A respectful policy readable by humans.


CodeStasis runs in secure datacenters in the EU. All data is encrypted in transit and at rest. CodeStasis is always served over HTTPS/SSL.


All our code is served from CodeStasis domains to prevent third-party tracking, except on payment pages where we must make an isolated exception.

To process payments we include Javascript required and served by Stripe. Using Stripe prevents CodeStasis from seeing your sensitive payment details.

By default we do not enable Cloudflare DDOS protection, but we may do so if necessary. Given how DDOS mitigation works your traffic may be seen and logged by Cloudflare (who has its own privacy policy).

We may experiment with Reddit Pixel for advertising.


We're only interested in how well our website and products work. We're not interested in snooping on you. We don't use Google Analytics or other third-party services.

We collect aggregated metrics from our short-lived server logs and basic analytics in-house. We don't keep IP addresses or personally identifying details. The most granular level of data we keep is at city and country level.


The cookies we ask your browser to store are:

If we need to enable Cloudflare, they may set additional cookies such as:


CodeStasis does not request or require a password. Log in is completed via a link sent to your registered email address and opened on the device where you want to log in.

Control over your data

You can:

Contact us for any of the above

Data breaches

If you find or become aware of a data breach or leak, please report it to

If there is a data breach, all users will be notified via email and notice will be posted on the website within 72 hours.