CopyCodeAI

Privacy Policy

Last updated: February 19, 2026

This policy explains how CopyCodeAI processes personal data when you use copycodeai.online. This website provides technical engineering services. It does not provide legal advice.

1. Data Controller

Controller: Aldo Gustavo Malasomma
Operating as: CopyCodeAI (independent engineering practice)
Location: Tallinn, Estonia
Contact: hello@copycodeai.online

2. Data We Process

  • Contact data you provide by email or scheduling request (for example: name, email, company, project notes).
  • Operational metadata generated by service providers needed to run the site securely (for example request logs).
  • Offer status data for promotional slots (non-customer counter data in Cloudflare KV).

No public contact form or account registration is active in v1.

3. Purposes and Legal Bases (GDPR Art. 6)

  • Responding to inquiries and pre-contract steps: Art. 6(1)(b).
  • Operating and securing the website infrastructure (security, abuse prevention, reliability): Art. 6(1)(f).
  • Keeping records where required by law: Art. 6(1)(c).

4. Data Sources

  • Directly from you (email, scheduling flow, project brief).
  • Technical data from hosting and infrastructure providers.

5. Recipients / Processors

  • Cloudflare (hosting and serverless infrastructure for Pages/Functions/KV).
  • Calendly (external scheduling provider; when you access their booking page, their privacy and cookie policies apply).
  • Email provider used to receive and manage inquiries.

Data is shared only when required to deliver the requested service or operate the site.

6. International Transfers

Some providers may process data outside the EEA. Where this happens, transfers are based on applicable GDPR mechanisms (for example, adequacy decisions or Standard Contractual Clauses).

7. Cookies and Tracking

This website does not use marketing cookies or third-party tracking scripts in v1. Infrastructure providers (such as Cloudflare) may process technical request data (e.g., IP address and request metadata) and may set strictly necessary security cookies to protect the site and prevent abuse. No profiling or behavioral tracking is performed. When you follow our scheduling link to Calendly, Calendly may set its own cookies according to its privacy policy.

8. Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, alteration, disclosure, or destruction. Measures include access controls, least-privilege handling of inquiry data, and data minimization.

9. Retention

  • Inquiry and pre-sales communications: retained as long as needed to handle your request and follow-up, and deleted or anonymized within 12 months if no commercial relationship begins (unless longer retention is required by law).
  • Operational and security logs: retained for the minimum period needed for reliability and security.
  • If a commercial relationship starts, retention may follow contract and legal obligations.

10. Your GDPR Rights

You may request access, rectification, erasure, restriction, portability, or object to processing where applicable. You may also withdraw consent where processing is based on consent.

To exercise your rights, contact hello@copycodeai.online.

11. Complaints

You have the right to lodge a complaint with a supervisory authority. If your main place of interaction is Estonia, this is the Estonian Data Protection Inspectorate (AKI).

12. Automated Decision-Making

This website does not perform automated decision-making that produces legal or similarly significant effects under GDPR Art. 22.

13. Policy Updates

This policy may be updated to reflect legal, technical, or operational changes. The latest version is published on this page with the update date.