DRAFT — Not final. Effective date will be set upon publication.
Privacy Policy
Effective date: DRAFT • Last edited: September 28,
2025 • Provider: Code Communal, LLC (a Colorado, USA company)
Privacy at a Glance
No saleNo ad‑sharingEncryptedVetted access
Your data stays yours. We don’t sell your
information or share it for cross‑context ads. Customer content is
private, encrypted in transit and at rest, and access is limited to
fully vetted staff on a least‑privilege,
time‑bound, logged basis. You control your data. Your company
administrator can request export or deletion at any time.
Questions? Contact us →
Thank you for using 314.solutions (“we,” “us,” or
“our”). This Privacy Policy explains what information we collect, how
we use it, and your choices. It applies to our websites (including
314.solutions and subdomains) and to services, apps,
and products we operate (the “Services”). If you do not agree with
this Policy, please do not access or use the Services.
Our stance in short: We do not sell
personal information; we do not share it for cross‑context
behavioral advertising; and we treat Customer Content as
confidential, using it only to provide and improve the Services you
request.
1) Who we are
Controller: Code Communal, LLC (a Colorado, USA
company). For enterprise customers, we may act as a
processor of “Customer Content” (defined below) under
your instructions.
Contact: Please reach us via the form at
../#contactus.
2) Scope & definitions
-
Personal information (PI): Information that
identifies or can reasonably be linked to an individual.
-
Customer Content: Data you or your users upload to
or create in the Services (e.g., files, records, templates,
reminders, comments, and related metadata), excluding
administrative/account data.
-
Website Visitor: Anyone who visits our public
websites.
-
User: An account holder or authorized user of the
Services.
3) Information we collect
A. You provide
-
Account details (name, email, password or SSO identifiers),
organization, role, preferences.
- Support requests, feedback, and communications.
-
Billing information (processed by our payment provider; we do not
store full card numbers).
B. Customer Content (private)
Content you or your users upload, create, or store in the Services. We
process it solely to provide, maintain, secure, and improve the
Services; to troubleshoot; to prevent abuse; and to meet legal
obligations. We do not use Customer Content for advertising or to
build marketing profiles.
C. Automatically collected
-
Device/log data (browser, IP address, pages viewed, timestamps).
- Performance and diagnostics data.
-
Cookies for essential operations, security, preferences, and limited
analytics.
D. From third parties
-
SSO providers (e.g., Microsoft Entra ID) to authenticate users.
- Payment processors for subscriptions and invoicing.
- Service providers who host or support the Services.
4) How we use information
- Operate and improve the Services.
-
Authenticate accounts; secure the platform; prevent fraud/abuse.
- Provide support and respond to requests.
- Analyze usage to improve reliability and user experience.
-
Send operational notices (e.g., service changes, outages, security
updates).
- Comply with law and enforce agreements.
No sale or ad‑sharing. We do not sell personal
information or share it for cross‑context behavioral advertising.
5) Our commitments for Customer Content
-
Confidentiality: Processed only under your
instructions and our agreement.
-
Access controls: Limited to
vetted personnel under confidentiality, using
least‑privilege, time‑bound access. All privileged access is logged
and reviewed.
- Encryption: In transit (TLS) and at rest.
-
Isolation: Logical tenant separation and role‑based
access controls.
-
Subprocessors: Bound by data‑protection terms.
Current core providers:
-
DigitalOcean (USA region) — hosting and
storage.
-
CloudAMQP (on DigitalOcean in USA region) —
managed LavinMQ messaging.
-
SendGrid — email delivery.
We do not include tracking pixels or click‑tracking in our
emails.
6) Legal bases (EEA/UK/Switzerland)
Where required, we process personal data under: contract performance;
legitimate interests (e.g., security, improvement); consent (where
applicable, such as certain cookies); and legal obligations.
7) When we share information
-
Service providers (hosting, storage, email
delivery, analytics, support, payment processing).
-
Enterprise customers as controller when we act as
processor.
- Affiliates under common ownership.
-
Law/legal requests when required or to protect
rights/safety/service integrity.
-
Business transfers (merger, acquisition, financing,
or sale of assets) with continued protection.
8) Data retention
We retain personal information as needed to provide the Services and
comply with law. Customer Content retention follows your configuration
and our contract; after termination, we delete or return Customer
Content within a reasonable period, subject to legal requirements and
backups.
9) Security
- Encryption in transit and at rest.
-
Network and application security controls, logging, and
vulnerability management.
- Role‑based access and least‑privilege principles.
-
Employee training, confidentiality, and background checks for
relevant roles where permitted by law.
No system is 100% secure, but we continuously work to protect
information and prevent unauthorized access.
10) International transfers
We host primarily in the USA (DigitalOcean USA region). If data is
transferred internationally, we apply appropriate safeguards (e.g.,
Standard Contractual Clauses) and conduct transfer assessments where
required.
11) Your rights & choices
- Access, correct, or delete personal information.
-
Port data, object to/restrict certain processing, or withdraw
consent (where applicable).
-
Residents of certain U.S. states and EEA/UK/Switzerland have
additional rights under local law.
To exercise rights, please use the form at
../#contactus. We may need to verify your
identity and relationship to a customer account.
12) Cookies & analytics
-
We use essential cookies for sign‑in, security, and preferences.
-
We may use privacy‑respecting analytics; we do not use third‑party
ad trackers.
-
SendGrid: transactional email delivery only;
no tracking pixels or click‑tracking enabled.
13) Children’s privacy
The Services are not intended for children under 13 (or the minimum
age in your jurisdiction). We do not knowingly collect personal
information from children.
14) Third‑party links
Our sites may link to third‑party sites or services not operated by
us; their practices are governed by their own policies.
15) Changes to this Policy
We may update this Policy. We will post updates with a new effective
date and take additional steps where required by law.
16) Contact us
Use the form at ../#contactus.
Postal/legal address available upon request.
