Codex Privacy Policy

Effective Date: October 18, 2025

This Privacy Policy explains how Codibrain Inc. ("Codex," "we," "us," or "our") collects, uses, and shares information about you when you use our mobile application and related services (collectively, the "Service").

1. Information We Collect

We collect information directly from you, automatically when you use the Service, and from third parties.

A. Information You Provide Directly

Category	Specific Data Collected	Purpose
Account Information	Email Address, Custom Username, Password (Hashed), Phone Number.	To create and secure your account and manage friend connections.
Authentication Data	Third-party identifiers from Google Auth.	To facilitate easy login and verify user identity.
Profile Information	Self-selected preferred programming language.	To display on your profile and help match you with relevant challenges and users.

B. Information We Collect from Third Parties (GitHub)

The Service **does not** require, request, or store your GitHub access token. When you optionally connect your GitHub account to generate a "Profile Score," we collect and display **public data only**, including your public GitHub username and public statistics (e.g., commit count, language usage statistics).

C. Automatically Collected Data

When you access the Service, we automatically collect the following data:

Category	Specific Data Collected	Purpose & Third Parties
Usage Data	How you use the app, session duration, and feature engagement.	Google Analytics (for service improvement).
Technical Data	Device type, operating system version, IP address, Device Advertising ID.	AdMob (for personalized advertising) and Google Analytics.
Performance Data	Crash reports, bugs, and diagnostic information (Planned).	Firebase Crashlytics (to maintain and secure the Service).

2. Our Use of Your Information

We use the collected information for the following purposes:

To Provide the Service: To authenticate you, manage your profile, and enable core features like code challenges and friend connections.
User-Generated Content (UGC) & Community: To facilitate communication and display your public activity (Username, Language, Profile Score, Friends List, and Activity) to other users on the Service.
Advertising & Monetization: To display personalized advertising through AdMob.
Service Improvement: To analyze usage patterns, monitor service performance, and identify bugs using Google Analytics and Crashlytics.

3. Data Sharing and Disclosure

We do not sell your Personal Data. We share your information only in the following limited circumstances:

With Other Users: Your Username, Language, Profile Score, Friends, and Activity are visible to other users of the Service.
With Service Providers: We share necessary data with third-party vendors who perform services on our behalf, primarily Google (Firebase, AdMob, Analytics, Crashlytics). These parties are obligated to use the data only as needed to perform their functions.
For Legal Reasons: To comply with any applicable law or legal process, or to protect the rights, property, or safety of Codex, our users, or the public.

4. Children’s Privacy and Compliance (COPPA & GDPR)

The Service is accessible to children under the age of 13. We are committed to complying with the U.S. Children’s Online Privacy Protection Act (COPPA) and similar global regulations, including the GDPR.

Parental Consent: We will obtain verifiable parental consent before collecting or using personal information from children under 13.
Advertising Restriction: We rely on AdMob to use Non-Personalized Ads (NPA) for all users identified as children. We will not use personal data for ad targeting for these users.
Limited Data: We minimize the collection of personal data from children.

If you are a parent or guardian and believe your child has provided us with personal information without your consent, please contact us immediately so we can delete the information.

5. Your Rights and Data Control

You have specific rights regarding your data, and we provide you with the means to exercise them:

A. In-App Access & Deletion (GDPR & CCPA)

You can manage your data rights directly in your in-app Settings:

Access: You can access and review the personal data associated with your account.
Correction/Update: You can update your profile information (e.g., username, language, password).
Deletion: You can request the **deletion of your entire account and all associated data** through a function in the Settings menu.

B. Data Retention

We retain your personal data for as long as your account remains active. If you initiate an account deletion, we will delete all associated data within **30 days**, unless retention is required by law (e.g., tax or legal purposes).

6. International Data Transfers (GDPR)

Codex uses global servers and cloud services (Firebase/Google Cloud). Your information may be processed and stored outside of your country of residence, including in the **United States**.

By using the Service, you acknowledge that your information may be transferred to facilities outside your country. We take all reasonable steps to ensure your data is treated securely and in accordance with this Privacy Policy, utilizing **Standard Contractual Clauses (SCCs)** where required under GDPR.

7. Contact Us

If you have questions about this Privacy Policy or wish to exercise any of your rights (especially data access, correction, or deletion), please contact our Data Protection Officer:

Codibrain Inc.

Email: meieralexander65@gmail.com