Skip to content
Legal

Privacy Policy

Last updated: 17 July 2026

This policy covers CodifyNest - the website at codifynest.com, the moderation API, and the developer console. It is written to be read, not to be survived. If anything here is unclear, ask us and we will explain it in plain terms.

01Overview

CodifyNest provides a content moderation API. To do that, we necessarily process the content you send us. This policy explains what we collect, why, how long we keep it, and what control you have over it.

Two roles matter throughout this document. For your account data we are the data controller. For the content you submit for moderation we are a data processor acting on your instructions - you decide what is sent and why.

02Information we collect

Account information. Name, email address, and organisation, handled through our authentication provider. We never see or store your password.

Billing information. Plan, credit usage, and invoice history. Card details are handled by our payment processor and never reach our servers.

Moderation content. The text, image references, or URLs you submit to the API, together with the verdict we return.

Technical data. API key identifier, timestamp, endpoint, response status, latency, and IP address for each request. We use this for rate limiting, billing, abuse prevention, and debugging.

Website data. Aggregate, privacy-respecting analytics. No advertising trackers and no cross-site profiling.

03How we use information

  • To return a moderation verdict - the reason you called us.
  • To meter credits and bill your account accurately.
  • To enforce rate limits and detect abuse of the service.
  • To provide support when you ask us for it.
  • To keep the service reliable, secure, and available.
  • To meet legal and regulatory obligations.

We do not sell your data, and we do not train models on the content you submit for moderation. Your content is used to answer your request, not to improve our product.

04Content retention

Content bodies are processed in memory and discarded once we return a verdict. Moderation logging is off by default for content bodies.

If you enable moderation logs, we store the submitted content alongside its verdict for the retention window you choose, so that you can audit decisions and tune policies. You can change that window, or purge any individual record, through the API or the console at any time.

Request metadata - timestamps, endpoints, status codes, and credit consumption - is retained regardless, because it is what billing and abuse prevention run on. It does not include the content itself.

05Sub-processors

We use a small number of vendors to run the service. Each is bound by a data processing agreement and may only process data on our instructions:

  • Cloud hosting and application infrastructure.
  • Managed database hosting.
  • Authentication and identity management.
  • Payment processing.
  • Transactional email delivery.
  • AI model inference, for the escalation path only.

A current, named sub-processor list is available on request - contact us and we will send it, along with notice of material changes.

06Security

  • All traffic is encrypted in transit with TLS.
  • Data at rest is encrypted.
  • API keys are stored hashed; we cannot recover a key after you create it.
  • Access to production systems is limited to staff who need it and is logged.

No system is perfectly secure, and we will not claim otherwise. If you believe you have found a vulnerability, please report it to privacy@codifynest.com rather than disclosing it publicly, and we will work with you on it.

07Your rights

Depending on where you live, you may have the right to access, correct, export, or delete your personal data, to object to or restrict processing, and to lodge a complaint with your supervisory authority.

Most of these you can exercise directly in the console. For anything else, email privacy@codifynest.com and we will respond within 30 days.

If you are an end user of a product built on CodifyNest rather than our direct customer, please contact that product's operator - they control what is sent to us and we act on their instructions.

08International transfers

We operate globally, so your data may be processed in countries other than your own. Where data leaves its region of origin, we rely on appropriate safeguards, including Standard Contractual Clauses. If you need data residency guarantees for a specific region, talk to us - it is available on Enterprise.

09Cookies

The marketing site uses only what it needs: a cookie to remember your theme preference, and session cookies for authentication once you sign in.

We do not use advertising cookies, and we do not sell or share browsing data with advertising networks.

10Children

CodifyNest is a developer tool and is not directed at children. We do not knowingly collect personal data from anyone under 16. If you believe a child has provided us with personal data, contact us and we will delete it.

11Changes to this policy

We may update this policy as the product changes. If a change materially affects how we handle your data, we will notify account holders by email before it takes effect. The date at the top of this page always reflects the current version.

12Contact

Privacy questions, data requests, and security reports: privacy@codifynest.com. For anything else, use the contact page.

Questions about this document? Get in touch and we will walk you through it.