Privacy Policy

Effective Date: April 28th, 2025

This Kodex Privacy Policy (the “Privacy Policy”) provides information on the collection, use, and sharing (collectively referred to as “processing”) of personal information by Kodex, Inc. (“Kodex”) in connection with your use of Kodex websites, mobile and desktop applications, and other online and offline services (the “Services”), including those offered only to registered users (the “Platform”). This Privacy Policy also explains the privacy rights you have in relation to Kodex’s processing of data. 

As used in this Privacy Policy, ‘personal information’ or ‘personal data’ means information that relates to an identified individual or to an identifiable individual. For example, this could include among other things your name, address, email address, business contact details, or information gathered through your interactions with us via our websites or at events. Personal information is also referred to as ‘information about you.’ 

What information do we collect?

Information you provide to us. Kodex collects your personal information when you register for an account with us, access our Services, or communicate via phone, email, or in-person with a Kodex employee, and willingly disclose that information. This information may include contact information (such as your name, address, phone number, and email address), scans of identification cards or other credentials, and, if your account requires payment, financial information for your organization (such as bank account or credit card information). As part of your use of our services, you may also provide us with testimonials, reviews, customer service requests, or other feedback on our Services. We will also collect information about your usage of our Site, App, and Services in connection with this data you provide us. 

We do not collect any Special Category Data about users (such as race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, health information, or genetic and biometric data) as defined in the GDPR. Nor do we collect any information about users’ criminal convictions and/or offenses. While we may process Special Category Data via our Portal, we do not access, analyze, or structure any data according to such categories. 

Information we collect automatically.

  • Device Signals. Kodex or its third-party service providers may collect a variety of device signals such as IP addresses, browser settings, internet service provider (ISP) information, referring/exit pages, operating systems, date/time stamps, clickstream data, and other device signals (collectively “Device Signals”).  We may use Device Signals to analyze Site traffic, diagnose problems with our server, administer our Site, or display content according to your preferences. We also use Device Signals to support the safety and security of our Portal and Platform. 
  • Cookies. Kodex may use the standard cookie feature of major browser applications and third-party providers, including Google Analytics features (Remarketing, Google Display Network Impression Reporting, the DoubleClick Campaign Manager Integration and Google Analytics Demographics and Interest Reporting), or employ internally developed cookies, clear GIFs, pixel tags, tracking codes, and other technologies that allow Kodex to store a small piece of data on a visitor’s computer, or any other device a visitor uses to access our Services, about his or her use of our Site and Apps. You can remove persistent cookies by following directions provided in your Internet browser’s “help” directory. If you reject cookies, you may still use our site, but your ability to use some areas of our site will be limited.
  • Location Information. When you use the Services, we may collect general location information (such as general location inferred from an IP address).

Portal communications. The Kodex Portal allows registered users to exchange information (“Portal Submission Data,” which does not include metadata). Registered users are able to upload Portal Submission Data, which may include third parties’ contact information, financial information, and other personal information, for the sole purpose of sharing that information with other registered users at those users’ explicit direction. Kodex does not use or disclose Portal Submission Data for purposes other than the provision of the Portal service.

Information from other sources. We may collect information about you from third parties, such as marketing partners and researchers. Our customers and partners may give us information about you, such as your Contact Data, in order to facilitate contracting through our Services and maintain the security of our services. We may combine this information with information we collect from you and use it as described in this Privacy Policy.

How do we use the information we collect? 

We use information we collect to: provide you with our Services, including by enabling payments; communicate with you; manage and remember your preferences and customize our Services and your experience with our Sites and Apps; support and improve the security of our Sites, Apps, and Services and detect and fight fraud; analyze and improve our Services; improve our advertising and marketing; verify your identity; inform you about parts of our Services you may find useful; comply with our legal obligations or as permitted by law; protect the safety and/or integrity of our users, employees, third parties, members of the public, and/or the Services; and prevent fraud and enforce our legal terms.

We may combine information that we collect directly from you with information that we obtain from other sources. We may also aggregate and/or de-identify information collected through the Services. We may use de-identified or aggregated data for any purpose, including without limitation for research and marketing purposes. We do not use Portal Submission Data submitted about third parties for any purposes other than delivery of our Services.  

How do we disclose the information we receive? 

We share certain categories of Personal Data necessary for us to carry out our internal operations and as necessary to provide our Services. These categories include your contact and registration information, financial and transaction information, and your technical and Kodex Service usage information. The categories of third parties with whom we may share such Personal Data include our service providers, suppliers, business partners, affiliates and professional advisors, as well as law enforcement.

We may disclose personal information with third parties in the following situations: 

  • As required by law, such as with our professional advisors, lawyers, insurers, regulators and other authorities, or as we think necessary to protect our organization or others (e.g., in response to a court order or subpoena, in response to a law enforcement agency request, or when we believe that someone is causing, or is about to cause, injury to or interference with our rights or property, or with the rights or property of another person or entity);
  • With third-party service providers, such as our suppliers, to carry out our business operations at Kodex’s direction (for example, credit card processing, analytics, website management, information technology and related infrastructure provision, customer service, e-mail delivery, auditing, and other similar service providers);
  • When we detect or reasonably suspect fraud on the Platform, with third parties to investigate and/or prevent future harm to ourselves and others. 
  • With Kodex customers and partners in order to enable identity verification of Kodex’s registered users.
  • If you are a government official, with the agency you are acting in the official capacity of.
  • With our marketing partners only in compliance with relevant data protection laws; 
  • If Kodex is merged, acquired, or sold, or if some or all of our assets or equity are transferred, in connection with the associated transactions. 

When third parties are given access to personal information, we will take appropriate contractual, technical and organizational measures designed to ensure that personal information is processed only to the extent that such processing is necessary, consistent with this Privacy Policy, and in accordance with applicable law.

Portal Communications. We do not disclose Portal Submission Data submitted about third parties for any purposes other than delivery of the services. We may share analytics based on aggregated or otherwise deidentified information about your use of the Platform via our Services.  

The Kodex Services may include links that take you to certain third party websites. We do not control any other third-party websites or activities and are not responsible for their privacy policies or operations. Please check the privacy policies of these other websites to learn how they collect, use, store and share information that you may submit to them or that they collect.

Your Choices

You may choose not to provide Kodex with Personal Information, or you may turn off cookies in your browser by changing its settings. If you make these decisions, you may continue to use our Services and our Sites. However, Kodex cannot provide most of our Services without Personal Information.

After registering for an account on our Site or App, you may log-in to the account and edit your personal information in your profile. For instructions on how you can further access your personal information that we have collected, or how to correct errors or inaccuracies in such  information, please send an e-mail to dataprotection@kodexglobal.com.

To protect your privacy and security, we will take reasonable steps to help verify your identity  before granting access, making corrections or removing your information. Again, please send  an e-mail to  dataprotection@kodexglobal.com  to make  your request. Please note that if you  request removal, we will stop using your Personal Information and will remove it from our  servers (unless we have a legitimate reason to keep  that information in light of the purpose for  which it was provided). 

Please note that we reserve the right to retain information (including personal information) about persons or entities who make false or fraudulent statements to us and/or who abuse or attempt to abuse the Kodex Services.

Data Retention

We will retain your Personal Data for as long as is reasonably necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your Personal Data for a longer period in the event of a complaint, we believe there has been fraud or abuse of Kodex Services, or if we reasonably believe there is a prospect of litigation in respect to our relationship with you. We store our logs and other technical records indefinitely (or where they contain personal data, for as long as we have a legitimate reason to keep that information in light of the purpose for which it was provided).

Data Security

We strive to make certain that our servers and connections incorporate encryption and security devices. We have implemented physical, electronic, and managerial procedures to safeguard and secure the information we collect. Credit card and personal information are transmitted by secure servers (TLS). In the event that we mail you documents, documents are delivered to you via UPS or similar overnight delivery services, the United States Postal Service, or email. Unfortunately, no data transmission is guaranteed to be 100% secure and we therefore cannot guarantee the security of information you transmit to or from the Site, Applications, or through the use of our services, and you provide this information at your own risk.

Supplemental U.S. State-Specific Notices

This supplemental notice sets forth the disclosures and rights applicable to residents of California, Colorado, Virginia, Connecticut, Nevada and Utah and other state privacy laws.  Such consumer privacy notices and rights shall also apply to other state residents to the extent other state consumer privacy laws are implemented following the last effective update to this Privacy Policy.

Kodex does not retain a consumer’s Personal Data for longer than is reasonably necessary for each disclosed purpose.

Other Potential Disclosures: Personal Data may also be disclosed to serve our legitimate business interests as follows: (a) as required by law, such as to comply with a subpoena, or similar legal process, (b) as part of a merger, acquisition, bankruptcy or other transaction in which a third party assumes control of all or part of the business, (c) to investigate, prevent, or take action regarding suspected or actual illegal activities or to assist government enforcement agencies as required by law; (d) enforce our agreements with you, and/or (e) investigate and defend ourselves against any third-party claims or allegations.

Sale of Personal Data; Sharing of Personal Data; Right to Opt-Out

Kodex does not and will not sell your Personal Data in the traditional sense. Kodex also does not sell data to third-party advertisers. However, some of the data disclosure necessary to provide Kodex’s Verification and Authentication services may be considered a “sale” / “sharing” under California (CCPA), Colorado (CPA) and other applicable U.S. consumer privacy laws. 

Kodex’s Verification and Authentication services allow companies who do not participate in the Kodex Portal to verify your identity utilizing your Kodex information. By sharing your Kodex information, these companies can more quickly process data requests while preventing fraud and abuse. Companies are not permitted to use shared information for any purpose other than authenticating users and securing their portals. Registered users can opt out of having data transmitted to customers of these services by emailing us at dataprotection@kodexglobal.com with the subject line “Do Not Sell or Share”.

Sensitive Information

The CCPA and other state laws also may allow you to limit the use or disclosure of your "sensitive personal information" (as defined in the CCPA) if your sensitive personal information is used for certain purposes. Please note that we do not use or disclose sensitive personal information other than for purposes for which you cannot opt out under the CCPA.

Consumer Rights

Consumers may contact Kodex directly to exercise the following consumer rights at no charge:

  • Request Kodex Disclose (“Right to Know”):
    • Specific pieces of personal information it has collected about you;
    • categories of Personal Data collected, used, and/or disclosed about you;
    • categories of sources from which Personal Data is collected;
    • business and/or commercial purposes for collecting and disclosing your Personal Data;
    • categories of third parties with whom your Personal Data has been disclosed/shared; and
  • Request Kodex to Delete (“Right to Delete”)
  • Request Kodex Correct (“Right to Correct”)

To request access or deletion of your Personal Data, please contact us dataprotection@kodexglobal.com with “Request for Privacy Information” in the subject line. Please include enough detail for us to locate your file to include your name, email address, and username, if any. After verifying your identity, we will provide you with the requested information within forty-five (45) days of receipt. We reserve our right not to respond to requests submitted to an address other than the one posted in this notice.

Verified Request Process

Kodex will verify all consumer requests prior to taking any action in response to such request. For consumers that maintain an account with Kodex, it may verify the identity of the consumer making the request by either matching information with the account information on file or through existing account authentication credentials.

Under applicable state law, you may exercise these rights yourself or you may designate an authorized agent to make these requests on your behalf. Authorized agents must demonstrate they have written authorization from you to make requests on your behalf. Kodex may additionally require the consumer to confirm their identity and verify the authorized agent’s permission before complying with any request.

Consumer Request Limitations

Please note that these rights are not absolute and in certain cases are subject to conditions or limitations as specified in the applicable state laws, including, but not limited to:

  • Kodex is obligated to disclose/delete only upon a verifiable Consumer request from the consumer or an authorized agent acting on behalf of Consumer.
  • Consumers may only make a personal information request twice in a 12-month period.
  • Deletion is not required if it is necessary for Kodex to maintain the Personal Data to fulfill applicable permissible purposes enumerated pursuant to applicable state consumer privacy laws.

Kodex will confirm and respond to all requests within the timeframe required under applicable state law. In responding to any request to disclose/delete, Kodex shall maintain a record of the requests as required under applicable state law.

Non-Discrimination Policy

You have the right not to receive discriminatory treatment for exercising any rights conferred by the CCPA and VCDPA. Kodex shall not discriminate against a consumer for exercising any statutory consumer privacy rights, including, but not limited to, (a) denying goods or services, (b) charging different prices or rates (including discounts/penalties) that is not directly related to the value provided to Kodex for the Personal Data, (c) suggesting Consumer will receive a different rate/price or different level of quality of goods/services, or (d) providing a different level of quality of goods/ services.

Employees, applicants and independent contractors have the right not to be retaliated against for the exercise of their CCPA rights.

Your Virginia Privacy Rights under VCDPA

If Kodex is unable to process requests relating to your Personal Data and denies your request, Virginia residents have the right to appeal by emailing Kodex at dataprotection@kodexglobal.com. Kodex will respond to your appeal request within 60 days of receiving the request to appeal.

Your California Privacy Rights under California Civil Code Section 1798.83 & Business and Professions Code Section 22581

California law permits Consumers to request and obtain from Kodex once a year, free of charge, certain information about their Personally Identifiable Information (“PII”) (as defined by California law) disclosed to third parties for direct marketing purposes in the preceding calendar year (if any). If applicable, this information would include a list of the categories of PII that was shared and the names and addresses of all third parties with which we shared information in the immediately preceding calendar year.

In addition, if you are a registered user of Kodex Services, you may request and obtain removal of content or information they have publicly posted. Your request should include a detailed description of the specific content or information to be removed. Please be aware that your request does not guarantee complete or comprehensive removal of content or information posted online and that the law may not permit or require removal in certain circumstances.

Contact Us

If you have any questions regarding your Personal Data or about our privacy practices, please contact us at: Kodex Inc. 68 Harrison Ave Ste 605 PMB 52241 Boston, Massachusetts 02111-1929, USA or by email at: dataprotection@kodexglobal.com.

Supplemental Notice for EEA, Switzerland, and UK individuals 

While Kodex is primarily based in the United States, the company maintains operations in Europe and may direct our Services, including our Platform, to individuals located in the European Economic Area (“EEA”), United Kingdom (“UK”), and Switzerland. The following disclosures apply to our processing of personal data in connection with our operations with these European individuals (“EU Users”). 

Legal Bases. Most commonly, we process Personal Data under the following legal bases:

  • Contractual commitments to you: Much of our processing of personal data is to meet our contractual obligations to our users, or to take steps at users’ requests in anticipation of entering into a contract with them. For example, we handle personal data on this basis to allow you to sign up for the Services.
  • Legitimate interests: In many cases, we handle personal data on the ground that it furthers our legitimate interests (or those of a third party) in ways that are not overridden by the interests or fundamental rights and freedoms of the affected individuals. Examples of this processing include providing security for our websites and the Services and preventing fraud on our Platform.
  • Legal compliance: We need to use and disclose personal data in certain ways to comply with our legal obligations (such as our obligation to disclose data to law enforcement or tax authorities).

Purpose/Activity 

Type of Personal Data 

Legal Basis for Processing

To register you as a new user, to confirm your identity, and to create and maintain your account

Name, email address, address, username,password, date of birth, and phone number, employer and/or law enforcement credentials

Performance of a contract

To process and deliver Kodex Services including:(a) Manage payments, fees and charges as relevant; and (b) Collect and recover money owed to us

Name, email address, address, payment details and transaction history.

Performance of a contract

Necessary for our legitimate interests (to recover debts due to us)

To manage our relationship with you which will include:(a) Notifying you about changes to our terms or Privacy Policy(b) Asking you to provide feedback

Name, email address, address, payment details and transaction history.

Necessary to comply with a legal obligation

Necessary for our legitimate interests (to keep our records updated and to study how the Kodex Services are used )

To deal with any enquiries, correspondence, concerns or complaints you have raised

Name, username, email address, and information about the issue raised

Legitimate interests – to allow us to respond and deal with any queries, correspondence, concerns or complaints raised by you

To administer and protect our business and the Kodex Services (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)

Name, username, email address, standard web log entries that contain your IP address, page URL, browser plug-in types and versions, device information and identifier, operating system information, and timestamp

Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise)

Necessary to comply with a legal obligation

To deliver relevant Kodex Service content and other materials to you and measure or understand the effectiveness of the materials we serve to you

Name, username, email address, standard web log entries that contain your IP address, page URL, browser plug-in types and versions, device information and identifier, operating system information, and timestamp

Necessary for our legitimate interests in providing Kodex Services and providing information about our business and Kodex Service enhancements

To use data analytics to improve Kodex Services and the user experience and users’ relationships with us, and to improve marketing of new or improved Kodex Services to existing users

Name, username, email address, standard web log entries that contain your IPaddress, page URL, browser plug-in types and versions, device information and identifier, operating system information, and timestamp

Necessary for our legitimate interests (to define types of customers for our products and Services, to keep Kodex Services updated and relevant, to develop our business and to inform our marketing strategy)

To verify the identities of our registered users and authenticate those identities to third parties 

Name, username, email address, address, password, date of birth, and phone number, employer and/or law enforcement credentials,  standard web log entries that contain your IP address, page URL, browser plug-in types and versions, Device Signals, operating system information, and timestamp


Necessary for our legitimate interests (to provide certain services within the Platform)

To make suggestions and recommendations to you about Kodex Services that may be of interest to you

Your name and email address

Consent, when required

Necessary for our legitimate interests in providing the Kodex Services and promoting our business

Data Subject Rights. If you are a European User, under the data protection laws that apply to you, you may contact us at dataprotection@kodexglobal.com to request that we:

  • Request access to your Personal Data (commonly known as a “data subject access request”)
  • Request corrections of the Personal Data that we hold about you. We may need to verify the accuracy of any new data you provide to us.
  • Request erasure of your Personal Data. We may not always be able to comply with your request of erasure for specific legal reasons of which we will notify you, if applicable, at the time of your request.
  • Object to processing of your Personal Data where we are relying on a legitimate interest (or those of a third party). In some cases, we may deny your objection if we can demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
  • Request the transfer of your Personal Data to you or to a third party via a structured, commonly used, machine-readable format
  • Withdraw consent for our use of your Personal Data for marketing purposes at any time 

If applicable, you may make a complaint to the data protection supervisory authority in the country where you are based. Alternatively, you may seek a remedy through local courts if you believe your rights have been breached.

In instances where we process personal information on behalf of our customer, rights requests should be directed to the relevant customer. Any request sent directly to us that pertains to information collected on behalf of a customer will be forwarded on to that customer.

International Data Transfers

Information submitted to Kodex will be transferred to, processed, and stored in the United States. Registered users may in certain cases request that files they upload to the Portal (“Data Files”) be stored in one of several locations supported by Kodex; for more information, please see our Data File Storage Policy. With the exception of such Data Files, any information you post or transfer through the Services will be hosted and accessed in the United States. Please note that the privacy laws of the United States may be different from those in the place where you are a resident. 

Where required, we will use appropriate safeguards for transferring data outside of the EEA, Switzerland, and the UK. This includes signing Standard Contractual Clauses that govern the transfers of such data, which may be used in conjunction with additional safeguards. For more information about these transfer mechanisms, please contact us at dataprotection@kodexglobal.com.

Children’s Privacy

Kodex’s Services do not permit registration by, and we do not knowingly collect information from, individuals under 18 years of age. If we discover that we have collected information from a user under the age of 18, we will take reasonable steps to delete it as soon as possible as required by law while retaining any data necessary to protect Kodex from legal, security, and other threats. This section does not apply to Portal Submission Information collected about third parties through the Kodex Portal. 

Changes to this Policy

Because our business needs may change over time, we reserve the right to modify this Privacy Policy. If at any time in the future we plan to use your Personal Data in a way that differs from this Privacy Policy, we will revise this Privacy Policy as appropriate. In the event of a material change to our Privacy Policy, we will notify you. Your continued use of the Kodex Services following our notice of changes to this Privacy Policy means you accept such changes. 
Our Contact Information

If you have any questions or concerns about this Privacy Policy, please contact our Data Protection Officer via e-mail at dataprotection@kodexglobal.com. You may also contact us at 

Kodex Inc. 68 Harrison Ave Ste 605 PMB 52241 Boston, Massachusetts

02111-1929, USA