Privacy Notice

Last Updated: 03.11.2024

Your privacy is important to us. At Cortx (“Company,” “we,” “us,” or “our”), we are committed to protecting your personal data and respecting your privacy rights. This notice provides essential information about how we handle personal data, our lawful basis for processing, your rights under GDPR and CCPA, and how you can exercise those rights.

Transparency and Security

Transparency: Our Privacy Notice provides clear information on how we handle personal data provided by our customers or collected for their benefit. Customers’ privacy policies, not ours, govern how they collect your information. This notice specifically governs our own handling of personal data.

Privacy and Security: We take reasonable steps to protect personal data, and we only share your personally identifying information as needed for service support, compliance with the law, or to protect our rights.

Minimal Data Collection: This service doesn’t require personal information to browse our website or view our products and services. If you choose to contact us or request information, this data is only used to connect with you regarding our offerings. We don’t share this information for any other purpose, and it is governed by this Privacy Notice.

Only Necessary Data: We don’t ask for personally identifying information unless it’s necessary for the services we provide. For simplicity, www.cortx.co and our products and services are collectively referred to as “Services” throughout this notice.

This Privacy Notice does not apply to third-party privacy practices, including those of our customers or any external links appearing on our Services. We encourage caution before sharing personally identifiable information with other users or through third-party links.

I. YOUR RIGHTS UNDER GDPR AND CCPA

We comply with the General Data Protection Regulation (GDPR) for users within the European Economic Area (EEA), as well as the California Consumer Privacy Act (CCPA) for users in California. We also extend similar data protection rights to all jurisdictions due to our global commitment to privacy.

GDPR and CCPA Rights:

Right to be Forgotten (Right to Erasure): You may request deletion of your personal data. This right applies, for example, if you have asked for information or a demo and no longer wish to be contacted. This is not an absolute right and depends on our data retention policy and applicable laws.

Right to Information: You may ask for details on how we process your personal data and for what purpose, including requesting a list of third-party processors with whom we share your information.

Right to Access: You have the right to access your personal data, view how it’s processed, and request copies.

Right to Rectification: If your personal data is outdated or inaccurate, you have the right to request updates or corrections.

Right to Withdraw Consent: Where processing is based on consent, you can withdraw it at any time without affecting the lawfulness of prior processing.

Right to Object: You may object to certain processing activities, including:

Direct marketing

Statistical research or public interest processing

Processing in our legitimate interest or that of a third party

Processing based on personal beliefs or specific situations

Right to Data Portability: You may request the transfer of your personal data to another service provider in a machine-readable format, if technically feasible.

Right to Limit Use and Disclosure of Sensitive Personal Information: You have the right to request that we limit our use of your sensitive personal information only to what is necessary to perform our services.

Right to Restrict Processing: Under GDPR, you can request restriction of processing in certain cases, such as if you dispute the data’s accuracy or if you need the data for a legal claim.

Right to Non-Discrimination (CCPA): We will not discriminate against California residents for exercising any CCPA rights.

How to Exercise Your Rights

To exercise any of these rights, please contact us at privacy@cortx.co. We may require verification of your identity to ensure the security of your data.

II. INFORMATION COLLECTION AND USE

Email Addresses: We do not send spam or rent/sell your email address, except as outlined under “Marketing” below. We may email you directly to communicate product updates or information related to your use of our services.

SMS Texts: Cortx may engage with users via SMS for updates or opportunities. Standard message and data rates apply. Reply STOP to cancel or HELP for assistance.

Marketing: We may send promotional content about our products and services if you have opted in. You can opt-out at any time by following the instructions within the communication or by contacting us directly.

Log Data: Like most websites, we collect log data such as IP addresses, browser type, pages viewed, and timestamps. This helps us analyze traffic, improve functionality, and enhance user experience.

Location Information & IP Addresses: We may link your IP address and device information to your account if you fill out forms on our site. This may also be used for security monitoring and other location-based services.

Cookies and Tracking Technologies: Cortx and analytics providers use cookies and similar technologies to improve the user experience and functionality. You may deny cookies, but some features may not function properly if disabled.

Data Aggregation: Aggregated, non-identifiable data may be used internally to improve our services or for commercial analysis. We only aggregate data in ways that do not disclose personally identifiable information.

Data Sharing: We take all necessary measures to protect personal data and only share it under the following conditions:

With employees or contractors on a need-to-know basis who are bound by confidentiality.

As required by law or to protect our rights and safety.

During mergers or acquisitions, provided the new entity continues to follow this Privacy Notice.

We do not sell personal information to third parties.

III. DATA SECURITY AND RETENTION

Security Measures

We use industry-standard security practices, including encryption, to protect your data from unauthorized access, disclosure, or alteration. However, no method of transmission over the Internet is 100% secure, so we cannot guarantee its absolute security.

Data Retention

Cortx retains your data only as long as necessary for the purposes described in this Privacy Notice or as required by law. If you wish to delete or access certain information, email privacy@cortx.co.

Third-Party Services and International Transfers

We use Amazon Web Services and other secure third-party providers, and data may be transferred internationally in compliance with GDPR’s standard contractual clauses. Non-EEA users should be aware that data transferred to the UK or EEA will be protected in accordance with this Privacy Notice.

IV. CHILDREN’S PRIVACY

Our Services are not directed at children under 18. We do not knowingly collect data from children. If we learn of any such data being collected, we will take immediate steps to delete it.

V. POLICY CHANGES AND CONTACT

Privacy Policy Updates

We may update this Privacy Notice to reflect changes in our practices or for legal compliance. Substantial changes will be posted here, and we encourage you to review this page periodically.

Contact Information

If you have questions about this Privacy Notice or our data practices, please contact us at:

Email: privacy@cortx.co

Address: Sutton Vale Country Park, Vale Road, Dover, England, CT15 5DH

Regulatory Authority Contact

If you have unresolved concerns, you have the right to contact the relevant data protection authority in your jurisdiction, including the UK’s Information Commissioner’s Office (ICO) or your local authority.