Privacy Policy

Version 4.0 · Effective Date: 23 March 2026

Your privacy matters to us. This Privacy Policy explains what personal data we collect, why we collect it, how we use it, who we share it with and what rights you have. We have written this policy in plain language because we believe transparency means being understood, not just being disclosed.

Codex Vivendi is operated by VisSight AB, a company registered in Gothenburg, Sweden. We act as the data controller for your personal data under the EU General Data Protection Regulation (GDPR).

1. Data Controller

VisSight AB (operating Codex Vivendi)
Gothenburg, Sweden
Organization number: 559491-5323
Email: privacy@codexvivendi.org
Website: codexvivendi.org

For questions about this policy or your data, contact us at privacy@codexvivendi.org.

2. What Data We Collect

2.1 Data You Provide Directly

Account information: Email address, password (stored in hashed form), username (permanent, used in your profile URL), display name and full name.

Your Codex content (structured data): Life Principles (headings and elaborations), Identity tags, Favorites, Wisdom entries.

Community content (unstructured data): Forum posts, Group discussions and messages to other Contributors. This content is also included in the Aspirational Dataset (see Section 4).

Location information (voluntary): You may choose to enter your location (city, country or continent) using the Google Maps interface on your profile. This is entirely optional. If you provide location data, it is stored and used to understand the geographic diversity of the Contributor base and the Aspirational Dataset. You can remove or change your location at any time through your profile settings.

Payment information: If you make a donation or purchase a paid membership, payment is processed by PayPal. We receive confirmation of payment and your PayPal email address. We do not receive or store your credit card details, bank account numbers or other financial information.

Communications: Messages you send to us (support requests, feedback, moderation appeals).

2.2 Data Collected Automatically

IP address: We store your IP address when you use the Platform. This is used for security purposes (detecting abuse, preventing unauthorized access) and to understand the general geographic distribution of our Contributor base. IP addresses are personal data under GDPR (Recital 30; CJEU case C-582/14, Breyer v. Germany).

Analytics data: We use Matomo (self-hosted on our own servers) with cookieless tracking enabled. This means we collect anonymized usage statistics (pages visited, time spent, referral source, general geographic region) without placing any analytics cookies on your device. All analytics data is processed entirely on our own servers. No analytics data is sent to third parties.

Reference: matomo.org/faq/new-to-piwik/how-do-i-use-matomo-analytics-without-consent-or-cookie-banner/

Essential cookies: WordPress and BuddyBoss set session cookies that are necessary for the Platform to function (keeping you logged in after you choose to log in, maintaining your session). These cookies are classified as “strictly necessary” under the ePrivacy Directive (Directive 2002/58/EC, Article 5(3)) as interpreted by the European Data Protection Board, and do not require your consent.

Reference: EDPB Guidelines on consent and cookie exemptions under the ePrivacy Directive.

Server logs: Our hosting provider (Hostinger) collects standard server logs including IP addresses, browser type and access times as part of their hosting service. Hostinger’s own data practices are governed by their privacy policy (see Section 5).

2.3 Data We Do Not Collect

We do not collect:

Biometric data
Precise geolocation from your device (we only store location data you voluntarily enter)
Data from your social media accounts
Data from anyone under 18 years of age

3. Why We Process Your Data

Under the GDPR, we must have a lawful basis (a valid legal reason) for every way we handle your data. We rely on three primary reasons:

1. Contractual Necessity (Art. 6(1)(b)): Processing that is strictly required to provide the service you signed up for.

2. Legitimate Interest (Art. 6(1)(f)): Processing that helps us run and secure the Platform, balanced against your right to privacy.

3. Legal Obligation (Art. 6(1)(c)): Processing required by law, such as keeping financial records for the Swedish authorities.

Purpose	Data Used	Lawful Basis
Providing the Platform (creating your Codex and participating in the community)	Account info, Codex content, community content	Contractual Necessity
Creating the Aspirational Dataset (anonymizing and aggregating values for beneficial AI)	Anonymized Codex content and community content (structured and unstructured)	Contractual Necessity
AI-assisted analysis, categorization and recommendations	Codex content, community content	Contractual Necessity
Processing payments	PayPal email, payment confirmation	Contractual Necessity
Platform security	IP addresses, server logs	Legitimate Interest
Understanding geographic diversity	Voluntary location data, IP addresses	Legitimate Interest
Analytics (improving the Platform)	Anonymized usage statistics (Matomo, cookieless)	Legitimate Interest
Responding to support requests	Email address, message content	Contractual Necessity
Legal compliance (e.g. accounting)	As required	Legal Obligation

3.1 Why the Dataset Is a Contractual Necessity

Codex Vivendi is not a private digital notepad. It is a dual-purpose platform: a tool for your personal legacy and a contributor to a collective record for humanity.

When you create an account, you enter into an agreement to participate in this mission. The creation of the Aspirational Dataset is a fundamental, inseparable part of the service we provide. We cannot provide the Codex Vivendi experience (contributing to humanity’s record) without processing your anonymized contributions for the dataset. This includes both your Codex content (structured data) and your forum posts and group discussions (unstructured data).

This is disclosed to every Contributor before registration. If you do not agree with this purpose, we respect that, but Codex Vivendi may not be the right platform for you.

3.2 Legitimate Interest and Your Security

For tasks that are not part of the core service but are vital to keeping the Platform healthy, we rely on Legitimate Interest. We have balanced our interests against your privacy rights in each case:

Security: We store IP addresses to detect bots, prevent attacks and investigate abuse. Our interest in keeping the Platform safe for all Contributors is a high priority that we believe does not override your privacy rights, given the limited nature of the data and its security purpose.
Geographic diversity: We analyze IP addresses and voluntary location data to ensure our dataset represents a broad spectrum of human cultures, not just one region. This is essential to our mission of building a record for all of humanity. Location data entry is entirely voluntary and can be removed at any time. IP data is analyzed at a regional level, not used to track individual behavior.
Analytics: We use self-hosted, cookieless analytics (Matomo) to understand which parts of the site are helpful and which are confusing. Because this data is anonymized and never leaves our servers, we believe this is a proportionate and non-intrusive way to improve the Platform.

4. The Aspirational Dataset

Codex Vivendi is, by design, both a personal legacy tool and a contributor to beneficial AI development. Every Contributor participates in the Aspirational Dataset. This is not optional; it is a fundamental part of the service you signed up for (see Section 3.1). This is disclosed to every Contributor before registration.

4.1 What the Dataset Includes

The Aspirational Dataset is derived from two types of Contributor content:

Structured data: Your Codex content (Life Principles, Identity tags, Favorites, Wisdom entries). This data is organized in a defined format and is the primary component of the dataset.
Unstructured data: Your forum posts, group discussions and other community interactions. This data provides context, nuance and cross-cultural insight that enriches the structured data.

Together, these capture humanity in reflective mode: values articulated by people thinking about their legacy and discussing meaning, not reacting to feeds.

4.2 How Your Content Is Anonymized

Before any content enters the Aspirational Dataset, we apply anonymization measures. It is important to understand what this process can and cannot do.

What we remove (structured data): Your account information (name, email address, display name, identification numbers) is stored separately from your Codex content in our database. We strip this structured data before any content enters the dataset. Location data is generalized (city-level data may be generalized to country or region). The resulting content is aggregated with contributions from other Contributors and structured for analysis in a way that is not traceable to individual accounts.

What we cannot remove (unstructured content): Your Codex content, forum posts and group discussions enter the dataset as you wrote them, minus the structured account data linked to them. If you have written personally identifiable information within the body of your content (for example, “I, John Doe of 123 Maple Street, believe…”), that information will remain in the dataset. We do not alter, edit or rewrite your content as part of the anonymization process.

This is why the guidance in Section 4.4 matters. The most effective way to protect your privacy in the dataset is to avoid including identifying details in your content.

4.3 What You Can Do

Because the dataset uses anonymized data, individual entries cannot be identified or extracted after anonymization. This means:

You can request deletion of your account and all identifiable data at any time
Anonymized data that has already entered the dataset will remain, because it is no longer linked to you
You can minimize personal information in your contributions by following the guidance in Section 4.4

4.4 Important Notice

We strongly advise Contributors not to include personally identifiable information (such as full names of family members, home addresses, phone numbers or identification numbers) in their Life Principles, forum posts or other content. While we apply measures designed to strip structured account data, the most effective protection is not including identifying details in the first place. This applies to all content, both in your Codex and in community discussions. This is particularly important because your content may be anonymized and included in the Aspirational Dataset, where individual entries cannot be retroactively modified or removed.

5. Third-Party Data Processors

We use a limited number of third-party services to operate Codex Vivendi. Each processor handles your data only as necessary for the specific service they provide:

Processor	Purpose	Data Processed	Location	Their Policy
Hostinger	Website hosting	All Platform data stored on servers	United Kingdom	hostinger.com
PayPal	Payment processing	Payment details, email address	EU/US	paypal.com
Hostinger SMTP	Transactional emails	Email addresses, message content	United Kingdom	(same as above)
Google (Maps API)	Location input interface	IP address when map loads; location queries	EU/US	google.com
Matomo (self-hosted)	Analytics	Anonymized usage data (no personal data)	Our own server (UK)	Not applicable (self-hosted)

Each of our third-party processors is responsible for their own data practices as described in their respective privacy policies. We encourage you to review those policies if you have concerns about how a specific processor handles data.

We process data under the Standard Contractual Clauses and Data Processing Addendums provided by our third-party processors, as required by GDPR Article 28.

A note about WordPress plugins: Codex Vivendi runs on WordPress with several plugins. While we select plugins carefully and audit our site regularly, third-party plugins may introduce their own data processing. We conduct regular audits of our plugin stack for unexpected cookies, tracking scripts or data collection. When we discover unexpected processing, we either remove the plugin, configure it to comply, or update this policy to disclose the processing.

6. International Data Transfers

6.1 United Kingdom

Our hosting infrastructure (Hostinger) is located in the United Kingdom. Following Brexit, the UK is a “third country” under GDPR. However, the European Commission has issued an adequacy decision for the UK under Article 45 GDPR, meaning data transfers from the EU/EEA to the UK are currently permitted without additional safeguards. We monitor the status of this adequacy decision and will take appropriate measures if it is revoked or not renewed.

6.2 United States

Some of our processors may transfer data to the United States:

PayPal: May process payment data in the US. PayPal relies on Standard Contractual Clauses (SCCs) and other approved safeguards for such transfers.
Google (Maps API): When a Contributor uses the location input feature, Google receives their IP address and location queries. Google relies on SCCs and supplementary measures for EU-US data transfers. The Maps API is only loaded when a Contributor actively uses the location feature.

We do not transfer personal data to any country without appropriate safeguards in place as required by GDPR.

7. Cookies and Tracking

Last audited: 23 March 2026

7.1 Essential Cookies

Codex Vivendi uses essential cookies necessary for the Platform to function:

WordPress session cookies (to maintain your logged-in session)
BuddyBoss session cookies (for community features)

These cookies are classified as “strictly necessary” under the ePrivacy Directive (Directive 2002/58/EC, Article 5(3)) and do not require your consent. They exist only to provide the service you requested and are deleted when you close your browser or your session expires.

Reference: EDPB Guidelines on consent and cookie exemptions under the ePrivacy Directive.

7.2 Analytics Without Cookies

We use Matomo with cookieless tracking enabled. This means we collect anonymized usage statistics without placing any tracking cookies on your device. No consent banner is required for this configuration.

Reference: matomo.org/faq/new-to-piwik/how-do-i-use-matomo-analytics-without-consent-or-cookie-banner/

The CNIL (French data protection authority) has confirmed that Matomo in cookieless, self-hosted configuration can be used without consent.

7.3 Our Commitment and Its Limits

We do not intentionally use marketing, advertising or third-party tracking cookies. We do not participate in advertising networks. We do not track you across other websites.

Codex Vivendi runs on WordPress with multiple plugins, and despite our best efforts, third-party plugins may introduce unexpected cookies or tracking scripts. We address this through regular audits of our site’s cookie and tracking behavior (see “Last audited” date at the top of this section). When we discover unexpected processing, we either remove the source, configure it to stop, or update this policy to disclose it.

If you believe our site is setting cookies not described in this policy, please contact us at privacy@codexvivendi.org and we will investigate.

8. Data Retention

We retain your data for different periods depending on its type and purpose:

Data Type	Retention Period	Reason
Account information	Until you delete your account	Needed to provide the service
Codex content and community content	Until you delete the content or your account	Core Platform function
Location data (voluntary)	Until you remove it or delete your account	Geographic diversity analysis
IP addresses	12 months	Security and geographic analysis
Anonymized dataset contributions	Indefinitely	No longer personal data after anonymization
Server logs	90 days	Security and troubleshooting
Payment records	7 years after transaction	Swedish accounting law (Bokforingslagen)
Analytics data (Matomo)	26 months	Trend analysis

9. Your Rights Under GDPR

As a data subject under GDPR, you have the following rights. We will respond to any request within 30 days.

Right of access (Art. 15): You may request a copy of all personal data we hold about you.

Right to rectification (Art. 16): You may correct inaccurate personal data. You can edit your Codex content, location data and account information directly through the Platform.

Right to data portability (Art. 20): You may request your data in a structured, commonly used, machine-readable format. Codex Vivendi provides a data export feature.

9.1 Right to Restriction and Right to Object

Right to restriction (Art. 18) and right to object (Art. 21): You have the right to request restriction of processing or to object to processing based on legitimate interest. We will assess every such request individually.

However, we want to be transparent about the practical implications. Because the Aspirational Dataset is a contractual part of the Codex Vivendi service (not a secondary use of your data), there is no intermediate state between full participation and account deletion. If you object to dataset participation, the likely outcome is that we will need to terminate your account and delete all your identifiable data, since we cannot provide the service without this processing.

We will inform you of the outcome before taking action, and you will have the opportunity to export your data. Every Contributor is treated the same. There are no individual exemptions or partial participation arrangements.

Right to lodge a complaint: You have the right to lodge a complaint with the Swedish Authority for Privacy Protection (Integritetsskyddsmyndigheten, IMY) or the data protection authority in your country of residence.

Swedish Authority for Privacy Protection (IMY)
Website: www.imy.se
Email: imy@imy.se

10. Data Security

We implement appropriate technical and organizational measures to protect your personal data, including:

Encrypted data transmission (HTTPS/TLS)
Hashed password storage
Regular software updates and security patches
Access controls limiting who can view personal data
Regular backups

No system is perfectly secure. We are honest about that. If a data breach occurs that poses a risk to your rights, we will notify you and the relevant supervisory authority within 72 hours as required by GDPR.

11. Children’s Privacy

Codex Vivendi is not intended for anyone under 18 years of age. We do not knowingly collect personal data from minors. If we become aware that a Contributor is under 18, we will terminate the account and delete associated personal data promptly.

12. Platform Continuity and Shutdown

If Codex Vivendi ever needs to shut down, we will:

Provide at least 6 months advance notice to all Contributors
Keep the Platform’s data export feature available during the notice period so Contributors can download their own content
Transfer the anonymized Aspirational Dataset to a mission-aligned archive or institution
Delete all remaining personal data after the notice period

Contributors are responsible for exporting their own data during the notice period. We will provide instructions and support to make this process as straightforward as possible.

13. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

Post the updated policy on the Platform with a new effective date
Notify Contributors via email at least 30 days before changes take effect
Clearly summarize what has changed

Your continued use of Codex Vivendi after the effective date constitutes acceptance of the updated policy. If you disagree with a change, you may request account deletion before the new policy takes effect.

14. Contact

For any questions about this Privacy Policy, to exercise your GDPR rights, or to raise a concern about our data practices, contact us at:

VisSight AB (operating Codex Vivendi)
Gothenburg, Sweden
Privacy and data requests: privacy@codexvivendi.org
General support: support@codexvivendi.org
Website: codexvivendi.org

We aim to respond to all data-related inquiries within 30 days.