Codaro LogoCodaro
Privacy & Security

Privacy & Cookie Policy

How Codaro processes personal data under GDPR and uses cookies - categories of data, legal bases, purposes, retention, user rights, security, and cookie management.

Updated: August 31, 2025

Table of Contents

Data Controller

Company: Codaro – operated by Centrum Praskie Koneser, Plac Konesera 10, 03-736 Warszawa

Contact for data matters: info@codaro.dev

Scope

This Policy applies to:

  • Codaro website codaro.dev and its subpages
  • User accounts and SaaS dashboard
  • IDE plugins/extensions transmitting developer activity signals ("heartbeats") - see also our EULA
  • Support communications and email interactions

Data We Collect

Information You Provide

  • Account data: name, email, password hash, optional profile photo
  • Organization/team data: team name, role, permissions
  • Billing data: country, VAT ID (if applicable), billing address, payment history (handled via external payment provider)
  • Messages and attachments sent to support

Data Collected Automatically

  • IDE plugin signals (heartbeats): user/instance ID, timestamp, project/repo name, edited file/entity (path may be masked per your settings), language, lines of code, activity flags (write/debug), session metadata, optional code diffs/summaries (if enabled)
  • Analytics & logs: server logs, device identifiers, app events, cookies/trackers (details in Cookie Policy)
  • Transaction data: subscription status, renewals, invoices (via payment processor)

Purposes & Legal Bases (GDPR Art. 6)

PurposeLegal BasisExamples
Provide account & SaaS servicesArt. 6(1)(b) contractsignup, login, IDE plugin sync
System security & fraud preventionArt. 6(1)(f) legitimate interestlogs, monitoring, anti-abuse
Billing & legal obligationsArt. 6(1)(c) legal dutyinvoices, record retention
Product analytics & UX improvementsArt. 6(1)(f)feature performance, usage stats
Service communicationsArt. 6(1)(f) or Art. 6(1)(a) (consent for marketing)transactional emails, newsletters
Optional AI features/integrationsArt. 6(1)(a) consentAI summaries, GitHub/Jira links
Legal claims & defenseArt. 6(1)(f)compliance, dispute handling

You can withdraw consent anytime without affecting past lawful processing.

Data Sources

We collect data directly from you, from your devices/IDEs (if you install our plugin), and from integrations you choose (e.g. GitHub, payment provider).

Data Sharing & Transfers

  • Hosting and infrastructure: Google Cloud Platform (Cloud Run, Cloud SQL, BigQuery)
  • Payments: Stripe/other provider
  • Analytics, email, customer support, accounting services

If data is transferred outside the EEA, we rely on GDPR-compliant safeguards such as Standard Contractual Clauses (SCCs).

Security Measures

  • Transport encryption: All traffic uses SSL/TLS (HTTPS)
  • At-rest encryption: wherever possible (databases, disks)
  • Access control with least privilege
  • Logging & monitoring, backups
  • Regular updates, penetration testing
  • See more details at /security

Retention Periods

  • Account & service data: as long as the account is active + up to 6 years (for accounting/legal)
  • Logs & telemetry: 30–365 days depending on type
  • Marketing data: until consent is withdrawn or opt-out is requested
  • IDE heartbeats: per user's retention settings in dashboard (default: 12 months)

After expiry, data is anonymized or securely deleted.

Your Rights (GDPR Articles 12–22)

You have the right to:

  • Access, rectify, erase, restrict processing
  • Data portability
  • Object to processing
  • Withdraw consent at any time
  • File a complaint with your supervisory authority (e.g. in Poland: UODO)

Contact: info@codaro.dev – requests are handled within 30 days.

Children

Our services are not intended for children under 16. If you believe a child provided data, contact us to have it deleted.

Cookies & Similar Technologies

Codaro uses cookies and similar technologies on codaro.dev and related services to improve user experience, provide analytics, and ensure security. This section explains what cookies are, how we use them, and how you can control them.

What Are Cookies?

Cookies are small text files stored on your device when you visit a website. They help us recognize your browser, remember preferences, and provide secure and personalized services.

Cookies enable essential functionality like keeping you logged in, remembering your language preferences, and ensuring the security of your account.

Updates

We may update this policy from time to time. Significant changes will be announced via email or in-app notifications.

Contact

For all privacy matters: info@codaro.dev

Postal address: Centrum Praskie Koneser, Plac Konesera 10, 03-736 Warszawa

Related Resources

Learn more about how we protect your data and ensure compliance with privacy regulations.

Security

Detailed information about our security measures and practices.

Terms & EULA

Our terms and conditions and end user license agreement.

Report a Security Incident

Frequently Asked Questions

Quick answers to common privacy and data protection questions.

We value your privacy

Codaro uses cookies to improve your experience, analyze usage, and provide personalized content. You can manage your preferences anytime. For more details, see our Cookie Policy.