Network (CDN). To protect our website, the data transfer between your browser and our servers is routed through Cloudflare's infrastructure in order to analyze whether it is an abusive attack. As part of this analysis, your data is transmitted to Cloudflare in encrypted form, if necessary also to Cloudflare servers in the USA. However, since your requests and other customer data are encrypted between your end device and the codito.io servers, Cloudflare does not have any access to this data, but only to meta-data (such as your IP address). In addition, Cloudflare determines a so-called bot score, which is based on the analysis of the metadata of the client (browser) used. The use of Cloudflare is in our legitimate interest to secure the use of our website and to prevent and defend harmful attacks from outside, Art. 6 para. 1 sentence 1 lit. f) GDPR. We have concluded a data processing agreement with Cloudflare and Cloudflare may therefore only process the data according to our instructions and not for its own purposes. You can find more information about Cloudflare's handling of personal data here.

6. Cookies on codito.io and analysis of user behavior

6.1 Use of cookies on codito.io

We use "cookies" to provide you with a variety of features, improve your user experience and analytics. Cookies are small text files that are temporarily stored on your computer via your browser. If you do not want us to use cookies, you can change your browser settings accordingly. Please note that if you completely disable the use of cookies, the functionality and scope of the website may be impaired. For more information on the cookies we use and to manage your preferences for different types of cookies, please see our Cookies policy.

6.2 Microsoft Clarity

Our website also uses services of Microsoft Corporation, 1 Microsoft Way, Redmond, WA 98052, USA ("Microsoft"). We partner with Microsoft Clarity and Microsoft Advertising to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay to improve and market our products/services. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement. As part of this analysis, your data is transmitted to Microsoft in encrypted form, if necessary also to Microsoft servers in the USA.

6.3 Google Analytics

Our website also uses Google Analytics by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA ("Google"). We partner with Google Analytics to capture how you use and interact with our website. Website usage data is captured using first and third-party cookies and other tracking technologies to determine the popularity of products/services and online activity. Additionally, we use this information for site optimization, fraud/security purposes, and advertising. For more information about how Google collects and uses your data, visit the Google Analytics Data privacy and security statement and EU-focused data and privacy statement. As part of this analysis, your data is transmitted to Google in encrypted form. When collecting data, Google Analytics does not log or store IP addresses. Analytics drops any IP addresses that it collects from EU users before logging that data via EU domains and servers.

7. Contacting our Sales or Support Team

You can contact us via various contact forms on our website. You can also contact us directly by e-mail.

7.1. Sales and Support Requests

If you would like to send us a sales inquiry to learn more about our products and subscription plans, you can use our sales contact form. In addition to your e-mail address, you are required to provide your name and surname; all other information is optional. If you contact our support team with questions about the contract and its implementation via our contact form, it is necessary to provide a valid e-mail address so that we know who the inquiry comes from and can respond to it.

For both support and sales inquiries, including any subsequent correspondence, Art. 6 para. 1 sentence 1 letter b) GDPR serves as the legal basis for the processing of your personal data, as the processing is necessary to initiate a contract or conclude and perform our contract. Art. 6 para. 1 sentence 1 letter b) GDPR also constitutes a justification for the processing of personal data that may be included in documents sent to our technical support team. We will retain your data for the duration of our business relationship and thereafter for statutory retention periods where required. The processing of your personal data within our customer database and customer process analyzes is based on Art. 6 para. 1 sentence 1 letter f) GDPR, because it is in our legitimate interest.

7.2. Privacy Requests

You also have the option to contact contact(at)codito.io with questions or concerns regarding data protection at codito.io. We process user data in accordance with Art. 6 para. 1 sentence 1 letter a) GDPR based on voluntarily granted consent.

8. Data Security

Your connections to our website and our applications are protected using state-of-the-art encryption techniques. The level of protection also depends on what encryption your web browser and/or mobile device supports. You can tell whether a page of our website is being transmitted in encrypted form by looking at the closed key or padlock symbol in your browser's status bar. We also use appropriate technical and organizational security measures to protect your data against accidental or intentional manipulation, partial or total loss, destruction or unauthorized access by third parties. Our security measures are constantly improved in line with technological developments.

9. Your Rights

The following rights are granted by European Union directives and regulations. If you would like to exercise any of the rights below, please contact us using the email address contact(at)codito.io.

  • Right to confirmation and right of access - we will be happy to confirm whether we process any of your personal data, what data we process and for what purpose we process it.
  • The right to rectification - if any of the data we hold about you is incorrect, we will be happy to correct it.
  • Right to erasure - if you wish to have your personal data deleted, we will comply with your request to the extent legally possible.
  • The right to limit processing - if you want to limit the use of your personal data, we will comply with your request to the extent legally possible.
  • The right to withdraw consent - if you wish to withdraw consent previously provided, we will comply with your request. Withdrawal of consent does not affect the admissibility of existing data processing.

In addition, you may object to further processing of your data if we process your data based on our legitimate interest (Art. 6 para. 1 sentence 1 letter f), Art. 21 GDPR). If we process your data for direct advertising purposes, you have a general right to object. If we do not process your data for advertising purposes, your objection must be based on your particular situation.

You also have the right to lodge a complaint regarding the processing of your personal data with a supervisory authority, such as our supervisory authority for data protection, which is the Prezes Urzędu Ochrony Danych Osobowych based in Warsaw, Poland.

10. Changes to the Privacy Policy

We reserve the right to change this privacy policy. You can access the current version of the privacy policy at any time on our website.

Last updated: September 4, 2024