Join the Codex Community

Stay updated when noteworthy statements are added.

Oops! Something went wrong while submitting the form.

Privacy Policy

Last updated: February 2026

1. Introduction

This Privacy Policy explains how Mission Codex ("we," "us," "our") collects, uses, stores, and protects your personal data when you visit and use our website at [yourdomain.com] ("the Platform").

We take your privacy seriously. This policy is written to be clear and honest about what we do with your data — not to obscure it in legal language.

If you have any questions about this policy or how we handle your data, please contact us at [your contact email].

We are the data controller for the purposes of UK GDPR and the Data Protection Act 2018.

2. What Data We Collect and Why

We collect personal data in three ways: automatically through your use of the site, through third-party tools we use to improve the platform, and directly from you when you provide it voluntarily.

2a. Data Collected Automatically (Analytics)

We use Google Analytics to understand how visitors use Mission Codex — which pages are visited, how long people spend on them, where traffic comes from, and how users navigate the site.

Google Analytics collects:

  • IP address (anonymised)
  • Browser type and version
  • Device type and operating system
  • Pages visited and time spent
  • Referring website or search query
  • General geographic location (country/city level)

This data is aggregated and used solely to improve the platform. We do not use it to identify individual users.

Legal basis: Legitimate interests (improving the platform and understanding user behaviour), subject to your cookie consent.

Google acts as a data processor on our behalf. You can learn more about how Google handles data at google.com/policies/privacy. You can opt out of Google Analytics tracking using the Google Analytics Opt-out Browser Add-on.

2b. Data Collected via Hotjar (User Experience Research)

We use Hotjar to understand how users interact with Mission Codex. Hotjar may collect:

  • Mouse movements, clicks, and scrolling behaviour (heatmaps)
  • Session recordings (anonymised — no personally identifiable information is captured)
  • Feedback responses, if you complete an optional Hotjar survey on the site

Hotjar does not capture passwords, payment details, or personally identifiable information. All recordings are anonymised before we review them.

Legal basis: Legitimate interests (improving usability and user experience), subject to your cookie consent.

You can opt out of Hotjar data collection at any time by visiting hotjar.com/legal/compliance/opt-out. For more information, see Hotjar's Privacy Policy at hotjar.com/legal/policies/privacy.

2c. Data You Provide — Newsletter Sign-Up

If you choose to subscribe to the Mission Codex newsletter, we collect:

  • Your email address
  • Your first name (if provided)

We use this solely to send you periodic newsletters about Mission Codex — including new features, platform updates, and insights about corporate mission trends. We will never use your email to send unsolicited commercial promotions or share it with third parties for marketing purposes.

Legal basis: Consent. You opt in explicitly when you subscribe, and you can withdraw that consent at any time.

Unsubscribing: Every newsletter we send includes an unsubscribe link. You can also email us at [your contact email] to be removed from the list. We will process all unsubscribe requests within 5 business days.

2d. Data You Provide — Mission Statement Submissions

If you submit a mission statement via our submission form, we collect:

  • Your first name
  • Your work email address
  • Company information you provide in the form

Your name and email are used only to follow up on your submission if we have questions, and to notify you if your submission is published. We do not add you to our newsletter mailing list without your separate, explicit consent.

Submission data is retained for as long as needed to process and review your request, after which contact details are deleted. Published company data (mission statement, company information) is retained as part of the platform database.

Legal basis: Legitimate interests (processing and verifying submissions) and, where applicable, consent.

3. Cookies

Mission Codex uses cookies — small text files stored on your device — to enable certain platform functions and to support our analytics and optimisation tools.

The cookies we use fall into three categories:

Strictly necessary cookies: Required for the site to function. These cannot be disabled.

Analytics cookies: Used by Google Analytics to collect usage data as described in Section 2a. These are only set with your consent.

Behaviour and optimisation cookies: Used by Hotjar as described in Section 2b. These are only set with your consent.

When you first visit Mission Codex, you will be shown a cookie consent banner that allows you to accept or decline non-essential cookies. You can update your preferences at any time via the cookie settings link in the footer of the site.

Most browsers also allow you to control cookies through your browser settings. Note that disabling certain cookies may affect your experience of the platform.

4. How We Store and Protect Your Data

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or disclosure.

Your data is stored on secure servers. Access to personal data is restricted to authorised personnel only. We use industry-standard encryption for data in transit.

Retention periods:

  • Analytics data: Retained in Google Analytics for 14 months, then automatically deleted
  • Newsletter subscriber data: Retained for as long as you remain subscribed, plus 30 days after unsubscribing
  • Submission contact data: Retained for 6 months after submission, then deleted
  • Published platform data (company information): Retained indefinitely as part of the platform, subject to takedown requests

5. Who We Share Your Data With

We do not sell, rent, or trade your personal data. We only share data with trusted third-party service providers who process it on our behalf, and only to the extent necessary to provide their services.

Our current data processors are:

Google LLC Analytics (Google Analytics) USA Link

Hotjar Ltd UX research and optimisation Malta / EU Link

All third-party processors are required to handle your data in accordance with UK GDPR. Where data is transferred outside the UK or EEA, appropriate safeguards are in place (including Standard Contractual Clauses where applicable).

6. Your Rights Under UK GDPR

Under UK data protection law, you have the following rights regarding your personal data:

Right of access: You can request a copy of the personal data we hold about you.

Right to rectification: You can ask us to correct any inaccurate or incomplete data.

Right to erasure: You can ask us to delete your personal data where we no longer have a lawful reason to hold it.

Right to restrict processing: You can ask us to limit how we use your data in certain circumstances.

Right to data portability: Where processing is based on consent or contract, you can request your data in a portable, machine-readable format.

Right to object: You can object to processing based on legitimate interests at any time. We will stop processing unless we can demonstrate compelling legitimate grounds.

Right to withdraw consent: Where processing is based on consent (e.g. newsletter subscription, analytics cookies), you can withdraw consent at any time without affecting the lawfulness of prior processing.

Right not to be subject to automated decision-making: Mission Codex does not use automated decision-making or profiling that produces legal or similarly significant effects.

To exercise any of these rights, contact us at [your contact email]. We will respond within one calendar month. We may need to verify your identity before processing your request.

If you are unsatisfied with how we handle your data or respond to a request, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's supervisory authority for data protection:

Website: ico.org.ukHelpline: 0303 123 1113

7. Children's Privacy

Mission Codex is not directed at children under the age of 13, and we do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it promptly.

8. Links to Other Websites

Mission Codex contains links to third-party websites, including company websites listed in our database. These sites have their own privacy policies and we are not responsible for their content or data practices. We encourage you to read their privacy policies before submitting any personal data to them.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or platform features. When we do, we will update the date at the top of this page.

For significant changes — particularly those that affect how we use your personal data — we will notify newsletter subscribers by email ahead of the change taking effect.

Continued use of Mission Codex after an update constitutes acceptance of the revised policy.

10. Contact and Data Controller Information

For any privacy-related questions, data subject requests, or concerns, please email us via our contact form.