Scope
This Privacy Policy applies to information we collect through the codelace website, developer documentation, dashboard, billing flows, support channels, and OpenAI-compatible API. It also applies to information we collect when you communicate with us about the service.
By using codelace, you acknowledge that your information may be processed as described here. If you do not agree with this Privacy Policy, do not use the service.
Information we collect
Account information. We collect information such as your email address, display name, account identifiers, signup timestamps, and account status when you create or use a codelace account.
Authentication and access data. We process one-time passcode requests, hashed verification data, attempt counters, API keys, browser session credentials, and related security metadata needed to authenticate you and protect the service.
Payment and billing data. We receive and store billing records such as Stripe customer IDs, checkout session IDs, payment amounts, payment status, trial-credit grants, and related transaction timestamps. Payment card details are collected and processed by Stripe, not stored directly on codelace servers.
Usage and request data. When you use the API, we may store request metadata and request content needed to operate the service, including requested model, resolved model, routing path, provider identifiers, timestamps, token counts, costs, latency, request messages, and model outputs.
Technical and device data. We may collect IP addresses, user agent strings, browser and device information, log data, and similar operational telemetry used to secure, maintain, and troubleshoot the service.
Local storage and similar technologies. The web application stores browser credentials in local storage so you can remain signed in to the dashboard. We may also use similar client storage for security, state management, and user experience purposes.
Support communications. If you email us or otherwise contact support, we collect the content of your message and any information you choose to provide.
How we use information
We use information we collect to:
- create, authenticate, and administer customer accounts;
- deliver API requests, route traffic, and return model outputs;
- calculate usage, deduct balances, and maintain billing history;
- save payment methods and process trial credits or paid top-ups;
- detect abuse, fraud, unauthorized access, and policy violations;
- debug, secure, monitor, and improve the service;
- respond to support requests and operational communications;
- comply with legal obligations and enforce our policies.
How we disclose information
We may disclose information to the following categories of recipients:
- infrastructure, hosting, storage, email, authentication, logging, and analytics vendors that help us operate codelace;
- payment processors and related financial service providers, including Stripe, for setup sessions, payment processing, fraud checks, and payment method management;
- model providers, routing providers, compute providers, and similar service partners that must receive prompts or outputs to complete your API request;
- professional advisors, auditors, insurers, financing partners, and counterparties in a merger, financing, asset sale, or similar transaction;
- law enforcement, regulators, courts, and other third parties when disclosure is reasonably necessary to comply with law, respond to legal process, protect rights or safety, or investigate abuse.
No sale of personal information
codelace does not sell personal information for money and does not use personal information for cross-context behavioral advertising. If that changes, we will update this Privacy Policy before the new practice takes effect.
Retention
We retain information for as long as reasonably necessary to provide the service, maintain account history, operate billing, detect abuse, resolve disputes, comply with legal obligations, and enforce our agreements.
Retention periods depend on the type of information. For example, billing records may be kept for accounting and compliance purposes, security logs may be retained for fraud prevention, and API request records may be retained for usage reporting, debugging, and abuse review. We may also keep backup copies for a limited period.
Security
We use administrative, technical, and organizational safeguards that are designed to protect information from unauthorized access, loss, misuse, or alteration. These measures include transport encryption, access controls, authentication controls, and vendor-managed payment security.
No system is completely secure. You are responsible for protecting your devices, inbox access, and API keys, and for avoiding submission of unnecessary sensitive information through prompts or support channels.
International transfers
codelace may process or store information in the United States and other jurisdictions where codelace or its service providers operate. If you use the service from outside those locations, you understand that your information may be transferred across borders.
Your rights and choices
Depending on where you live, you may have rights to request access to, deletion of, correction of, or a copy of certain personal information, and you may have the right to object to or limit certain processing.
California residents may have rights under the California Consumer Privacy Act, including rights to know, delete, correct, and non-discrimination, subject to statutory limitations. To exercise a privacy request, email support@codelace.com.
We may need to verify your identity before acting on a request. Some information may be retained where permitted or required by law, or where reasonably necessary for billing, security, fraud prevention, or contract enforcement.
Children
codelace is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided personal information to codelace, contact us at support@codelace.com.
Changes to this Privacy Policy
We may update this Privacy Policy from time to time. If we make a material change, we may post the updated policy on the site, update the effective date, and where appropriate provide additional notice.
Contact
Questions, privacy requests, or complaints about this Privacy Policy should be sent to support@codelace.com.