The short version
Your files remain your content. Codia processes uploads, prompts, design files, documents, screenshots, PDFs, and generated outputs to provide the product result you requested. We do not use private customer content to train, fine-tune, or improve AI models unless you explicitly opt in.
This page explains the practical commitments behind that statement: what we process, what we retain, which safeguards we use, and where to review the formal legal documents.
What counts as user content
User content includes the material you submit to Codia and the outputs generated from that material:
- Screenshots, images, PDFs, PSD/AI files, Office documents, Notion exports, URLs, and reference files
- Text prompts, design instructions, chat messages, and product settings
- Generated Figma designs, code, structured JSON, PowerPoint decks, edited images, and other outputs
- Saved projects and assets you choose to keep in your account
Account metadata, billing records, support messages, and security logs are handled under the Privacy Policy, but they are not used as creative training data.
AI training
Codia's default position is no private-content training.
We do not use your user content, prompts, uploaded files, or AI-generated outputs to train, fine-tune, or improve Codia models or third-party foundation models. Inputs are processed to generate the output you requested and are not added to a training corpus.
Aggregated operational metrics, such as request counts, latency, error rates, and product usage trends, may be used to keep the service reliable. These metrics are de-identified and do not contain your creative files, prompts, or generated outputs.
Ownership of files and outputs
You keep ownership of the content you upload. Codia does not claim ownership of your private files, brand assets, screenshots, documents, or prompts.
Outputs generated for you are yours to use, subject to the rights you already have in the input material and the Terms of Service. For example, if you upload a screenshot of a third-party interface, you are responsible for using the resulting design or code in a way that respects applicable rights and laws.
Retention
Retention depends on how you use the product.
Transient processing data is temporary working data used to complete a conversion or generation request. The Privacy Policy currently states that transient processing data is automatically deleted within 7 days after processing completes.
Saved projects and assets remain available for the life of your account unless you delete them. Account deletion and privacy deletion requests are handled through the processes described in the Privacy Policy.
Billing, tax, abuse-prevention, and security records may be retained for longer where required by law or needed to protect the service.
Security controls
Codia uses layered technical and operational controls to protect customer content:
- Encryption in transit for requests and responses
- Encryption at rest for stored files, databases, and backups
- Role-based internal access controls
- Production access limited to operational need
- Security and abuse monitoring
- Vulnerability scanning and infrastructure hardening
Enterprise teams can request security review materials, discuss retention requirements, and evaluate deployment or data-handling options before moving sensitive workflows into production.
Subprocessors
Codia uses subprocessors to operate the service, including infrastructure, payment processing, transactional email, and AI model providers. These subprocessors act on Codia's behalf under data-processing terms.
The current list is maintained in Subprocessors. For enterprise review, see the Data Processing Addendum.
Privacy rights and deletion requests
You can request access, correction, deletion, portability, or other privacy actions by following the instructions in the Privacy Policy. Codia verifies privacy requests before disclosing or deleting account information.
For privacy questions, contact [email protected]. For security questions, contact [email protected].
Where to review the full terms
This article is a readable overview. The controlling documents are: