Kodia Kodia ← Back to Home

Privacy Policy

Last updated: 22 December 2025

1. Who we are

Kodia is operated by MS2 Partners Sarl (CHE-240.674.424), Route de Lausanne 15, 1180 Rolle, Vaud, Switzerland ("Kodia", "we", "us").

Contact: contact@kodia.ch

This Privacy Policy explains how we process personal data in connection with the Kodia website and service. Kodia is a Swiss service and is primarily governed by Swiss data protection law (FADP / revDSG).

2. Language

If translated versions of this Privacy Policy are provided, the English version prevails in case of conflict.

3. Roles: your practice vs. Kodia

  • For account, billing, and service operation data, Kodia acts as the data controller.
  • For patient-related content you submit (e.g., clinical note inputs), your practice or billing service remains the controller, and Kodia processes that content as a processor solely to provide the service.

4. What we do not store

We are designed to minimize sensitive data:

  • We do not store the clinical note text you submit as input.
  • We do not store embeddings or vector representations derived from your clinical note input.

5. What we may store

We may store:

  • Account data: email address, hashed password, name (optional), language preference.
  • Practice data: practice/organization identifier, practice name, default canton (optional).
  • Provider data: provider display name, GLN/ZSR (if provided), and qualification/intrinsic-value information used to filter suggestions.
  • Results data: suggested codes and/or ambulatory forfait outputs and related metadata (e.g., timestamps, selected provider, duration).
  • Security & audit logs: login events, system audit logs, and technical metadata required to protect the service.
  • Billing data: Stripe customer identifiers, purchase history, and invoice/receipt identifiers.

6. Why we process data

We process data to:

  • provide and operate the service (authentication, credit usage, results display and export);
  • secure the service (fraud prevention, abuse monitoring, audit trail);
  • provide customer support and respond to inquiries; and
  • manage billing, receipts, and accounting.

7. Where processing happens

Kodia is hosted and operated in Switzerland. AI inference for coding suggestions is performed in Switzerland using AWS Europe (Zurich) via Amazon Bedrock.

8. Service providers (subprocessors)

We use third-party providers to operate the service, including:

  • AWS (Amazon Web Services): hosting and AI inference in Zurich
  • Stripe: payment processing and receipts/invoices
  • Resend: delivery of verification and transactional emails

Some providers may process limited personal data outside Switzerland depending on their infrastructure. Where cross-border disclosure occurs, we apply appropriate safeguards consistent with Swiss requirements.

9. Data retention

We keep data only as long as necessary for the purposes described above. Typical retention periods:

  • Account and practice data: retained until account deletion (unless retention is required by law).
  • Results data (suggested codes/forfait output): retained until deleted by you or your practice, or upon account deletion.
  • Security and audit logs: typically retained for up to 24 months, then deleted or anonymized.
  • Billing records: typically retained for 10 years to meet accounting and tax obligations.
  • Backups: typically retained for 30-90 days.

10. Your rights

You may request information about whether we process your personal data and request correction or deletion where applicable under Swiss law. To exercise your rights, contact us at contact@kodia.ch.

If you use Kodia through a practice or billing service, requests related to patient-related content may need to be handled via that organization as the controller.

11. Cookies and tracking

We do not use third-party advertising cookies. We use only essential technical storage where required for login/session and preferences (for example, language preference). We do not use analytics by default.

12. Automated assistance

Kodia provides AI-assisted coding suggestions. Kodia does not make fully automated decisions with legal effects. Human review by the practice is required before billing.

13. Contact

MS2 Partners Sarl (CHE-240.674.424)
Route de Lausanne 15, 1180 Rolle, Vaud, Switzerland
Email: contact@kodia.ch