Legal

Privacy policy

Last updated: June 3, 2026

1. Scope of this policy

This privacy policy explains how Codex Systems collects, uses, and protects personal information through this website at systems.codexcorp.ca. It applies to visitors to the site and to people who contact us through it.

Engagements are governed separately. When you engage Codex Systems for paid consulting or managed services, our handling of your systems and data is governed by the services agreement we sign with you, not by this website policy. See “Acting as a service provider” below.

2. Who we are

Codex Systems is an operating company of Codex Corp, based in Vancouver, British Columbia, Canada. We provide IT infrastructure, cloud architecture and migration, AI integration, security and compliance, and DevOps and platform engineering services to business clients. For privacy matters, you can reach us at privacy@codexcorp.ca.

3. Information we collect

Information you give us

When you contact us through the site or begin an engagement, we collect the details you provide. This typically includes your name, email address, company or organization, and the requirements, questions, or messages you send us.

Information collected automatically

Website analytics. We use Google Analytics to understand how the site is used. This involves cookies and device information such as approximate location, browser type, pages viewed, and referring pages. See our Cookie Policy for details.
Theme preference. Your light or dark theme choice is stored in your browser’s local storage under the key codex-theme. It stays on your device and is not transmitted to us.
Device and connection information. Standard technical data such as IP address, browser, and operating system may be processed by our hosting and analytics providers to deliver and secure the site.

4. Acting as a service provider during engagements

During paid engagements, Codex Systems may access, operate on, and process systems, infrastructure, and data that belong to a client. In those cases we generally act as a service provider or data processor on the client’s behalf, handling that information only to deliver the agreed services.

Such processing is governed by the separate services agreement, statement of work, and confidentiality terms entered into for that engagement, including any data processing or security schedules. Where we act for a client, that client is responsible for the personal information within their systems and for the lawful basis on which it is handled. This website privacy policy covers the website itself.

5. How we use information

To respond to inquiries and communicate with you.
To scope, prepare, and deliver consulting and managed services.
To operate, maintain, secure, and improve this website.
To understand site usage through aggregate analytics.
To meet legal, regulatory, and contractual obligations.

6. Consent and legal bases

Under Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) and British Columbia’s Personal Information Protection Act (BC PIPA), we rely on your consent to collect, use, and disclose personal information, except where the law permits or requires otherwise. By submitting an inquiry, you consent to our use of that information to respond. For non-essential analytics cookies, we rely on the consent approach described in our Cookie Policy. You may withdraw consent at any time, subject to legal and contractual limits, by contacting us.

7. Sharing and service providers

We do not sell personal information. We share it only as needed to operate our business and deliver services, including with:

Google Analytics: website usage measurement.
Cloudflare Pages: hosting and content delivery for this site.
Cloud platforms and sub-processors: the infrastructure and tooling used to deliver services, as set out per engagement in the applicable services agreement.

We require our providers to protect personal information and to use it only for the purposes we specify. We may also disclose information where required by law or to protect our rights, users, or the public.

8. International transfers

Some of our providers operate or store data outside Canada, including in the United States and other jurisdictions. Where personal information is transferred across borders, it may be subject to the laws of those jurisdictions, and we take reasonable steps to ensure it remains protected by comparable safeguards.

9. Retention

We keep personal information only as long as needed for the purposes described here, to maintain our business records, and to meet legal and contractual requirements. Inquiry correspondence is retained for a reasonable period to support follow-up and recordkeeping, then deleted or anonymized.

10. Security

As an IT and security firm, we hold ourselves to a high standard. We apply administrative, technical, and physical safeguards appropriate to the sensitivity of the information, including:

Encryption of data in transit and, where appropriate, at rest.
Least-privilege and role-based access controls.
Strong authentication for access to systems and accounts.
Logging, monitoring, and timely patching of systems.
Confidentiality obligations for personnel and contractors.

No method of transmission or storage is completely secure, but we work continually to protect the information entrusted to us.

11. Your rights

Under PIPEDA and BC PIPA you have the right to:

Access the personal information we hold about you.
Request correction of inaccurate or incomplete information.
Withdraw consent, subject to legal and contractual limits.
Ask questions about how your information is handled.

To exercise these rights, contact privacy@codexcorp.ca. We may need to verify your identity before responding.

12. Children

This is a business-to-business website and is not directed to children. We do not knowingly collect personal information from children. If you believe a child has provided us information, please contact us so we can remove it.

13. Changes to this policy

We may update this policy from time to time. The “Last updated” date above reflects the current version. Material changes will be posted on this page, and continued use of the site after changes take effect indicates acceptance.

14. Contact and complaints

Codex Systems, an operating company of Codex Corp
Vancouver, British Columbia, Canada
Privacy: privacy@codexcorp.ca
Legal: legal@codexcorp.ca

If you have a concern we have not resolved, you may contact the Office of the Privacy Commissioner of Canada (OPC) at priv.gc.ca, or the Office of the Information and Privacy Commissioner for British Columbia at oipc.bc.ca.