Privacy Policy
Effective July 9, 2026. Palisade Technologies LLC, doing business as Codaegis, collects only the information needed to provide and protect the service, manage accounts and billing, support customers, and produce governed packets.
Use this address for privacy, access, correction, deletion, export, billing, refund, cancellation, support, and security requests.
Information Codaegis may collect
- Account identity, email, sign-in state, account settings, and support contact details.
- GitHub identity, repository metadata, pull-request metadata, discussions, changed-file references, commit metadata, and CI/status signals needed for admitted PR review.
- Governed packet contents, risk findings, missing-proof notes, next-review-action guidance, blocked assumptions, provenance, policy-memory version, and human disposition records.
- Usage, entitlement, included-check, billing receipt, failed-payment, export, route, security-event, and webhook-delivery metadata needed to operate the service.
- Support, privacy, billing, refund, cancellation, and security messages that a customer chooses to send.
- Essential cookie, session, device, route, IP-address, and security-log information needed to sign users in, prevent abuse, and operate the service.
How Codaegis uses information
- Provide the GitHub-first governed packet service and deliver packet history, export, and webhook features when admitted.
- Manage accounts, subscriptions, usage limits, payment state, tax records, and accepted subscription terms.
- Operate docs-first support, answer customer requests, investigate security reports, prevent abuse, and comply with legal obligations.
- Not use customer packet, repository, or code content for broad model training without explicit opt-in and a later policy update.
Service providers and subprocessors
Codaegis relies on a small number of third-party providers to run the service. It names the provider that processes code content to produce packets and holds only the internal configuration that would help a competitor reconstruct how the engine reaches a verdict.
- Codaegis uses OpenAI as the third-party AI provider that processes pull-request and code content to produce governed packets.
- The specific model version, routing, and prompt configuration behind that analysis are not disclosed; they are internal engine configuration, not a data-handling boundary.
- Codaegis does not use customer packet, repository, or code content for broad model training without explicit opt-in or a later reviewed policy.
- Stripe processes payments through Stripe-hosted flows. Codaegis does not store full card details.
- GitHub is the customer-authorized source of the repository and pull-request metadata Codaegis reads for an admitted review.
- Hosting, database, email, security, and logging providers may process the limited information needed to operate and protect Codaegis.
- Codaegis may disclose information when legally required, to protect rights or safety, or as part of a business transfer with appropriate safeguards.
Retention and customer responsibility
Packet history is bounded by the active tier and its time window. Customers remain responsible for exporting or storing packets they need beyond Codaegis retention.
- Free posture: 3 days.
- Starter: 30 days.
- Higher tier direction: 90 days.
- After a downgrade shortens the visible history window, data outside the new window may be held but unavailable for up to three days so the downgrade can be reversed; it is then deleted under the active tier's retention window.
- Subscription consent evidence is retained for at least three years after acceptance and at least one year after the subscription ends, whichever is later.
- Detailed local Stripe event links are removed after three years. The Stripe event ID and event type may remain as a minimal duplicate-prevention record.
- Support, security, billing, tax, legal, fraud, and audit records are retained only as long as reasonably needed for those purposes or required by law.
Choices and requests
- Customers may revoke GitHub access, request access, correction, export, or deletion where applicable, and cancel billing online.
- Codaegis will verify a requester before acting and may retain information that law, security, fraud prevention, tax, billing, or dispute handling requires.
- Codaegis does not sell personal information or use it for cross-context behavioral advertising.
- Send requests to support@codaegis.com. Codaegis will respond within the time required by applicable law.
Age and geography
- Codaegis may be used by individuals and businesses; it is not business-only by default.
- The paid service is designed for professional, commercial, and organizational software-development work, including work performed by individual developers.
- The service is intended for adults age 18 or older and is not directed to children.
- The first paid service is offered for use in the United States. Do not purchase it for use outside the United States unless Codaegis later states that country is supported.
Policy changes
- Codaegis may update this policy as the service changes and will post a new effective date.
- Material changes will be announced through the service or by email when required by law.