Back to Home

Privacy Policy

Effective Date: November 16, 2025 | Last Updated: November 16, 2025

1. Definitions

For the purposes of this Privacy Policy:

• "Personal Data" or "Personal Information" means any information relating to an identified or identifiable natural person.
• "Processing" means any operation performed on personal data, including collection, storage, use, disclosure, or deletion.
• "Data Controller" means Code Matrixz, which determines the purposes and means of processing personal data.
• "Data Processor" means any third party that processes personal data on behalf of Code Matrixz.
• "Services" refers to our website, applications, products and any related services offered by Code Matrixz.
• "User," "you," or "your" refers to any individual or entity accessing or using our Services.

2. Information We Collect

2.1 Information You Provide Directly

We collect information that you voluntarily provide to us when you:

• Account Registration: Name, email address, phone number, company name, job title, billing address and password
• Contact Forms & Inquiries: Name, email, phone number, message content and any other information you choose to provide
• Service Usage: Project details, preferences, specifications and communications
• Payment Information: Credit/debit card details, billing address and transaction history (processed securely through third-party payment processors)
• Marketing Communications: Email address and communication preferences
• Surveys & Feedback: Responses to surveys, testimonials and feedback

2.2 Information Collected Automatically

When you access our Services, we automatically collect certain information:

• Device Information: Device type, operating system, browser type and version, screen resolution and device identifiers
• Usage Data: Pages viewed, time spent on pages, click patterns, navigation paths, referring/exit pages
• Location Data: IP address, approximate geographic location based on IP address
• Cookies & Tracking Technologies: Session cookies, persistent cookies, web beacons and similar tracking technologies (see Section 9)
• Log Data: Server logs, error reports, access times and system activity

2.3 Information from Third-Party Sources

We may receive information about you from:

• Business partners and service providers
• Social media platforms (if you connect your account)
• Publicly available sources
• Marketing and analytics providers
• Fraud prevention and security services

3. Legal Basis for Processing (GDPR)

We process your personal data only when we have a legal basis to do so:

• Contractual Necessity: Processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract
• Consent: You have given explicit consent for specific processing activities
• Legitimate Interests: Processing is necessary for our legitimate business interests (e.g., improving services, fraud prevention), provided your rights and freedoms do not override these interests
• Legal Obligation: Processing is necessary to comply with applicable laws and regulations
• Vital Interests: Processing is necessary to protect your vital interests or those of another person

4. How We Use Your Information

We use the collected information for the following purposes:

4.1 Service Delivery & Management

• Providing, maintaining and improving our Services
• Processing transactions and managing orders
• Creating and managing user accounts
• Providing customer support and responding to inquiries
• Personalizing your experience

4.2 Communication

• Sending service-related notifications and updates
• Responding to your requests and communications
• Sending marketing communications (with your consent)
• Conducting surveys and gathering feedback

4.3 Business Operations

• Analyzing usage patterns and trends
• Conducting research and development
• Improving our products, services and website functionality
• Managing business relationships
• Enforcing our terms of service and policies

4.4 Security & Compliance

• Detecting, preventing and addressing fraud, security issues and technical problems
• Protecting the rights, property and safety of Code Matrixz, our users and the public
• Complying with legal obligations and responding to legal requests
• Conducting audits and investigations

4.5 Marketing & Analytics

• Delivering targeted advertisements and promotional content
• Measuring the effectiveness of marketing campaigns
• Understanding user behavior and preferences
• Building user profiles for marketing purposes (with consent)

5. Information Sharing and Disclosure

We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

We may share your information in the following circumstances:

5.1 Service Providers

We engage third-party companies and individuals to facilitate our Services, including:

• Cloud hosting and infrastructure providers (AWS, Google Cloud, Microsoft Azure)
• Payment processors (Stripe, PayPal, Razorpay)
• Email service providers (SendGrid, Mailchimp)
• Analytics providers (Google Analytics, Mixpanel)
• Customer support platforms (Zendesk, Intercom)
• Marketing and advertising partners

These service providers have access to your personal information only to perform specific tasks on our behalf and are obligated not to disclose or use it for any other purpose.

5.2 Business Transfers

In connection with any merger, acquisition, restructuring, sale of assets, or bankruptcy, your personal information may be transferred to the successor entity. We will notify you via email and/or prominent notice on our website of any such change.

5.3 Legal Requirements & Protection

We may disclose your information if required by law or in good faith belief that such action is necessary to:

• Comply with legal obligations, court orders, or government requests
• Enforce our Terms of Service and other agreements
• Protect and defend our rights or property
• Prevent or investigate possible wrongdoing
• Protect the personal safety of users or the public

5.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

5.5 Aggregated or De-identified Data

We may share aggregated or de-identified information that cannot reasonably be used to identify you with third parties for research, marketing, analytics, or other purposes.

6. International Data Transfers

Your information may be transferred to, stored and processed in countries other than your country of residence. These countries may have data protection laws that differ from those of your country.

When we transfer personal data from the European Economic Area (EEA), United Kingdom, or Switzerland to countries outside these regions, we ensure appropriate safeguards are in place, including:

• Standard Contractual Clauses approved by the European Commission
• Adequacy decisions recognizing equivalent data protection
• Binding Corporate Rules
• EU-U.S. Data Privacy Framework certification (where applicable)

For transfers from India, we comply with cross-border data transfer requirements under the Digital Personal Data Protection Act 2023.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Retention Periods:

Data Category	Retention Period
Account Information	Duration of account + 3 years after account closure
Transaction Records	7 years (for tax and legal compliance)
Marketing Data	Until consent is withdrawn + 1 year
Website Analytics	26 months
Customer Support Records	3 years after last interaction
Security Logs	1 year

After the retention period expires, we securely delete or anonymize your personal data. In some cases, we may retain information for longer periods where required by law or for legitimate business purposes (e.g., dispute resolution, enforcement of agreements).

8. Data Security

We implement comprehensive technical, physical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction.

Security Measures Include:

• Encryption: Data in transit is encrypted using TLS 1.3 or higher; sensitive data at rest is encrypted using AES-256
• Access Controls: Role-based access control (RBAC), multi-factor authentication (MFA) and principle of least privilege
• Network Security: Firewalls, intrusion detection/prevention systems and regular security monitoring
• Secure Development: Security-by-design principles, code reviews and vulnerability assessments
• Employee Training: Regular security awareness training for all employees
• Incident Response: Documented procedures for detecting, responding to and reporting security incidents
• Third-Party Security: Vendor security assessments and contractual security obligations
• Regular Audits: Periodic security audits, penetration testing and compliance assessments

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

9. Cookies and Tracking Technologies

We use cookies, web beacons, pixels and similar tracking technologies to collect information about your browsing activities and preferences.

Types of Cookies We Use:

• Essential Cookies: Necessary for the website to function properly (e.g., session management, security)
• Performance Cookies: Help us understand how visitors interact with our website (e.g., Google Analytics)
• Functionality Cookies: Enable personalized features and remember your preferences
• Targeting/Advertising Cookies: Used to deliver relevant advertisements and measure campaign effectiveness

Managing Cookies:

Most web browsers automatically accept cookies, but you can modify your browser settings to decline cookies. Please note that disabling cookies may affect website functionality. You can manage your cookie preferences through:

• Browser settings (Chrome, Firefox, Safari, Edge)
• Our Cookie Consent Manager (available on first visit)
• Opt-out tools: Network Advertising Initiative (NAI), Digital Advertising Alliance (DAA)

10. Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

10.1 Rights Under GDPR (EEA/UK Users)

• Right to Access: Request a copy of your personal data we hold
• Right to Rectification: Request correction of inaccurate or incomplete data
• Right to Erasure: Request deletion of your personal data ("right to be forgotten")
• Right to Restrict Processing: Request limitation of processing in certain circumstances
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests or for direct marketing
• Right to Withdraw Consent: Withdraw consent at any time (where processing is based on consent)
• Right to Lodge a Complaint: File a complaint with your local data protection authority

10.2 Rights Under CCPA (California Residents)

• Right to Know: Request information about personal data collected, used, disclosed, or sold
• Right to Delete: Request deletion of personal information
• Right to Opt-Out: Opt-out of the sale or sharing of personal information
• Right to Correct: Request correction of inaccurate personal information
• Right to Limit: Limit the use and disclosure of sensitive personal information
• Right to Non-Discrimination: Not be discriminated against for exercising privacy rights

10.3 Rights Under DPDP Act 2023 (India)

• Right to Access: Obtain information about personal data processing
• Right to Correction: Request correction or completion of personal data
• Right to Erasure: Request deletion of personal data
• Right to Data Portability: Receive personal data in a structured format
• Right to Grievance Redressal: Lodge complaints with the Data Protection Board of India
• Right to Nominate: Nominate an individual to exercise rights in case of death or incapacity

Exercising Your Rights:

To exercise any of these rights, please contact us using the information in Section 15. We will respond to your request within the timeframes required by applicable law (typically 30 days for GDPR, 45 days for CCPA).

We may require verification of your identity before processing requests. In certain circumstances, we may decline requests where permitted by law (e.g., if the request is manifestly unfounded or excessive).

11. Children's Privacy

Our Services are not directed to individuals under the age of 18 (or the applicable age of majority in your jurisdiction). We do not knowingly collect personal information from children.

If we become aware that we have collected personal information from a child without parental consent, we will take steps to delete such information promptly. If you believe we have collected information from a child, please contact us immediately at privacy@Code Matrixz.com.

12. Third-Party Links and Services

Our Services may contain links to third-party websites, applications, or services that are not operated by us. This Privacy Policy does not apply to third-party services. We are not responsible for the privacy practices or content of third parties.

We encourage you to review the privacy policies of any third-party services before providing personal information.

13. Do Not Track Signals

Some web browsers have a "Do Not Track" (DNT) feature that signals to websites that you do not want your online activities tracked. Currently, there is no industry standard for recognizing or responding to DNT signals. We do not currently respond to DNT signals.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. We will notify you of material changes by:

• Posting the updated Privacy Policy on our website with a revised "Last Updated" date
• Sending an email notification to the address associated with your account
• Displaying a prominent notice on our website

Your continued use of our Services after the effective date of the revised Privacy Policy constitutes acceptance of the changes. We encourage you to review this Privacy Policy periodically.

15. Supervisory Authorities

If you are located in the EEA, UK, or Switzerland and believe we have not addressed your concerns adequately, you have the right to lodge a complaint with your local data protection authority:

• EU: Find your local authority at https://edpb.europa.eu
• UK: Information Commissioner's Office (ICO) - https://ico.org.uk
• India: Data Protection Board of India (when established under DPDP Act 2023)