CODELAND

Privacy Policy

Last updated: 22 April 2026 (v4)

Data controller

CodeLand is operated by Ian Cadle, trading as CodeLand. ICO registration: ZC130349. Contact: [email protected].

If you have concerns about how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO).

What we collect

  • Account data: Email, username, and hashed password if you register. If you sign in with Google, we receive your name, email, and profile picture URL from Google.
  • Profile data: Your chosen display name, avatar, and any bio information you provide. Your username and avatar are displayed publicly alongside your posts.
  • Discussion content: Posts, replies, votes, and reports you submit to our community discussions. This content is publicly visible and associated with your username.
  • Usage data: Pages visited, codes revealed, votes cast — used to improve the platform.
  • Submission data: Codes and referral links you submit.
  • IP hashes: We hash IP addresses for spam prevention and rate limiting. We never store raw IPs.
  • Cookies: Essential cookies for site functionality, plus optional analytics cookies with your consent. See our Cookie Policy for full details.
  • Push notification tokens: If you opt in to browser notifications, we store your push subscription endpoint to deliver notifications.

Age requirement: CodeLand is not intended for children under 13. We do not knowingly collect personal data from children under 13. If you are between 13 and 18, please ensure a parent or guardian has reviewed this policy.

Community discussions

CODELAND.UK includes community discussion features where users can post, reply, and vote on content. When you participate:

  • Your username and avatar are displayed publicly alongside your posts and replies.
  • Your posts may be automatically moderated using keyword filters, spam detection, and link safety checks to protect the community.
  • We use Google Web Risk API to check URLs shared in posts against Google's database of malicious websites. The URLs you share (not your personal data) are sent to Google for this safety check.
  • Your trust level (based on account age and community behaviour) affects rate limits and moderation thresholds.
  • Moderators may review, edit, or remove content that violates our community guidelines.
  • In rare cases, accounts engaging in persistent abuse may be shadow-banned (your posts are visible only to you) or banned.

Brand code submissions

If you represent a brand and submit a discount code or register a new brand via our submission forms, we collect:

  • Contact name and email: Used to verify your submission via email. Your email domain is checked against the brand's website domain to confirm you represent the brand.
  • Discount code and details: The code, description, discount type, and expiry date you provide.
  • Brand logo: If you register a new brand, we store the logo you upload.
  • Hashed IP address: Stored for rate limiting and fraud prevention. We never store your raw IP address.

Submitted data is retained while the code is active. For submissions that are not verified, expire, or are rejected, personal data (contact name, email, IP hash) is automatically anonymised after 30 days under our GDPR cleanup process.

Google sign-in

If you choose to sign in with Google, we receive your name, email address, and profile picture URL via Google OAuth 2.0. We use this only to create and authenticate your account. We do not access your Google contacts, files, or any other Google data.

Discord sign-in

If you choose to sign in with Discord, we receive your username, email address, and avatar via Discord OAuth 2.0. We use this only to create and authenticate your account. We do not access your Discord messages, servers, or any other Discord data.

Analytics

With your consent, we use Google Analytics 4 to understand how visitors use our site. This helps us improve the experience for everyone. Google Analytics collects:

  • Pages you visit and how long you spend on them
  • How you arrived at our site (search engine, direct link, etc.)
  • Your approximate location (country/city level)
  • Device and browser type

We have enabled IP anonymisation, meaning your full IP address is never stored by Google. Analytics data is only collected if you consent via our cookie banner. You can withdraw consent at any time by clearing your cookies or using the Google Analytics Opt-out Add-on.

CodeLand Saver browser extension

The CodeLand Saver Chrome extension helps you save money by showing available discount codes when you reach a checkout page. Here is what the extension accesses and why:

  • Current tab URL and page content: The extension reads the URL of shopping websites you visit to detect checkout pages and match the site to brands in our database. This data is processed locally in your browser and is not sent to our servers except as described below.
  • Brand matching: Your current domain is compared against a locally cached list of known brand domains (synced daily from codeland.uk). No browsing history is sent to our servers.
  • Checkout detection: When you reach a checkout page, the extension displays available discount codes in a panel for you to copy and paste. It does not read or store your payment details, personal information, or any form data.
  • AI chat messages: If you use the AI chat feature in the side panel, your messages are sent to our server (codeland.uk) which queries our database and forwards the query to a third-party AI service (Groq) for natural language processing. We do not store your chat messages beyond the duration of the request. Groq's privacy policy applies to their processing.
  • Affiliate links: Some discount codes or cashback offers shown by the extension may include affiliate links. When you use these, a cookie from our affiliate network (Awin) may be set. This is how we earn revenue to keep the service free. No personal data is shared with the affiliate network beyond what their standard tracking cookie collects.
  • Local storage: The extension stores settings, savings statistics, brand domain cache, and cashback activation records locally in your browser using Chrome's storage API. This data never leaves your device unless you use the AI chat or code reporting features.
  • Notifications: The extension may show notifications about cashback offers when you visit supported stores. You can disable these in the extension settings.
  • Cashback activation links: When cashback is available for a store, the extension may display an activation link. Clicking this link redirects you via our server (codeland.uk/go/cashback/...) to the third-party cashback provider (e.g. TopCashback). The redirect is logged anonymously for analytics. The cashback provider's own privacy policy applies once you reach their site.
  • Codes display: The extension displays available discount codes in a panel for you to copy and paste. No additional data is collected beyond the standard brand matching described above.
  • Host permissions: The extension uses optional host permissions, meaning it requests access to individual websites only when needed (e.g. when you visit a checkout page). You can grant or revoke site access at any time via Chrome's extension settings.

What the extension does NOT do:

  • Does not read or store your passwords, payment card details, or personal form data.
  • Does not track your browsing history or activity outside of shopping-related features.
  • Does not inject advertisements or modify page content beyond showing the discount codes panel.
  • Does not sell your data to third parties.
  • Does not run on excluded sites (cashback providers, banking sites, competitor extensions).

You can uninstall the extension at any time from chrome://extensions. All locally stored data is deleted when you uninstall.

What we don't do

  • We don't sell your data to anyone.
  • We don't use advertising or retargeting cookies.
  • We don't track you across other websites.
  • We don't share personal data with third parties except as described in this policy.

How we use your data

  • To provide and improve the CODELAND.UK service.
  • To prevent spam, abuse, and malicious content in our community.
  • To send transactional emails (account verification, password reset, brand submission verification, price alerts) if you opt in.
  • To send our newsletter if you subscribe (you can unsubscribe at any time).
  • To analyse site usage and improve performance (with your analytics consent).
  • To deliver push notifications if you opt in.

Lawful basis for processing

Under UK GDPR, we rely on the following lawful bases:

  • Contract (Art 6(1)(b)): Account creation, authentication, discussion participation, brand code submissions, AI chat feature, transactional emails.
  • Consent (Art 6(1)(a)): Google Analytics, newsletter, push notifications.
  • Legitimate interest (Art 6(1)(f)): Spam prevention, automated moderation, trust level profiling, affiliate tracking (to fund the free service), IP hashing for security, URL safety checks.

Where we rely on legitimate interest, we have conducted balancing tests to ensure our interests do not override your rights. You can request details by emailing [email protected].

International data transfers

Some third-party services we use process data outside the UK. Where personal data is transferred internationally, we ensure appropriate safeguards are in place as required by UK GDPR:

  • Google (USA): Analytics, OAuth, Web Risk — protected by UK Standard Contractual Clauses (SCCs).
  • Groq (USA): AI chat processing — protected by UK SCCs.
  • Cloudflare (USA/global): CDN, security, Turnstile — protected by UK SCCs.
  • Awin (Germany/EEA): Affiliate tracking — protected by UK adequacy regulations for the EEA.
  • Resend (USA): Email delivery — protected by UK SCCs.

You may request copies of transfer safeguards by contacting [email protected].

AI-generated content

Some content on CodeLand is generated or assisted by artificial intelligence:

  • Community bots: Some discussion accounts are AI-powered bots operated by CodeLand, clearly labelled with a bot badge. They post deal commentary and tips to support the community.
  • Brand descriptions: Some brand descriptions are generated using AI tools and reviewed for accuracy.
  • Extension AI chat: Responses in the CodeLand Saver extension chat are generated by third-party AI models and may contain inaccuracies.

Deal and code data sources

CodeLand aggregates discount codes and deals from multiple sources including user submissions, brand submissions, affiliate network feeds, and publicly available deal information.

Affiliate links

Some links on CODELAND.UK are affiliate links. When you click through and make a purchase, we may earn a commission. This does not affect what you pay. See our Affiliate Disclosure for details.

Third-party API access (ChatGPT and AI assistants)

We provide a public, read-only API that allows AI assistants (such as ChatGPT) to search and display our discount codes, cashback offers, and deals on your behalf. When you use CodeLand through an AI assistant:

  • No personal data is collected by CodeLand through the API. We do not receive your ChatGPT account details, conversation history, or any identifying information.
  • Only publicly available data is returned: brand names, discount code descriptions, cashback rates, and links to codeland.uk.
  • Actual discount codes are not shared via the API — users are directed to codeland.uk to reveal codes.
  • Standard rate limiting and anonymised logging applies to API requests.
  • Your use of ChatGPT or other AI assistants is governed by their own privacy policies and terms.

Third-party services

We use the following third-party services:

  • Cloudflare: CDN and DDoS protection. Processes requests to deliver our site securely.
  • Google Analytics: Site analytics (with consent only). See above for details.
  • Google OAuth: Optional sign-in via Google accounts.
  • Google Web Risk: URL safety checking for links shared in community posts.
  • Discord OAuth: Optional sign-in via Discord accounts.
  • Cloudflare Turnstile: CAPTCHA-free bot protection on forms (discussions, brand submissions). Turnstile may set cookies and use local storage to verify you are human. See Cloudflare's Privacy Policy.
  • Resend: Transactional email delivery (verification, password reset, brand submission confirmations).
  • Groq: AI inference provider for the CodeLand Saver extension's chat feature. Processes chat queries to generate natural language responses. See Groq's Privacy Policy.
  • Awin: Affiliate network. Sets tracking cookies when you use discount codes via our extension or click affiliate links. See Awin's Privacy Policy.

Your rights (UK GDPR)

You have the right to:

  • Access your personal data (Art 15)
  • Correct inaccurate data (Art 16)
  • Delete your account and data — right to erasure (Art 17)
  • Restrict processing in certain circumstances (Art 18)
  • Object to processing, including profiling (Art 21)
  • Withdraw consent for analytics or marketing at any time (Art 7)
  • Data portability — receive your data in a structured format (Art 20)
  • Not be subject to solely automated decision-making that significantly affects you (Art 22)

To exercise any of these rights, email [email protected]. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO).

Data retention

  • Account data: retained until you delete your account.
  • Discussion content: retained until you delete it or we remove it. Deleted content is soft-deleted and purged within 30 days.
  • Analytics data: retained by Google for 14 months (our configured retention period).
  • Moderation logs: retained for 1 year.
  • Spam logs: retained for 30 days.
  • Hashed IPs: not reversible, retained for spam prevention.
  • Brand submissions: active codes retained while live. Unverified, expired, or rejected submissions have PII anonymised after 30 days.

Changes to this policy

We may update this policy from time to time. Significant changes will be highlighted on our site. The “last updated” date at the top of this page shows when it was last revised.

Contact

CodeLand is operated by Ian Cadle, trading as CodeLand.
Email: [email protected]

ChatGPT
AI Code Finder

Can't find a code? Ask our ChatGPT bot — it searches thousands of brands and deals for you instantly.

Search now