Skip to Content

Security Policy

Last updated: May 2026

1. Our Security Approach

CodifyAI takes reasonable technical and organisational measures to protect our systems and customer data. Our security measures include:

  • Encrypted connections (HTTPS/TLS) for all web traffic
  • Regular security updates applied to hosted Odoo environments
  • Access control: production systems are accessible only to authorised CodifyAI personnel
  • Encrypted backup storage
  • Tenant isolation: each SaaS customer environment is isolated from others
  • Monitoring for unusual activity on hosted infrastructure

We do not guarantee that our systems are completely free from vulnerabilities. Security is an ongoing process and we are committed to addressing identified issues promptly.

2. SaaS Environment Security

For customers on managed SaaS plans:

  • Each tenant's Odoo database is logically isolated from other tenants
  • Database access requires valid credentials
  • CodifyAI staff may access your tenant environment only for maintenance, backup, security, and support purposes
  • Access by CodifyAI staff to tenant data is limited to what is technically necessary

3. Responsible Disclosure

If you discover a security vulnerability in our systems or services, please report it responsibly:

  • Email: [email protected] (or [email protected])
  • Include a clear description of the vulnerability and steps to reproduce it
  • Do not exploit the vulnerability beyond what is necessary to demonstrate it
  • Do not access, modify, or delete other customers' data
  • Allow us a reasonable time to investigate and fix the issue before public disclosure

We appreciate responsible disclosure and will work to acknowledge and address valid reports promptly.

4. Data Breach Notification

In the event of a personal data breach that poses a risk to individuals, CodifyAI will:

  • Notify affected customers without undue delay
  • Notify the relevant supervisory authority (ANSPDCP in Romania) within 72 hours where required by GDPR Article 33
  • Communicate the nature of the breach, likely consequences, and measures taken

5. Customer Security Responsibilities

Customers are responsible for:

  • Keeping their Odoo administrator credentials secure and confidential
  • Using strong passwords and enabling additional security measures where available
  • Managing user access within their tenant appropriately
  • Not sharing access credentials
  • Reporting suspected breaches or unauthorised access to CodifyAI promptly

6. Contact

Security concerns: [email protected]

Privacy concerns: [email protected]

Related pages: Privacy Policy · Data Processing Information · Acceptable Use Policy