Dudes That Code

Privacy Policy

Last Updated: November 30, 2025

1. Introduction

Dudes That Code ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, password, and profile photo
  • Profile Data: Professional information, skills, preferences, and role assignments
  • Project Information: Project details, requirements, milestones, and communications
  • Payment Information: Billing address and payment method details (processed securely by Stripe)
  • Communications: Messages, support tickets, email correspondence, and in-platform communications
  • Financial Data: Equity holdings, token transfers, revenue distributions, and payout information

2.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, time spent on platform, and interaction patterns
  • Device Information: Browser type, operating system, device identifiers, and IP address
  • Analytics Data: Performance metrics, error logs, and feature usage via Firebase Analytics and Google Analytics
  • Cookies: Authentication tokens, session data, preference settings, and analytics cookies
  • Performance Data: Page load times, API response times, and technical performance metrics via Firebase Performance Monitoring

3. How We Use Your Information

We use your information to:

  • Provide, maintain, and improve our services
  • Process transactions and send related information including invoices and receipts
  • Facilitate project collaboration, team management, and communication
  • Manage equity distributions and contractor payouts
  • Send administrative notifications, platform updates, and project alerts
  • Respond to support requests and customer inquiries
  • Monitor and analyze platform usage, performance, and user behavior
  • Detect, prevent, and address technical issues, security threats, or fraudulent activity
  • Comply with legal obligations and enforce our terms of service
  • Send marketing communications (with your consent)

4. Third-Party Services We Use

4.1 Firebase (Google Cloud Platform)

We use Firebase services for core platform functionality:

  • Firebase Authentication: Secure user authentication and session management
  • Cloud Firestore: Database storage for all platform data
  • Firebase Storage: File storage for documents, images, and attachments
  • Firebase Analytics: Usage analytics and user behavior tracking
  • Firebase Performance Monitoring: Application performance and error tracking
  • Firebase Cloud Messaging (FCM): Push notifications and in-app messaging

Firebase's privacy practices: firebase.google.com/support/privacy

4.2 Stripe (Payment Processing)

All payment transactions are processed by Stripe. We do not store complete credit card information.

  • PCI-DSS Compliance: All payment card data is processed in compliance with PCI-DSS Level 1 standards
  • Data Shared with Stripe: Billing information, transaction amounts, customer identifiers, and payout details
  • Stripe Connect: Used for contractor payouts and equity distributions

Stripe's privacy practices: stripe.com/privacy

4.3 SendGrid (Email Communications)

We use SendGrid to send transactional and operational emails:

  • Account verification and password reset emails
  • Project status updates and notifications
  • Invoice delivery and payment confirmations
  • Support ticket responses
  • Platform updates and announcements

SendGrid's privacy practices: twilio.com/legal/privacy

4.4 Google Analytics

We use Google Analytics to understand how users interact with our platform. This includes tracking page views, user flows, and engagement metrics. You can opt out of Google Analytics using the Google Analytics Opt-out Browser Add-on.

4.5 Twilio (Future SMS Communications)

We plan to implement SMS notifications via Twilio. When implemented, you will be able to opt in to receive text message notifications. See our Communications Policy for details.

5. Data Storage & Security

Your data is stored using Google Firebase, a secure cloud platform with enterprise-grade security:

  • Encryption: Data is encrypted in transit (TLS 1.2+) and at rest (AES-256)
  • Authentication: Firebase Authentication with secure password hashing (bcrypt)
  • Access Controls: Role-based access control (RBAC) and security rules
  • Monitoring: Continuous security monitoring, audit logging, and intrusion detection
  • Backups: Regular automated backups with point-in-time recovery
  • Infrastructure: Data centers with physical security and redundancy

While we implement industry-standard security measures, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

6. Cookies & Tracking Technologies

We use cookies and similar technologies for:

  • Essential Cookies: Authentication tokens, session management (required for platform functionality)
  • Preference Cookies: Theme settings, sidebar state, language preferences
  • Analytics Cookies: Google Analytics, Firebase Analytics (understand usage patterns)
  • Performance Cookies: Firebase Performance Monitoring (optimize load times)

You can control cookies through your browser settings, but disabling essential cookies will affect platform functionality. For detailed information, see our Cookie Policy.

7. Information Sharing & Disclosure

We may share your information with:

  • Service Providers: Firebase/Google, Stripe, SendGrid, and other trusted vendors who assist in operations
  • Project Collaborators: Team members, pod members, and contractors involved in your projects (as authorized by you)
  • Legal Requirements: When required by law, court order, subpoena, or to protect our rights
  • Business Transfers: In connection with any merger, acquisition, reorganization, or sale of assets
  • With Your Consent: When you explicitly authorize us to share information

We do not sell your personal information to third parties.

8. Data Retention

  • Active Accounts: Data is retained as long as your account is active
  • Financial Records: Transaction data, invoices, and tax documents retained for 7 years per US tax law requirements
  • Project Data: Retained for 3 years after project completion for warranty and support purposes
  • Communications: Email logs and support tickets retained for 2 years
  • Analytics Data: Aggregated and anonymized after 26 months (Google Analytics standard)
  • Deleted Accounts: Personal data deleted within 90 days of account deletion, except as required by law

You may request deletion of your account at any time, subject to legal retention obligations.

9. Your Rights & Choices

9.1 General Rights

You have the right to:

  • Access: Request a copy of your personal information
  • Correction: Update or correct inaccurate information via your profile settings
  • Deletion: Request deletion of your account and personal data
  • Data Portability: Receive your data in a machine-readable format (JSON)
  • Opt-Out: Unsubscribe from marketing communications
  • Object: Object to certain data processing activities
  • Restrict: Request restriction of processing in certain circumstances

9.2 California Residents (CCPA)

California residents have additional rights:

  • Right to know what personal information is collected, used, shared, or sold
  • Right to delete personal information held by us
  • Right to opt-out of the sale of personal information (we do not sell personal information)
  • Right to non-discrimination for exercising CCPA rights

9.3 European Users (GDPR)

EU/EEA residents have rights under GDPR:

  • Right of access to your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent at any time
  • Right to lodge a complaint with a supervisory authority

9.4 Exercising Your Rights

To exercise these rights, contact us at admin@dudesthatcode.com. We will respond within 30 days for general requests, or within applicable legal timeframes for GDPR/CCPA requests.

10. International Data Transfers

Our services are operated from the United States. If you access our platform from outside the U.S., your information may be transferred to, stored, and processed in the United States and other countries where our service providers operate.

Data transfers are protected by appropriate safeguards, including Standard Contractual Clauses approved by the European Commission for transfers from the EU/EEA. By using our services, you consent to this transfer.

11. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If you become aware that a child has provided us with personal information without parental consent, please contact us at admin@dudesthatcode.com, and we will take steps to delete such information.

12. Push Notifications

We use Firebase Cloud Messaging (FCM) to send push notifications about:

  • Project updates and milestone completions
  • New messages and support ticket responses
  • Payment confirmations and payout notifications
  • Security alerts and account changes
  • Team collaboration requests

You can manage notification preferences in your account settings or through your browser/device settings. Disabling notifications may affect your ability to receive timely updates.

13. Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature. Our platform does not currently respond to DNT signals. We track usage data to improve our services, but you can control cookie settings through your browser preferences.

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes by:

  • Posting the new policy on this page with an updated "Last Updated" date
  • Sending an email notification to your registered email address
  • Displaying a prominent notice on the platform

Your continued use of our services after changes constitutes acceptance of the updated policy. We encourage you to review this policy periodically.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices:

Dudes That Code

Administrative Inquiries: admin@dudesthatcode.com

General Support: support@dudesthatcode.com