How CodeByZeno collects, uses, and protects your information. Short version: we use only what's needed, and we never sell it.
CodeByZeno ("we", "us", "our") is a digital product agency building web applications, SaaS platforms, and mobile experiences for businesses in India and the GCC region. Our principal place of business is Kuwait, and we serve clients across India, UAE, Saudi Arabia, Qatar, Bahrain, Kuwait, and Oman.
This Privacy Policy applies to the CodeByZeno website (codebyzeno.com and any subdomain thereof), our website audit tool, our contact forms, and any associated services.
We collect information in two ways: information you give us directly, and technical data collected automatically.
| Data Point | Source | Required? |
|---|---|---|
| Name | Audit tool lead form, contact form | Yes |
| WhatsApp number | Audit tool lead form, contact form | Yes |
| Email address | Contact form | Yes (contact form only) |
| Website URL | Audit tool — the URL you submit for scanning | Yes (audit tool only) |
| Audit scores | Generated automatically from your submitted URL | Automatic |
| Project type / Country | Contact form dropdowns | No (optional) |
| Project brief / Message | Contact form textarea | No (optional) |
| IP address & browser info | Server logs (Supabase infrastructure) | Automatic |
We do not collect payment information, government IDs, or sensitive personal data. We do not require an account to use the audit tool.
We use collected data strictly for the following purposes:
All lead and contact data is stored in a Supabase PostgreSQL database hosted on AWS infrastructure (EU West region). Supabase is SOC 2 Type II certified.
Data stored includes: name, WhatsApp number, submitted URL, audit scores (JSON), and timestamp. Your email (if provided via contact form) is stored in a separate table with restricted access.
The database is protected by row-level security (RLS) policies. Anonymous users can only insert records — they cannot read other users' data. Read access requires authenticated credentials held only by CodeByZeno team members.
We do not sell, rent, or trade your personal information. Period.
We share limited data only with the following service providers, strictly to operate our service:
We may disclose data if required by law, court order, or to protect the rights and safety of CodeByZeno or others. We will notify you where legally permissible.
Our website uses minimal cookies. We do not use advertising cookies, tracking pixels, or third-party analytics platforms (such as Google Analytics or Facebook Pixel).
/admin.html as an authenticated team member.You can disable cookies in your browser settings without affecting the public audit tool or contact form functionality.
Lead records (name, WhatsApp, URL, scores) are retained for 24 months from the date of submission. After this period, records are permanently deleted from our database.
Contact form submissions are retained for 12 months unless you request earlier deletion or we are in an active project engagement with you.
Server logs (IP addresses, request metadata) are retained for 30 days on Supabase infrastructure before automatic deletion.
Depending on your country of residence, you may have the following rights regarding your personal data:
These rights apply to users in the EU/EEA (GDPR), India (DPDP Act 2023), UAE (PDPL), and other jurisdictions with applicable data protection law.
To exercise any of these rights, contact us at hello@codebyzeno.com. We will respond within 30 days.
We implement the following technical safeguards:
While we take reasonable precautions, no system is 100% secure. If you discover a security vulnerability, please disclose it responsibly to hello@codebyzeno.com.
Our services are intended for business owners, decision-makers, and professionals. We do not knowingly collect personal data from individuals under the age of 16. If you believe a child has submitted data through our site, contact us immediately and we will delete it.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make material changes, we will update the "Last Updated" date at the top of this page.
Continued use of our website after a policy update constitutes acceptance of the revised policy. If you disagree with changes, please discontinue use and contact us to request deletion of your data.
For any privacy-related questions, requests, or concerns, reach us through any of the channels below. We aim to respond within 2 business days.