STILL (“we”, “us”, “our”) is operated by MEKASO ENTERPRISES LTD, a company registered in England and Wales. This policy explains what personal data we collect, how we use it, and your rights under UK data protection law (UK GDPR and the Data Protection Act 2018).
Questions or requests: hello@thecodexyz.com.
Our legal bases are: performing our contract with you, your consent (which you can withdraw at any time), and our legitimate interests in running and improving the service.
We use trusted providers who process data on our behalf: Anthropic (the AI that generates readings), Supabase (database and account sign-in), Stripe (payments), and Netlify and Cloudflare (hosting and delivery). Some process data outside the UK, including in the US; where they do, appropriate safeguards are in place. We do not sell your data, and we do not use your reflections to advertise to you.
We keep your account data and readings while your account is active. You can ask us to delete your data at any time (see below); we will remove it unless we must keep certain records by law.
Under UK GDPR you have the right to access, correct, delete, or receive a copy of your data, to object to or restrict processing, and to withdraw consent. To exercise any of these, email hello@thecodexyz.com. You also have the right to complain to the Information Commissioner’s Office (ICO) at ico.org.uk.
We use encryption in transit, authenticated access, and reputable infrastructure providers to protect your data. No system is perfectly secure, but we take reasonable steps to safeguard it.
STILL is intended for adults (18+) and is not directed at children.
STILL stores some information in your browser (for example your session and preferences) so the app works. This is not used for advertising or cross-site tracking.
We may update this policy from time to time; we’ll post the new version here with an updated date.