Privacy Policy

Codex Vitae, Inc. Privacy Policy

Effective Date: August 3, 2025
Updated: March 2026

Codex Vitae, Inc. ("Codex Vitae," "we," "us," or "our") is committed to protecting your privacy and safeguarding the personal information you entrust to us. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our websites, mobile applications, and digital services (collectively, the "Services").

By using our Services, you consent to the practices described in this Privacy Policy.

1. Information We Collect

Information You Provide

When using our Services, you may voluntarily provide personal information, including:

Name, email address, and phone number
ZIP code and legal or professional role (e.g., attorney, hospice coordinator)
Profile image (optional)
Organization name, license number, and specialization (for professional partners)
Uploaded files, documents, and digital media
Responses to questions, directives, or onboarding flows

All vault uploads and stored digital media are protected using zero-knowledge encryption principles. Codex Vitae personnel do not have access to unencrypted content.

Information Collected Automatically

We automatically collect technical and usage-based information, including:

IP address, browser type, device identifiers, OS details
Access times, page interactions, navigation paths
Click and scroll behavior, form submissions
Session cookies and secure browser storage variables
Performance logs and diagnostic telemetry

This information is used to secure, optimize, and improve platform performance.

2. How We Use Your Information

We use collected information to:

Provide, maintain, and enhance the Codex Vitae platform
Facilitate user onboarding, uploading, organizing, and directive workflows
Execute authorized posthumous instructions (e.g., media delivery, account closure requests)
Verify professional partner credentials
Improve system performance, detect abuse, and prevent fraud
Conduct product testing, UX improvements, and feature rollouts
Support legally authorized representatives (e.g., attorneys or institutions)
Deliver service updates, educational content, and administrative notifications

We do not sell or rent personal information.

3. Content Safety and Legal Compliance

Codex Vitae employs automated safety systems to detect illegal content and protect platform integrity. These systems may include hash-matching technologies, automated image moderation, and risk-scoring pipelines.

Under United States law (18 U.S.C. §2258A), providers of online services are required to report apparent child sexual abuse material (CSAM) to the National Center for Missing and Exploited Children (NCMEC).

If our automated safety systems detect a match with known illegal material:

Access to the affected content may be restricted or blocked
Relevant information may be preserved for investigation
A report may be submitted to NCMEC's CyberTipline
Appropriate law enforcement authorities may be notified

These actions may occur automatically as required by law.

4. AI Systems and Automation

Codex Vitae uses proprietary AI-assisted technologies to support digital legacy organization and narrative modeling.

Key systems include:

SortiumOrana™: intelligent intake and metadata organization
CodexNarrum™: life-story narrative modeling
CodexGraph™: relationship and timeline modeling
DirectiveOS™: automated directive execution workflows

Additionally, limited AI tools may be used for:

metadata analysis
moderation label interpretation
system safety scoring

Our AI Principles

AI systems operate primarily on metadata or encrypted representations
AI systems do not train on private vault content
AI systems are designed to assist, not replace, human judgment
Users may opt out of non-essential AI metadata processing

5. Cookies and Local Storage

Cookies and browser storage are used for:

Secure authentication
Maintaining login sessions
Onboarding progress
Feature preferences
Plan selection
Security monitoring

Examples include:

codex-vitae-session
codex-vitae-selected-plan
codex-vitae-onboarding-*

Users may disable cookies, though some functionality may be limited.

6. Analytics and Platform Telemetry

To understand platform performance and improve user experience, we use analytics tools including:

Google Analytics 4
Microsoft Bing Webmaster Tools
Meta Pixel
LinkedIn Insight Tag
TikTok Pixel
Snapchat Pixel

Internal telemetry may also track:

Upload success rates
Directive completion rates
Onboarding progress
Platform performance metrics

These tools never access encrypted vault content.

7. Third-Party Services

We rely on carefully selected service providers to operate our infrastructure.

Infrastructure & Hosting

Railway: application hosting and deployment platform
Wasabi Technologies: encrypted object storage
Neon PostgreSQL: encrypted relational database
AWS Rekognition: automated image moderation labels
Cloud infrastructure providers supporting compute and networking

Communications

SendGrid: transactional email delivery
SMS authentication providers (when MFA is enabled)

Payments

Stripe: PCI-compliant payment processing

Codex Vitae never stores full payment card numbers.

Security Services

Google reCAPTCHA: bot detection
Automated abuse detection systems

Each provider is contractually required to maintain strong security and privacy standards.

8. Data Retention

We retain information only for as long as necessary to:

Maintain active accounts
Execute directives and vault functions
Comply with legal obligations
Protect platform security

Users may request deletion of their account and vault data at any time by contacting privacy@codexvitae.life.

Certain information may be retained if required for legal compliance or fraud prevention.

9. International Data Transfers

Codex Vitae operates primarily in the United States. When infrastructure providers process data internationally, protections may include:

Standard Contractual Clauses (SCCs)
GDPR safeguards
CCPA/CPRA compliance practices
Industry-standard encryption

Enterprise customers may request region-specific deployment options where available.

10. Children's Privacy

Codex Vitae services are intended for adults and authorized representatives. We do not knowingly collect personal information from children under 13. If such information is discovered, it will be deleted.

11. Your Privacy Rights

Depending on your jurisdiction, you may have the right to:

Access your personal information
Correct inaccurate information
Export your vault data
Delete your account and vault
Revoke previously granted permissions
Opt out of certain automated processing

Requests can be submitted to privacy@codexvitae.life. We typically respond within 30 days.

12. Data Security

Codex Vitae employs layered security protections including:

Zero-knowledge encryption architecture
Encrypted storage and databases
Strict access control and authentication systems
Audit logging and monitoring
Automated security scanning
Least-privilege infrastructure design

No system can guarantee absolute security, but we continuously improve our protections.

13. System Architecture Transparency

To ensure performance and reliability, the platform may utilize:

API-based application architecture
Secure server-side processing pipelines
Encrypted metadata caching during active sessions
Automated moderation pipelines
Safety and compliance evaluation systems

These mechanisms do not create additional categories of personal data collection.

14. Policy Updates

We may update this Privacy Policy periodically to reflect new features, infrastructure changes, or legal requirements. When material changes occur, users will be notified through email or in-platform notices.

15. Contact Us

Codex Vitae, Inc.
A Delaware Corporation
Phone: +1 (971) 238-3921
Email: privacy@codexvitae.life
Website: https://codexvitae.cloud

Certain platform features may be subject to provisional patent filings.