Coreties Privacy Policy

Effective Date: July 31, 2024

Introduction

At Coreties (“we,” “us,” or “our”), we are committed to protecting the privacy of our users (“you” or “your”). This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website www.coreties.com (the "Website") and utilize our services.

By accessing or using the Website, you consent to the practices described in this Privacy Policy. This includes:

  • Accessing or using the Service;
  • Clicking to accept this Privacy Policy or Terms and Conditions;
  • Accepting this Privacy Policy in any other way.

If you do not agree to this Privacy Policy, you shouldn't access (and you don't have our permission to access) the Service.

Information We Collect

We may collect the following types of information from you:

  • Personal Information: When you sign up for an account, we may collect your name, email address, and password. If you sign up using LinkedIn or Google, we may collect additional information associated with your account, such as your profile picture and public profile information.
  • Usage Data: We automatically collect information about your interactions with the Website, such as your IP address, browser type, device information, pages visited, and referring URLs.
  • Cookies and Similar Technologies: We use cookies and similar tracking technologies to collect information about your browsing behavior and preferences.

How We Use Your Information

We may use your information for the following purposes:

  • To provide and maintain our services: We use your information to create and manage your account, personalize your experience, and communicate with you about our services.
  • To improve our Website and services: We analyze usage data to identify trends, optimize our Website, and enhance our service offerings.
  • To send you marketing communications: With your consent, we may send you promotional emails or newsletters about our products and services. You can opt-out of receiving these communications at any time.
  • To protect our rights and interests: We may use your information to detect and prevent fraud, enforce our terms of service, and comply with legal obligations.

How We Share Your Information

We may share your information with the following third parties:

  • Service providers: We may share your information with third-party service providers who perform functions on our behalf, such as hosting, data analysis, and marketing.
  • Business partners: We may share your information with our business partners to offer you joint products or services.
  • Legal authorities: We may disclose your information if required by law or to protect our rights, property, or safety.

Your Choices

You have the following choices regarding your information:

  • Accessing and updating your information: You can access and update your account information by logging into your account settings.
  • Deleting your account: You can delete your account by contacting us through the Website or emailing us at [email protected]
  • Opting out of marketing communications: You can opt-out of receiving marketing emails by clicking the "unsubscribe" link at the bottom of any email.
  • Sharing information: You agree we use the information provided over written communication such as email, filling out forms or requests and other communication around using the Service.

Security

We implement appropriate security measures to protect your information from unauthorized access, disclosure, alteration, or destruction. However, no method of transmission over the internet or electronic storage is completely secure. Therefore, we cannot guarantee absolute security. By using the Website and/or Service you agree to this security risk as described above.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on the Website. We encourage you to review this Privacy Policy periodically for any updates.

What personal information does Coreties process?

Under the General Data Protection Regulation ("GDPR"), there is a clear distinction between the roles of “Controllers” and “Processors” of personal data. A "Controller" is responsible for determining the purposes and means of processing personal data, whereas a "Processor" processes personal data on behalf of the controller, following the controller’s instructions. Coreties operates in both capacities, as detailed below, adhering to the legal requirements for processing personal data as mandated by the GDPR.

As a "Controller," Coreties processes data in several scenarios:

  • Website Visitation (Visitor Data): When individuals visit Coreties’ website, the company tracks usage, including pages visited and session duration, utilizing information such as IP addresses, geolocation, browser types, and website usage history. Cookies may be employed for tracking across sessions. Coreties justifies this processing on the basis of legitimate business interests, retaining the data for no longer than 14 months post-collection.
  • Account Creation (Account Data): For users creating a Coreties account, the company collects email addresses, full names, phone numbers, and payment/billing addresses, where applicable. This data facilitates access to services, enables business relations, account authentication, and communication about services and updates. The legal basis for processing Account Data is contractual necessity, with data retention until users opt to delete their accounts, subject to specific exceptions detailed in the policy.
  • Marketing: When users register for Coreties webinars or subscribe to newsletters, or market updates, Coreties collects names and email addresses, relying on user consent for processing. Data is retained as necessary for the intended purpose.
  • Service Usage (Usage Data): Coreties monitors service usage through its sites, API, and add-ons, logging requests and collecting data on feature usage, user feedback, geolocation, payment information, and browser details. This data supports user experience enhancement and fraud prevention, with a retention period of 12 months.
  • User Support (Support Data): When users contact Coreties’ support, the company processes usage data, names, contact information, subscription details, and account data as necessary to provide support. This data is retained for up to 6 months post-account deletion or 9 months for non-logged-in user interactions.
  • Public Web Data Collection (Profile Data): Coreties crawls public web pages to gather professional profile data, operating under legitimate business interests and storing this data as long as it remains publicly available or until removal is requested. This may be direct or through GDPR compliant subcontractors.

As a "Processor," Coreties manages data in several contexts, including:

  • Account Management and Data Enrichment: Coreties processes account settings, profile information, and enrichment tasks on behalf of users, retaining this data as long as the user account remains active.
  • Contact Management: Users can manage contact lists, with Coreties processing personal information for as long as the user’s account is active.

In situations where Coreties acts as a Processor, the company processes personal data as instructed by its clients, who are the Controllers responsible for ensuring lawful processing and handling data subject rights requests under applicable laws. Coreties’ obligations as a Processor are outlined in agreements with its clients and are guided by this policy.

This consolidated policy reflects Coreties’ commitment to data protection and privacy, detailing its roles and responsibilities in processing personal data under GDPR, ensuring transparency and compliance in its operations as both a Controller and Processor.

Your rights and choices

You have the following rights in relation to the personal data that we hold about you:

  • To access your personal data, and some related information as described in the section below "Know if we have information concerning you and what that information is." In particular, you have the right to obtain confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the following information:

    • If you're in our database;
    • Exactly what data we hold;
    • The purposes of the processing;
    • How long the data will be kept;
    • On what legal bases the data has been processed.

LIA – Legitimate Interest Assessment

By using the Service the user agrees to understand, is authorised to work and performs work along the 3 principles of the “LIA” when using the Service:

  • The Purpose test: Does the purpose justify processing personal info? The processing activity does not need to be essential, but you must ensure that the processing is proportionate to your purpose and the interests of both the controller and the data subject. You must follow the minimisation principle and process the least amount of personal data to fulfil your aims.
  • The Necessity test: There has to be a legitimate interest of the controller or a third party (this can include the data subject). The processing activity does not need to be essential to pass this test, you will need to evidence that your objective cannot be successfully achieved without processing personal information, and it is proportionate and required to fulfil your objectives. The user declares that it will use the minimum amount of information required and uses it ethically to offer (commercial) logistics services and related services to data subjects. This may be along the entire cycle of commercial and operational activities with the aim to sell a logistics-related product.
  • The Balancing test: Legitimate interest cannot override the data subject’s fundamental rights, freedoms and interests. Have you considered whether the fundamental rights and freedoms of the individual(s), whose data you’d process, override your legitimate interest? For example, you are asking for more information than you need to achieve your objective, do the legitimate interests outweigh any potential negative impacts on the data subject? On all of the previous questions under the Balancing test, the user agrees to be able to answer “yes” within moral and ethical boundaries and once more to offer a logistics-related product or service.