Privacy Policy

Codely.ai Inc. ("Codely.ai", "we", "us", or "our") operates the website at https://codely.ai, as well as the DialoGen and ConvyFlow platforms. This Privacy Policy applies to all information collected through these platforms and any related services.

We are committed to compliance with the Personal Information Protection and Electronic Documents Act (PIPEDA) of Canada, and where applicable, the General Data Protection Regulation (GDPR) for individuals in the European Economic Area.

By using our website, engaging our services, or using our products, you consent to the practices described in this Privacy Policy.

We may collect the following categories of personal information:

Information you provide directly:

• Contact details: name, email address, phone number, company name, job title.
• Project information: descriptions of projects, requirements, budgets, and timelines provided through our contact form or during consultations.
• Account credentials for our SaaS products (DialoGen, ConvyFlow).
• Communications: emails, chat messages, and other correspondence with us.
• Payment information: processed through secure third-party payment processors; Codely.ai does not store full card details.

Information collected automatically:

• Usage data: pages visited, time spent, clicks, referral sources, device type, browser type, and IP address.
• Cookies and similar tracking technologies (see section 6).
• Log data generated by interactions with our servers.

Information from third parties:

• We may receive information about you from partners, referral sources, or publicly available professional profiles (e.g., LinkedIn) when you engage with us professionally.

We use your personal information for the following purposes:

• To respond to enquiries and provide quotes, proposals, and consultations.
• To deliver contracted Services and manage client engagements.
• To operate, maintain, and improve our Products (DialoGen, ConvyFlow).
• To process payments and manage billing.
• To send service-related communications (invoices, project updates, contract notices).
• To send marketing communications, if you have opted in (you may opt out at any time).
• To comply with legal obligations.
• To protect the security and integrity of our systems and prevent fraud.
• To analyse usage patterns and improve the quality of our website and services.

We do not sell your personal information to third parties, and we do not use it for automated individual decision-making that produces legal or similarly significant effects without your explicit consent.

For users in the EEA and other jurisdictions requiring a legal basis for processing, we process personal data on the following grounds:

• Contract: Processing necessary to perform our contractual obligations to you.
• Legitimate interests: Processing necessary for our legitimate business interests (e.g., improving our services, preventing fraud) where these interests are not overridden by your rights.
• Consent: Where you have given explicit consent, such as for marketing emails or certain cookie uses.
• Legal obligation: Where processing is required to comply with applicable laws.

We do not sell, rent, or trade your personal information. We may share it in the following limited circumstances:

• Service providers: We may share information with trusted third-party vendors who assist us in operating our business (e.g., cloud infrastructure providers, payment processors, analytics tools, email services). These providers are contractually required to protect your data and use it only for the purposes we specify.
• Business transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership.
• Legal requirements: We may disclose your information where required by law, court order, or governmental authority, or to protect the rights, property, or safety of Codely.ai, our clients, or the public.
• With your consent: We may share your information in other circumstances with your explicit consent.

Our website uses cookies and similar technologies to enhance functionality, analyse usage, and personalise your experience. We use the following types of cookies:

• Essential cookies: Required for the website to function. These cannot be disabled.
• Analytics cookies: Help us understand how visitors use our site (e.g., page views, traffic sources). We use privacy-respecting analytics tools that do not share data with advertising networks.
• Preference cookies: Remember your settings and preferences to improve your experience.

You can control cookie settings through your browser preferences. Disabling certain cookies may affect the functionality of our website. We do not use third-party advertising or retargeting cookies.

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, to comply with our legal obligations, or to resolve disputes and enforce agreements.

• Client project data is retained for a minimum of 7 years to comply with accounting and tax regulations in Canada.
• Marketing contact data is retained until you unsubscribe or request deletion.
• Website analytics data is retained for up to 26 months.
• Contact form submissions are retained for up to 2 years.

When data is no longer required, it is securely deleted or anonymised.

We implement appropriate technical and organisational security measures to protect your personal information against unauthorised access, disclosure, alteration, or destruction. These measures include:

• TLS/HTTPS encryption for all data in transit.
• Encryption of sensitive data at rest.
• Access controls limiting data access to authorised personnel on a need-to-know basis.
• Regular security assessments and vulnerability management.
• Secure development practices aligned with OWASP guidelines.

While we take reasonable steps to protect your data, no method of transmission over the internet or electronic storage is 100% secure. In the event of a data breach that poses risk to your rights, we will notify you and relevant authorities as required by applicable law.

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you.
• Correction: Request that inaccurate or incomplete information be corrected.
• Deletion: Request that we delete your personal information (subject to legal retention obligations).
• Portability: Request your data in a structured, machine-readable format (where technically feasible).
• Objection: Object to processing of your personal data based on legitimate interests.
• Restriction: Request that we restrict processing of your data in certain circumstances.
• Withdraw consent: Where processing is based on consent, you may withdraw it at any time without affecting prior processing.
• Unsubscribe: Opt out of marketing communications at any time via the unsubscribe link in any email or by contacting us directly.

To exercise any of these rights, please contact us at operations@codely.ai. We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

Codely.ai operates with offices in Canada, India, and the UAE, and we use cloud service providers that may process data in multiple countries. If your personal information is transferred outside your jurisdiction, we take appropriate safeguards to ensure it receives an equivalent level of protection.

For EEA data subjects, international transfers are conducted only where appropriate safeguards are in place, such as standard contractual clauses approved by the European Commission or adequacy decisions.

Our website, services, and products are not directed at children under the age of 16. We do not knowingly collect personal information from anyone under 16 years of age. If you believe we have inadvertently collected information from a child, please contact us immediately at operations@codely.ai and we will promptly delete such information.

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. The "Last updated" date at the top of this page indicates when the policy was last revised.

For material changes, we will notify you by email (where we have your contact details) or by posting a prominent notice on our website before the changes take effect. Your continued use of our services after the effective date constitutes acceptance of the updated policy.

If you have any questions, concerns, or requests relating to this Privacy Policy or your personal data, please contact us:

• Email: operations@codely.ai
• Postal address: Unit 50, 125 Sekura Cres, Cambridge, Ontario, Canada
• Contact form: codely.ai/contact

We will respond to privacy-related requests within 30 days. For unresolved concerns, you may contact the Office of the Privacy Commissioner of Canada at priv.gc.ca.