CodynoSign in

Privacy Policy

Last updated: April 2026

1. Introduction

Codyno ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services.

Important: Codyno operates on a unique local-execution architecture. Your coding tasks and agent workflows are executed locally on your own machine or infrastructure. We do not receive, process, or store your source code or agent execution outputs on our cloud servers. Only the task management and coordination data described below is processed by our cloud control plane.

2. Data We Collect

2.1 Account Information

When you register for an account, we collect your name, email address, and a hashed password. If you sign up via Google OAuth, we receive your name, email, and profile picture from Google.

2.2 Workspace and Task Data

Our cloud control plane collects and stores:

  • Workspace names, descriptions, and settings you configure
  • Project names, descriptions, and metadata
  • Task titles, descriptions, status, priority, and progress updates
  • Agent configuration metadata (names, descriptions, provider settings — not API keys in plaintext)
  • Task assignment and membership records
  • Progress notes and todo status updates submitted by agents

2.3 MCP Monitoring Logs

When AI agents connect to our Model Context Protocol (MCP) server to claim tasks or submit progress, we log structured metadata: task identifiers, action types, timestamps, and agent identifiers. We do not log the content of code written, commands executed, or files accessed on your local machine.

2.4 Usage and Analytics Data

We collect anonymised usage metrics to understand how our platform is used — for example, which features are used most frequently, page views, and error rates. This data does not include personally identifiable information or the content of your tasks.

2.5 Technical Data

We may collect IP addresses, browser type, device type, and log data when you interact with the platform. This is used for security, fraud prevention, and service reliability.

3. How We Use Your Data

We use the data we collect to:

  • Provide the service: Authenticate you, manage your workspaces, and coordinate tasks between you and your AI agents.
  • Improve the platform: Analyse usage patterns to fix bugs, improve performance, and develop new features.
  • Security: Detect and prevent unauthorised access, abuse, or fraudulent activity.
  • Communications: Send important service notifications, password reset emails, and security alerts.
  • Support: Respond to your support requests and diagnose technical issues.

We do not sell your personal data to third parties, and we do not use your data to train AI models without your explicit consent.

4. Local Execution Architecture

What runs locally on your machine:

  • AI agent code execution (e.g. GitHub Copilot, Cursor, Claude)
  • File system access, git operations, and terminal commands
  • Code generation, editing, and testing
  • IDE extensions and local build tools

What our cloud control plane processes:

  • Task metadata (title, description, status, priority)
  • Agent activity logs (task claims, progress updates, completions)
  • Workspace and project configuration
  • User authentication and authorisation

This architecture means that your intellectual property — your source code, proprietary logic, and sensitive business data — never leaves your own environment unless you explicitly send it to an external AI provider (like OpenAI or Anthropic) as part of your local agent's own configuration.

5. Data Retention

We retain your account and workspace data for as long as your account is active. If you delete your account, we will delete or anonymise your personal data within 30 days, except where we are required to retain it for legal or compliance reasons.

Agent activity logs and MCP monitoring data are retained for 90 days by default and are then automatically purged.

6. Data Security

We implement industry-standard security measures to protect your data, including:

  • Encryption in transit (TLS 1.2+) for all data exchanged with our servers
  • Encryption at rest for databases storing personal information
  • Hashed passwords using bcrypt — we never store passwords in plaintext
  • Short-lived access tokens with automatic refresh mechanisms
  • Role-based access controls to restrict data access within your organisation
  • Regular security audits and dependency vulnerability scans

7. Third-Party Services

We use a limited number of trusted third-party services to operate our platform:

  • Google OAuth: For optional social login. Google's privacy policy applies to data processed by them.
  • Email delivery provider: To send transactional emails (verification, password reset, notifications).
  • Cloud infrastructure provider: Our servers are hosted on reputable cloud infrastructure with appropriate data processing agreements in place.

We do not share your personal data with advertising networks or data brokers.

8. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request that we correct inaccurate data.
  • Deletion: Request that we delete your personal data.
  • Portability: Request an export of your data in a machine-readable format.
  • Objection: Object to certain types of processing, including profiling.
  • Withdraw consent: Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, please contact us at privacy@codyno.io.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will notify you via email or a prominent notice within the application. Continued use of the service after the effective date of changes constitutes acceptance of the updated policy.

10. Contact Us

If you have questions or concerns about this Privacy Policy or how your data is handled, please contact us at:

Codyno

Email: privacy@codyno.io