Privacy Notice
This notice explains what data KodaAI collects, why we collect it, and how we use it. We aim to be direct with no legalese for its own sake.
1. Who we are
KodaAI is a coding education product. When this notice refers to "KodaAI", "we", "us", or "our", it means the team operating KodaAI and reachable at hello@kodaai.dev.
2. What we collect
Account information
When you sign in via Google, GitHub, or Apple, we receive your name, email address, and a profile picture URL from the OAuth provider. We do not receive your password.
Usage data
- Topics you request lessons on
- Programming language and skill level you select
- Code you write in the editor (sent to our API to generate feedback)
- Chat messages you send to the AI mentor
- Session timestamps and session count
Technical data
- IP address (used to detect abuse and rate-limit requests)
- Browser and OS type
- Crash reports and error logs
What we do not collect
We do not collect payment card details. We do not sell your data to advertisers. We do not build profiles for ad targeting.
3. How we use your data
- To provide the service - your code and messages are sent to the Anthropic API to generate AI feedback and lessons. Anthropic's use of that data is governed by their privacy policy.
- To personalise your experience - skill level and language preferences are stored so you do not have to re-enter them each session.
- To improve the product - anonymised, aggregated usage data helps us understand which features are useful.
- To communicate with you - we may email you about important changes to the service or your account. We will not send marketing email without your explicit opt-in.
4. Third-party services
We use the following sub-processors:
- Anthropic - AI inference. Your code and messages are transmitted to Anthropic's API.
- Google / GitHub / Apple - OAuth sign-in only.
5. Data retention
We retain your account data and session history for as long as your account is active. If you delete your account, we delete your personal data within 30 days, except where we are legally required to retain it (e.g. billing records for 7 years under tax law).
6. Your rights
Regardless of where you are located, you can:
- Request a copy of the personal data we hold about you
- Ask us to correct inaccurate data
- Ask us to delete your account and associated data
- Opt out of any non-essential communications
To exercise any of these rights, email hello@kodaai.dev. We will respond within 30 days.
7. Cookies
We use a single session cookie to keep you signed in. We do not use tracking or advertising cookies. No cookie consent banner required.
8. Security
All data is transmitted over HTTPS. We do not store code or chat messages long-term on our servers. They are forwarded to the AI API and discarded. Account data is stored in an encrypted database with access limited to essential team members.
9. Children
KodaAI is not directed at children under 13. If you believe a child under 13 has created an account, contact us at hello@kodaai.dev and we will delete it promptly.
10. Changes to this notice
We will update this page when our practices change. For material changes, we will notify users by email.
11. Contact
Questions about this notice: hello@kodaai.dev