Privacy Policy
Last updated: 3 April 2026
Codolve ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and safeguard personal data when you visit codolve.com or engage with our services. Codolve acts as the data controller for all personal information collected through this website. This policy is designed to align with the EU GDPR, UK GDPR, CCPA/CPRA, LGPD, PIPEDA, and other applicable privacy frameworks.
1. Information We Collect
We collect personal information only when you voluntarily provide it:
- Name, email address, phone number, and contact details via our contact form
- Messages and project descriptions you submit to us
- Job application details including CV/resume uploads via our careers form
- Business or project information you share in enquiries
- Technical data: browser type, device type, operating system (IP addresses are processed transiently and not retained by us)
- Usage data: pages visited, time on page, referral source — only when analytics consent is explicitly granted
2. Legal Basis for Processing (GDPR)
For visitors from the European Economic Area (EEA) and United Kingdom, we process your personal data under the following legal bases:
- Consent: for analytics cookies (explicit opt-in via our cookie banner — no analytics cookies are set without your consent)
- Legitimate Interests: for essential site functionality, performance monitoring (Cloudflare, no cookies), responding to contact form enquiries, and evaluating job applications — balanced against your rights
- Contract Performance: for delivering agreed services to clients
- Legal Obligation: where required by applicable law
3. How We Use Your Information
- To respond to enquiries, messages, and service requests
- To evaluate job applications and manage recruitment processes
- To deliver agreed services and manage client projects
- To monitor site performance (Cloudflare Web Analytics — no cookies, no personal profiling)
- To improve user experience through anonymised usage analytics (Google Analytics 4 — only when analytics consent is granted)
- To maintain security, prevent fraud, and ensure system integrity
4. Cookies & Analytics
We use essential cookies for core site functionality (legal basis: legitimate interest) and, with your explicit consent, analytics cookies via Google Analytics 4. The full details of each cookie category, legal basis, and how to withdraw consent are set out in our Cookie Policy.
We implement Google Consent Mode v2, which ensures that GA4 does not collect directly identifying data unless you have explicitly opted in via the consent banner. GA4 processes pseudonymous identifiers which are considered personal data under GDPR — these are only collected following your consent. You can withdraw consent at any time using the Cookie Settings button in the footer of every page.
5. Careers & Resume Data
When you apply for a position at Codolve, we collect and process the personal information you submit, including your CV/resume, contact details, and application message. This data is used solely for recruitment and evaluation purposes and is accessible only to authorised Codolve personnel. Application data is not shared publicly or sold to third parties.
Files may be stored securely using trusted cloud services. You may request deletion of your application data at any time by emailing us.
6. Data Sharing
Codolve does not sell, rent, or trade personal data. Data is shared only with trusted third-party service providers strictly necessary to operate our website and deliver our services, including cloud hosting providers, file storage services, and email delivery platforms. These providers are bound by data processing agreements and confidentiality obligations. Where applicable, Standard Contractual Clauses (SCCs) or equivalent safeguards are in place for international transfers.
7. International Data Transfers
Some of our third-party service providers (including Google and Cloudflare) process data outside the EEA. Where this occurs, transfers are protected by appropriate safeguards including Standard Contractual Clauses (SCCs) approved by the European Commission, or equivalent mechanisms applicable in your jurisdiction.
8. Data Security
We implement appropriate technical and organisational security measures to protect personal data against unauthorised access, loss, misuse, or alteration. Access to personal data is restricted to authorised personnel on a need-to-know basis. While we take all reasonable precautions, no system can guarantee absolute security.
9. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected. Contact form submissions are retained for up to 12 months. Job application data is retained for up to 6 months after the position is filled, unless you request earlier deletion. Analytics data is subject to Google Analytics' default retention settings and is only collected where you have given consent.
10. Your Rights
Depending on your location, you may have the following rights. We will respond to all verified requests within 30 days.
- Access (GDPR / CCPA / LGPD / PIPEDA): request a copy of the personal data we hold about you
- Rectification (GDPR / LGPD): request correction of inaccurate or incomplete data
- Erasure (GDPR / LGPD / CCPA): request deletion of your personal data ("right to be forgotten")
- Restriction (GDPR): request that we limit processing of your data in certain circumstances
- Portability (GDPR / LGPD): receive your data in a structured, machine-readable format
- Objection (GDPR): object to processing based on legitimate interests
- Withdraw consent: for analytics cookies, withdraw at any time using the Cookie Settings button in the footer — no account or login required
- CCPA / CPRA opt-out: California residents can opt out of any sale or sharing of personal information. We do not sell personal data
- Non-discrimination (CCPA): we will not discriminate against you for exercising your privacy rights
- Lodge a complaint: EEA/UK residents may lodge a complaint with their national supervisory authority (e.g. ICO in the UK)
To exercise any of these rights, please email us at contact@codolve.com.
11. Children's Privacy
Our website is not directed to children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal data from children. If you believe a child has provided us with personal information, please contact us and we will promptly delete it.
12. Third-Party Links
Our website may contain links to external websites. Codolve is not responsible for the privacy practices or content of those websites. We encourage you to review their privacy policies before submitting personal information.
13. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. The "Last updated" date at the top of this page will always reflect the most recent revision. We recommend reviewing this page periodically.
14. Contact Us
If you have questions about this Privacy Policy, would like to exercise your rights, or wish to raise a concern about how we handle your data, please contact us:
contact@codolve.com
If you are based in the EEA and are not satisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority.
