CodalSearch this book — or all of Codal…⌘K
Projects
Sign inStart a book

Privacy Policy

Last updated: [Month Day, Year]

This Privacy Policy explains how Codal collects, uses, shares, stores, and protects personal information.

Codal is a platform for creating, reviewing, publishing, exporting, verifying, preserving, and printing books. This policy applies to Codal's website, application, APIs, and related services.

1. Content ownership and privacy distinction

Your books, manuscripts, images, metadata, source documents, translations, annotations, covers, and project files remain your content or your organization's content.

Codal processes that content to provide the service. Project content may contain personal information if you or your collaborators include it. You are responsible for making sure you have the right to upload, process, publish, export, or distribute personal information contained in your content.

2. Information we collect

We may collect the following categories of information.

Account information

  • name
  • email address
  • username
  • password hash
  • profile settings
  • organization membership
  • role and permission settings
  • authentication and session information

Project and collaboration information

  • projects you create or join
  • workspace activity
  • pages, changes, reviews, comments, issues, and release activity
  • contributor attribution and privacy settings
  • project metadata and publishing settings
  • public/private visibility settings

Content and files

  • manuscripts
  • images
  • source documents
  • scans
  • PDFs
  • EPUBs
  • covers
  • metadata
  • translations
  • OCR outputs
  • generated artifacts
  • package exports
  • verification files
  • preservation bundles

Technical and usage information

  • IP address
  • device and browser information
  • log data
  • pages viewed
  • actions taken in the application
  • error logs
  • performance logs
  • security events
  • cookie and session data

AI-related information

If AI features are enabled, we may process:

  • prompts
  • instructions
  • selected project context
  • AI outputs
  • sources consulted
  • AI run status
  • approval/rejection activity
  • audit logs

Communications

If you contact us, we may collect:

  • your name
  • email address
  • message contents
  • attachments
  • support history

3. How we use information

We use information to:

  • create and manage accounts
  • provide the Codal service
  • host and process projects
  • enable collaboration, review, publishing, export, and verification
  • generate EPUBs, PDFs, packages, metadata, preservation bundles, and print files
  • enforce permissions and access controls
  • provide support
  • improve performance and reliability
  • debug errors
  • secure the service
  • prevent abuse
  • comply with legal obligations
  • communicate with users
  • operate AI-assisted features when enabled

4. Public content

If you make a project or release public, public information may include:

  • title
  • byline
  • contributors or pseudonyms
  • project description
  • license
  • public pages
  • public releases
  • public metadata
  • OPID records
  • package links
  • OPDS/OAI metadata
  • errata
  • source/provenance information you publish

Public content may be viewed, downloaded, indexed, archived, mirrored, cited, or redistributed depending on your settings and license.

Do not publish content publicly unless you are authorized to do so.

5. How we share information

We may share information with:

Service providers

We may use vendors for hosting, storage, email, analytics, error logging, security, AI providers, payment processing, and infrastructure.

Organization administrators

If your account belongs to an organization, organization administrators may see information about your account, role, activity, and contributions within that organization.

Project collaborators

Project collaborators may see project content, comments, changes, reviews, contributors, and activity depending on their permissions.

Public viewers

Public project and release information is visible to anyone.

Legal and safety reasons

We may disclose information if we believe it is necessary to:

  • comply with law
  • respond to legal process
  • enforce our Terms or policies
  • protect rights, safety, or security
  • investigate abuse, fraud, or security incidents
  • respond to copyright or rights complaints

Business transfers

If Codal is involved in a merger, acquisition, financing, reorganization, sale of assets, or similar transaction, information may be transferred as part of that transaction.

6. AI providers

If AI features are enabled, selected project content, prompts, and instructions may be sent to AI providers to generate outputs.

We will use the provider settings configured for the service or account. AI provider use may be subject to separate provider terms and privacy practices.

Do not use AI features with confidential or sensitive information unless you are authorized to do so and understand the applicable account settings.

7. Cookies and similar technologies

Codal may use cookies and similar technologies for:

  • authentication
  • session management
  • security
  • preferences
  • analytics
  • performance
  • abuse prevention

You can control cookies through your browser settings, but disabling cookies may affect the service.

8. Data retention

We retain information as long as needed to provide the service, comply with legal obligations, resolve disputes, enforce agreements, maintain security, preserve audit logs, and support exports or published releases.

Project owners and organizations are responsible for managing project retention and exports.

Some information may remain in backups, audit logs, public releases, package exports, verification records, or preservation records even after deletion from active project views.

9. Security

We use reasonable administrative, technical, and organizational safeguards to protect information.

No system is completely secure. You are responsible for keeping your credentials safe, using appropriate permissions, and exporting/backing up content you need to preserve.

10. Your choices

Depending on your location and applicable law, you may have rights to:

  • access personal information
  • correct personal information
  • delete personal information
  • export personal information
  • object to or restrict certain processing
  • opt out of certain sharing or sales where applicable
  • withdraw consent where processing is based on consent

To make a request, contact:

[[email protected]]

We may need to verify your identity before responding.

11. California privacy notice

If the California Consumer Privacy Act, as amended, applies to Codal and to your information, California residents may have rights to know, access, correct, delete, and opt out of certain uses of personal information.

Codal does not sell personal information in the traditional sense. If we use advertising, analytics, or tracking tools that are considered "sharing" or "sale" under applicable law, we will provide required notices and choices.

12. EEA, UK, and international users

If GDPR-style laws apply, our legal bases for processing may include:

  • providing the service under a contract
  • legitimate interests such as security, reliability, support, and improvement
  • compliance with legal obligations
  • consent where required

If we transfer personal information internationally, we use appropriate safeguards where required.

13. Children

Codal is not directed to children under 13, and we do not knowingly collect personal information from children under 13.

If you believe a child under 13 has provided personal information to Codal, contact us at:

[[email protected]]

We may delete the information or take other appropriate action.

14. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. If changes are material, we will provide notice through the service, by email, or by updating the "Last updated" date.

15. Contact

Privacy questions or requests may be sent to:

[[email protected]]