Our Commitment to You

Privacy Policy

CodeBridge LLC

Understand how CodeBridge collects, uses, and protects your personal information and data. We are committed to transparency and security.

Effective Date: July 1st, 2025

Introduction

CodeBridge is a software development agency that designs, builds, and maintains custom AI and software solutions for organizations operating in highly regulated industries, including healthcare, insurance, financial services, and the public sector. Our work combines advanced machine learning, secure cloud architecture, and rigorous engineering practices to deliver compliant, production-grade products.

We understand that you are aware of and care about your own personal privacy interests, and we take that seriously. This Privacy Policy describes CodeBridge's policies and practices regarding its collection and use of your personal data, and sets forth your privacy rights. We recognize that information privacy is an ongoing responsibility, and so we will from time to time update this Privacy Policy as we undertake new personal data practices or adopt new privacy policies.

Data Protection Officer

CodeBridge is headquartered in the United States. CodeBridge has appointed an internal data protection officer for you to contact if you have any questions or concerns about CodeBridge's personal data policies or practices. If you would like to exercise your privacy rights, please direct your query to CodeBridge's data protection officer.

Email: privacy@codebridgehq.com
Postal Address: Data Protection Officer, CodeBridge LLC, United States
Support Form: https://www.codebridgehq.com/#contact
Phone: Available upon request through email

How We Collect and Use Your Personal Information

Information We Collect

CodeBridge collects several categories of personal information about its website visitors, clients, and the end users of the solutions we build:

1. Account and Contact Information

  • Full name
  • Email address
  • Job title
  • Company/employer name
  • Work address
  • Work phone number
  • Username and password (encrypted)
  • Authentication provider identifiers

2. Project and Engagement Data

  • Project requirements, specifications, and documentation you share with us
  • Source code, datasets, and assets provided for development work
  • Communications, meeting notes, and correspondence related to engagements
  • Any data processed by solutions we build and operate on your behalf

3. Platform and Service Usage Information

  • User roles and permissions
  • Team assignments and relationships
  • Login history and authentication logs
  • Feature usage patterns
  • Analytics and reporting data
  • User preferences and settings

4. Billing and Payment Information

  • Company billing details
  • Payment method information (processed by Stripe)
  • Usage metrics for billing purposes
  • Invoice history

5. Technical Information

  • IP addresses
  • Browser type and version
  • Device information
  • Operating system
  • Pages visited and time spent
  • Referring websites
  • Log files and error reports

How We Use Your Information

We use the personal information we collect for the following purposes:

  • Service Delivery:To design, build, deliver, maintain, and improve the custom software and AI solutions we provide to our clients.
  • Authentication and Security:To verify your identity, enable secure access to your account, prevent fraud, and protect against unauthorized access.
  • Analytics and Insights:To generate metrics, understand how our services are used, and deliver business intelligence to our clients.
  • Communication:To send service-related notifications, respond to inquiries, provide support, and share important updates about our services.
  • Billing and Payments:To process payments, generate invoices, track usage, and manage engagements.
  • Product Improvement:To analyze usage patterns, understand client needs, develop new capabilities, and enhance the user experience.
  • Compliance:To comply with legal obligations, enforce our terms of service, and respond to lawful requests from authorities.
  • Marketing:To send promotional materials about our products and services (only with your consent, and you may opt out at any time).

Use of the CodeBridge Website

As is true of most other websites, CodeBridge's website (https://www.codebridgehq.com and https://app.codebridgehq.com) collects certain information automatically and stores it in log files. The information may include: Internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type and version, operating system, pages visited on our website, time and date of visits, referring website addresses, and clickstream data.

We use this information to help us design our site to better suit our users' needs, diagnose problems with our server and administer our website, analyze trends and gather broad demographic information, identify visitor preferences and improve our services, and ensure appropriate staffing to meet client needs.

CodeBridge has a legitimate interest in understanding how clients, customers, and potential customers use its website. This assists CodeBridge with providing more relevant products and services and with providing appropriate support.

Cookies and Tracking Technologies

What Are Cookies?

Cookies are small text files that are stored on your device when you visit our website. They help us recognize you, remember your preferences, and improve your experience.

Types of Cookies We Use

  • Essential Cookies:Required for the website to function properly, including authentication and security features.
  • Functional Cookies:Remember your preferences and settings.
  • Analytics Cookies:Help us understand how visitors use our website.
  • Authentication Cookies:HTTP-only cookies that store your access tokens for secure session management.

Managing Cookies

You can control and manage cookies through your browser settings. Please note that disabling essential cookies may affect the functionality of our services. To learn more about cookies and how to manage them, visit www.allaboutcookies.org.

When and How We Share Information with Third Parties

Service Providers and Sub-Processors

We engage trusted third-party service providers to help us deliver and improve our services. These providers have access to your personal information only to perform specific tasks on our behalf and are obligated to protect your data.

Service ProviderPurposeData Access
Amazon Web Services (AWS)Cloud infrastructure, database hosting, file storage, AI/ML servicesProject data, user data, metadata
StripePayment processing and billingBilling information, payment methods
Analytics ProvidersWebsite analytics and user experienceWebsite usage data
Email Delivery ProvidersTransactional email deliveryEmail addresses, notification content

When We Share Information

We do not sell personal information to anyone. We only share your information in the following circumstances:

  • With Your Consent:When you explicitly authorize us to share information.
  • Service Delivery:With service providers who perform functions on our behalf.
  • Legal Compliance:When required by law, legal process, or government request.
  • Business Transfers:In connection with a merger, acquisition, or sale of assets.
  • Protection of Rights:To enforce our agreements, protect our rights, property, or safety.
  • Aggregated Data:We may share aggregated, de-identified data that cannot be used to identify you.

Mobile Information and SMS/Text Messaging

No mobile information will be shared with third parties or affiliates for marketing or promotional purposes. All categories mentioned in this Privacy Policy exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.

If you opt in to receive SMS or text messages from CodeBridge, the mobile phone number you provide and your consent to be contacted are used solely to deliver the messages you requested (such as account notifications, service updates, security alerts, or support communications). We do not sell, rent, lease, or otherwise share your mobile opt-in information or consent with any third party, and we do not use it for third-party marketing.

How We Handle Mobile Data

  • No Sale or Sharing:Mobile opt-in data and consent are never sold, rented, or shared with third parties or affiliates for their marketing purposes.
  • Limited Service Providers:We only disclose mobile information to vetted service providers (such as our SMS delivery vendor) strictly to transmit the messages you requested, under contractual confidentiality and data-protection obligations.
  • Protected as Sensitive Data:Mobile phone numbers and any associated identifiers are safeguarded with the same SOC 2 Type II controls and, where applicable, HIPAA safeguards applied to all personal data, including encryption in transit and at rest, access controls, and audit logging.
  • Opting Out:You can opt out of SMS messages at any time by replying STOP to any message or by contacting us at privacy@codebridgehq.com. You may reply HELP for assistance. Message and data rates may apply, and message frequency varies.

Transferring Personal Data to the U.S.

International Data Transfers

CodeBridge has its headquarters in the United States, and our servers and service providers are primarily located in the United States. Information we collect about you will be processed and stored in the United States.

By using CodeBridge's services, you acknowledge that your personal information will be processed in the United States. The United States has not sought nor received a finding of "adequacy" from the European Union under Article 45 of the GDPR.

Safeguards for International Transfers

Pursuant to Article 46 of the GDPR, CodeBridge provides appropriate safeguards for international data transfers through:

  • Standard Contractual Clauses (SCCs):We use binding, standard data protection clauses approved by the European Commission.
  • Enhanced SCCs:Our clauses have been enhanced based on guidance from the European Data Protection Board.
  • Data Processing Agreements:We enter into data processing agreements with our vendors.
  • Additional Safeguards:We implement technical measures including AES-256 encryption at rest, TLS 1.3 encryption in transit, VPC isolation, multi-factor authentication, and role-based access controls.

Data Subject Rights

Your Privacy Rights

The European Union's General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other privacy laws provide certain rights for data subjects. We respect and honor these rights for all our users, regardless of location.

Rights Under GDPR

If you are located in the EEA or UK, you have the following rights:

  • Right to Be Informed:Clear information about how we collect and use your personal data.
  • Right of Access:Request access to your personal data and information about how we process it.
  • Right to Rectification:Correct inaccurate or incomplete personal data.
  • Right to Erasure:Request deletion of your personal data in certain circumstances.
  • Right to Restrict Processing:Request that we limit how we use your personal data.
  • Right to Data Portability:Receive your personal data in a structured, machine-readable format.
  • Right to Object:Object to our processing of your personal data in certain circumstances.
  • Rights Related to Automated Decision Making:Not be subject to decisions based solely on automated processing.

How to Exercise Your Rights

To exercise any of these rights, please contact us at:

We will respond to your request within 30 days for GDPR requests or 45 days for CCPA requests.

Security of Your Information

Our Commitment to Security

CodeBridge takes the security of your personal information seriously. We implement comprehensive technical, administrative, and physical security measures designed to protect your data from unauthorized access, disclosure, alteration, and destruction, in alignment with HIPAA and SOC 2 Type II requirements.

Technical Security Measures

  • Encryption:AES-256 encryption for data at rest, TLS 1.3 encryption for data in transit.
  • Network Security:VPC isolation with private subnets, security groups, network segmentation, and WAF protection.
  • Authentication:Advanced identity management, multi-factor authentication support, and token-based authentication.
  • Data Protection:Secrets management for credentials and automated, encrypted backups.
  • Application Security:Input validation, parameterized queries, CSP headers, and XSS and CSRF protection.

Data Breach Notification

In the unlikely event of a data breach that affects your personal information, we will notify affected individuals within 72 hours of becoming aware of the breach (as required by GDPR), provide information about what data was affected, explain the steps we are taking to address the breach, and offer guidance on how you can protect yourself.

Data Storage and Retention

Where We Store Your Data

Your personal data is stored by CodeBridge in secure cloud infrastructure located in the United States, including managed databases across multiple availability zones, object storage, and encrypted backups with cross-region replication.

How Long We Retain Your Data

  • Client Data (Active Accounts): Duration of your business relationship with CodeBridge
  • Client Data (After Account Closure): Up to 90 days after account termination
  • Billing and Financial Records: 7 years (as required by tax and financial regulations)
  • System Logs: Application logs (90 days), Security logs (1 year), Audit logs (7 years)
  • Analytics and Aggregated Data: Indefinitely (after de-identification)

Right to Deletion

You have the right to request deletion of your personal data at any time. To request deletion, email privacy@codebridgehq.com or use your account settings. We will process deletion requests within 30 days and provide confirmation once complete.

Children's Data

Age Restrictions

CodeBridge's services are not directed to children under the age of 16. We do not knowingly collect, use, or disclose personal information from children under 16 years of age.

What We Do If We Learn We Have Collected Children's Data

If we become aware that we have inadvertently collected personal information from a child under 16 without proper parental consent, we will:

  1. Delete the information as soon as possible
  2. Terminate any associated account
  3. Not use the information for any purpose
  4. Not disclose the information to third parties

If you believe that we have collected personal information from a child under 16, please contact us immediately at privacy@codebridgehq.com.

Changes to This Privacy Policy

Updates and Modifications

We reserve the right to update this Privacy Policy from time to time to reflect changes in our data practices, new features or services, legal or regulatory requirements, and feedback from users or regulators.

How We Notify You

When we make material changes to this Privacy Policy:

  1. We will update the "Effective Date" at the top of this policy
  2. We will notify active users via email, in-app notification, and prominent notice on our website
  3. For significant changes, we may require you to review and accept the updated policy

Your continued use of CodeBridge services after the effective date of any changes constitutes your acceptance of the revised Privacy Policy.

Questions, Concerns, or Complaints

Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy or our data practices, please contact us:

CodeBridge LLC
Data Protection Officer: privacy@codebridgehq.com
Postal Address: CodeBridge LLC, Attention: Privacy Team, United States

Response Time

  • General questions: 5 business days
  • Data subject requests: 30 days (GDPR) or 45 days (CCPA)
  • Security concerns: 24-48 hours
  • Data breach notifications: Within 72 hours of confirmation

Supervisory Authorities

If you believe we have not addressed your privacy concerns adequately, you have the right to lodge a complaint with:

  • European Union/EEA:European Data Protection Supervisor or your national data protection authority.
  • United Kingdom:Information Commissioner's Office (ICO) - https://ico.org.uk
  • California:California Attorney General's Office - https://oag.ca.gov/privacy

Acknowledgment and Acceptance

By using CodeBridge's services, visiting our website, or providing us with your personal information, you acknowledge that:

  • 1:You have read and understood this Privacy Policy.
  • 2:You consent to the collection, use, and disclosure of your personal information as described.
  • 3:You understand your rights and how to exercise them.
  • 4:You agree to the transfer of your data to the United States (if applicable).

If you do not agree with this Privacy Policy, please do not use our services.

Last Updated: July 1st, 2025

Version 2.0

© 2026 CodeBridge LLC. All rights reserved.