Privacy Policy
Last updated June 2, 2026
Effective date: June 2, 2026 · Last updated: June 2, 2026
1. Who we are
Codel ("Codel," "we," "us," or "our") is operated by Taylor Fischer, an individual sole proprietor ("Operator"). You can reach us at taylorleefischer@gmail.com.
This policy describes how Codel collects, uses, and shares information when you create an account, connect a payment card, or exchange SMS messages with our service.
2. Information we collect
- Account information you provide directly: your email address, name, and mobile phone number.
- Authentication information: one-time login codes we generate to verify your email and phone, plus the timestamps of each verification.
- Transaction data retrieved on your behalf from your financial institutions through Plaid Inc., including transaction date, merchant name, amount, and the description returned by your card network. We do not store your bank or card login credentials; Plaid handles those directly.
- SMS interaction data: the contents of text messages you send to or receive from Codel, the phone number used, the timestamp, and the carrier-provided delivery status.
- Categorization data you create within the product: project lists, category codes, and the natural-language notes you reply with by SMS.
- Server logs (IP address, request path, user agent) collected automatically when you use the web app.
We do not intentionally collect information from children under 13; the service is intended for business cardholders and their team members.
3. How we use information
- To authenticate you and maintain your account.
- To text you when a new transaction is detected on a connected card, and to associate your reply with that transaction.
- To produce expense-coding outputs (categorized transactions, weekly reports) for you and the accountants you choose to share them with.
- To prevent fraud, debug, and improve the service.
- To comply with legal obligations.
4. SMS-specific terms (A2P 10DLC)
- Opt-in: you receive transactional text messages from Codel only after you (a) entered your mobile number in the signup flow, (b) actively checked the "I agree to receive expense-coding text messages from Codel" box, and (c) confirmed ownership of the number by entering a one-time verification code we texted you. No pre-checked consent is used.
- Message frequency is event-driven (one message per new transaction on your connected cards); message and data rates may apply at your carrier's standard rates.
- Opt-out: reply STOP to any Codel message to immediately stop further texts. Reply HELP for service information. We honor STOP, STOPALL, UNSUBSCRIBE, CANCEL, END, QUIT, and similar opt-out keywords.
- No third-party marketing sharing: we will not share your SMS opt-in information, phone number, or text-message contents with third parties or affiliates for their marketing or promotional purposes. This commitment is independent of any other sharing described in section 5.
5. How we share information
We share only what's necessary for the service to work:
- Plaid Inc. (transaction ingestion): our connection to your financial institution is brokered by Plaid under its own terms and privacy policy (https://plaid.com/legal/).
- Twilio Inc. (SMS delivery): your phone number and message text pass through Twilio's messaging infrastructure under its terms (https://www.twilio.com/legal/privacy).
- Anthropic PBC (AI categorization, once enabled): the contents of your SMS reply and your project/category list may be sent to Anthropic for the sole purpose of proposing a categorization, under Anthropic's commercial terms (https://www.anthropic.com/legal/commercial-terms).
- Hosting / infrastructure providers that run our servers and database.
- Legal compliance: we may disclose information if required by law, subpoena, or to protect rights, property, or safety.
We do not sell your personal information, and we do not share your personal information with third parties for their own marketing or promotional purposes. The only sharing we do is what is necessary to deliver the service, as itemized above (Plaid for transaction ingestion, Twilio for SMS delivery, Anthropic for AI categorization, and our hosting providers).
6. Data retention
We retain account, transaction, and SMS interaction data for as long as your account is active and for a reasonable period afterward to comply with legal obligations (typically up to 7 years for transactional records to support accountant review). You can request deletion at any time by emailing taylorleefischer@gmail.com; we will delete or anonymize data unless we are required to retain it.
7. Your rights
Depending on where you live, you may have the right to access, correct, delete, or port your personal information, or to object to certain processing. To exercise any of these rights, email taylorleefischer@gmail.com.
8. Security
We protect your information with encryption in transit (HTTPS) and industry-standard at-rest controls on our database. No system is perfectly secure; please use a strong, unique password and notify us immediately if you suspect your account has been compromised.
9. Changes to this policy
We may update this policy from time to time. Material changes will be communicated by email or by an in-app notice. Continued use of the service after changes constitutes acceptance.
10. Contact
Email taylorleefischer@gmail.com with privacy questions, deletion requests, or to exercise any right described above.