Privacy Policy

At Codebrand, we are deeply committed to protecting the privacy and security of our website visitors, clients, and service users. This Privacy Policy explains in detail how we collect, use, share, store, and protect personal information through our website https://codebrand.es and all related digital services.

By using our website or services, you acknowledge that you have read and understood this Privacy Policy and consent to the practices described herein.

1. Information We Collect

We collect various types of information to provide and improve our services. The information we collect falls into the following categories:

1.1 Information You Provide Directly

When you interact with us, use our services, or communicate with us, you may voluntarily provide:

• Contact Information: Full name, email address, phone number, physical address
• Business Information: Company name, job title, industry, business size
• Project Details: Project requirements, specifications, preferences, goals, and budget
• Account Information: Username, password (encrypted), profile information
• Communication Records: Messages, emails, phone call records, comments, and feedback
• Payment Information: Billing address, payment method details (processed securely through third-party payment processors)
• Content and Files: Documents, images, videos, logos, and other materials you share with us for project delivery

1.2 Information Collected Automatically

When you visit our website, we automatically collect certain information through cookies, web beacons, and similar technologies:

• Device Information: IP address, device type, operating system, browser type and version
• Usage Data: Pages visited, time spent on pages, click patterns, navigation paths
• Referral Information: Source of traffic, referring website or search engine
• Location Data: Approximate geographic location based on IP address
• Technical Data: Screen resolution, language settings, time zone

1.3 Information from Third-Party Sources

We may receive information about you from third-party sources, including:

• Social media platforms (if you connect your accounts)
• Business partners and referral sources
• Public databases and data enrichment services
• Analytics providers and marketing platforms

2. How We Use Your Information

We use the collected information for various legitimate business purposes:

2.1 Service Delivery and Performance

• Providing, operating, and delivering our digital services and projects
• Processing transactions and managing payments
• Communicating with you about projects, deliverables, and timelines
• Providing customer support and technical assistance
• Managing user accounts and authentication
• Sending service-related notifications and updates

2.2 Service Improvement and Development

• Analyzing usage patterns to improve website functionality
• Developing new features and services
• Conducting research and analytics
• Testing and troubleshooting technical issues
• Optimizing user experience and interface design

2.3 Marketing and Communications

• Sending newsletters, promotional materials, and special offers (with your consent)
• Conducting marketing campaigns and measuring their effectiveness
• Personalizing marketing content based on your interests
• Sending surveys and requesting feedback

2.4 Legal and Security Purposes

• Complying with legal obligations and responding to legal requests
• Protecting against fraud, abuse, and security threats
• Enforcing our Terms and Conditions
• Resolving disputes and preventing prohibited activities
• Protecting the rights, property, and safety of Codebrand, our users, and the public

3. Legal Basis for Processing Personal Data

We process your personal data based on the following legal grounds:

• Consent: You have given clear consent for us to process your personal data for specific purposes (e.g., marketing communications, cookies)
• Contract Performance: Processing is necessary to fulfill our contractual obligations to you (e.g., delivering services you've purchased)
• Legal Obligation: Processing is required to comply with applicable laws and regulations
• Legitimate Interests: Processing is necessary for our legitimate business interests (e.g., fraud prevention, security, service improvement), provided such interests are not overridden by your data protection rights
• Vital Interests: Processing is necessary to protect your vital interests or those of another person

4. How We Share Your Information

We do not sell your personal information to third parties. However, we may share your information in the following circumstances:

4.1 Service Providers and Business Partners

We share information with trusted third-party service providers who assist us in operating our business:

• Hosting and Infrastructure: Cloud hosting providers, content delivery networks (CDNs)
• Payment Processors: Secure payment gateways and financial institutions
• Communication Tools: Email service providers, messaging platforms, video conferencing tools
• Analytics and Marketing: Website analytics, marketing automation, advertising platforms
• Project Management: Collaboration tools and project tracking platforms
• Professional Services: Legal advisors, accountants, auditors

These service providers are contractually obligated to protect your data and use it only for the purposes we specify.

4.2 Legal and Regulatory Requirements

We may disclose your information when required by law or in response to:

• Court orders, subpoenas, or other legal processes
• Government or regulatory requests
• Law enforcement investigations
• Legal claims or disputes

4.3 Business Transfers

In the event of a merger, acquisition, reorganization, or sale of assets, your personal information may be transferred to the acquiring entity. We will notify you of any such change in ownership or control of your personal data.

4.4 With Your Consent

We may share your information with other parties when you give us explicit permission to do so.

5. International Data Transfers

Codebrand operates from Honduras and serves clients globally. Your personal data may be transferred to, stored, and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your jurisdiction.

When we transfer personal data internationally, we ensure appropriate safeguards are in place:

• Standard contractual clauses approved by relevant data protection authorities
• Adequacy decisions recognizing equivalent data protection standards
• Privacy Shield frameworks (where applicable)
• Binding corporate rules and data processing agreements

We take all reasonable measures to ensure that your data receives an adequate level of protection consistent with this Privacy Policy and applicable data protection laws.

6. Your Privacy Rights

Depending on your location and applicable data protection laws, you have the following rights regarding your personal data:

6.1 Right to Access

You have the right to request a copy of the personal data we hold about you. We will provide this information in a commonly used electronic format.

6.2 Right to Rectification

You can request correction of inaccurate or incomplete personal data.

6.3 Right to Erasure ("Right to be Forgotten")

You can request deletion of your personal data in certain circumstances, such as when:

• The data is no longer necessary for the purposes for which it was collected
• You withdraw consent and there is no other legal ground for processing
• You object to processing and there are no overriding legitimate grounds
• The data has been unlawfully processed

6.4 Right to Restriction of Processing

You can request that we limit how we use your data in certain situations, such as when you contest the accuracy of the data.

6.5 Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, machine-readable format and transmit it to another data controller.

6.6 Right to Object

You can object to processing of your personal data based on legitimate interests or for direct marketing purposes.

6.7 Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw that consent at any time.

6.8 Right to Lodge a Complaint

You have the right to lodge a complaint with a data protection supervisory authority if you believe your rights have been violated.

To exercise any of these rights, please contact us at info@codebrand.es. We will respond to your request within 30 days.

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal, accounting, or reporting requirements.

Retention periods vary based on data type:

• Account Data: Retained for the duration of your account plus 3 years after account closure
• Project Files and Communications: Retained for 5 years after project completion for legal and warranty purposes
• Financial Records: Retained for 7 years to comply with tax and accounting regulations
• Marketing Data: Retained until you opt-out or withdraw consent
• Website Analytics: Aggregated data retained indefinitely; individual data retained for 26 months
• Security Logs: Retained for 12 months for security and fraud prevention

When data is no longer needed, we securely delete or anonymize it in accordance with industry best practices.

8. Information Security

We implement comprehensive technical, administrative, and physical security measures to protect your personal data against unauthorized access, accidental loss, destruction, or damage.

8.1 Technical Safeguards

• Encryption: SSL/TLS encryption for data transmission; encryption at rest for sensitive data
• Secure Authentication: Password hashing, multi-factor authentication options
• Firewalls and Intrusion Detection: Network security monitoring and threat prevention
• Regular Security Audits: Vulnerability assessments and penetration testing
• Secure Development: Security best practices in code development and deployment

8.2 Administrative Safeguards

• Access Controls: Role-based access; principle of least privilege
• Employee Training: Regular security and privacy awareness training
• Confidentiality Agreements: All employees and contractors sign NDAs
• Incident Response: Documented procedures for data breach notification and response
• Vendor Management: Due diligence and security requirements for third-party service providers

8.3 Physical Safeguards

• Secure office facilities with access controls
• Secure disposal of physical documents containing personal data
• Environmental controls for server equipment

Important Notice: While we implement robust security measures, no system is 100% secure. We cannot guarantee absolute security of data transmitted over the Internet. You transmit data at your own risk and are responsible for maintaining the confidentiality of your account credentials.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your browsing experience, analyze website traffic, and deliver personalized content.

9.1 Types of Cookies We Use

• Essential Cookies: Necessary for website functionality; enable core features like security, network management, and accessibility
• Performance Cookies: Collect information about how visitors use our website; help us improve website performance
• Functionality Cookies: Remember your preferences and choices; provide enhanced, personalized features
• Targeting/Advertising Cookies: Track your browsing habits; deliver relevant advertisements; measure campaign effectiveness

9.2 Managing Cookies

You can control cookies through your browser settings. Most browsers allow you to:

• View and delete cookies
• Block third-party cookies
• Block cookies from specific websites
• Block all cookies
• Delete all cookies when you close your browser

Please note that blocking certain cookies may impact website functionality and your user experience.

9.3 Third-Party Analytics and Advertising

We use third-party analytics services (such as Google Analytics) and advertising platforms. These services use cookies to collect data about your website usage and may combine this with data from other websites you visit.

10. Children's Privacy

Our services are not intended for children under the age of 18. We do not knowingly collect personal information from children. If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at info@codebrand.es, and we will take steps to delete such information from our systems.

11. Third-Party Links and Services

Our website may contain links to third-party websites, applications, or services that are not owned or controlled by Codebrand. This Privacy Policy does not apply to third-party sites.

We are not responsible for the privacy practices of third-party websites. We encourage you to review the privacy policies of any third-party sites you visit. Clicking on third-party links or enabling third-party connections may allow these parties to collect or share data about you.

12. Marketing Communications and Opt-Out

We may send you marketing communications if you have:

• Provided your consent to receive marketing materials
• Purchased or inquired about our services (legitimate interest)
• Not opted out of receiving such communications

You can opt-out at any time by:

• Clicking the "unsubscribe" link in any marketing email
• Updating your communication preferences in your account settings
• Contacting us directly at info@codebrand.es

Please note that even if you opt-out of marketing communications, we may still send you service-related, transactional, or administrative messages.

13. Data Breach Notification

In the unlikely event of a data breach that affects your personal information, we will:

• Notify affected individuals within 72 hours of becoming aware of the breach (where required by law)
• Inform relevant supervisory authorities as required
• Provide details about the nature of the breach, the data affected, and steps we're taking to address it
• Offer guidance on steps you can take to protect yourself
• Take immediate action to contain and remediate the breach

14. Changes to This Privacy Policy

We reserve the right to update this Privacy Policy at any time to reflect changes in our practices, technology, legal requirements, or other factors.

When we make material changes:

• We will update the "Last Updated" date at the top of this policy
• We will notify you via email if you have an active account
• We may display a prominent notice on our website
• We may seek your renewed consent if required by applicable law

Continued use of our services after changes indicates your acceptance of the updated Privacy Policy. We encourage you to review this policy periodically.

15. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

• Right to Know: Request disclosure of personal information collected, used, and shared
• Right to Delete: Request deletion of personal information
• Right to Opt-Out: Opt-out of the sale of personal information (we do not sell personal information)
• Right to Non-Discrimination: Receive equal service and pricing regardless of exercising privacy rights

To exercise these rights, contact us at info@codebrand.es or call +504-3272-2973.

16. European Union (GDPR) Compliance

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR), including those outlined in Section 6 of this policy.

Our lawful basis for processing your data includes:

• Your consent
• Performance of a contract
• Legitimate interests
• Compliance with legal obligations

You have the right to lodge a complaint with your local data protection authority if you believe we have not complied with applicable data protection laws.