Coreix are committed to ensuring our business, services and internal processes are GDPR compliant.
This policy (together with our Terms of Service www.coreix.net/legal and any other documents referred to therein) sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
For the purpose of the GDPR regulation Coreix Ltd (company registration No. 4821355) of Fourth Floor, Refuge House, 9-10 River Front, Enfield, EN1 3SZ, will act as a data processor for personal data that has been provided via our website at www.coreix.net (our ‘site’). This includes information provided at the time of registering to use our site or subscribing to our services, posting material or requesting further services.
Our nominated representative for the purpose of the Act is Alan Dean.
What kinds of personal information do we collect?
We collect information about you when you register for a service from us and the information includes: your name, company name, contact details, address, IP address and payment information: credit or debit card details. We do not collect sensitive information from individuals.
We use your information for administrative and business purpose to carry out our contract, provide the services and manage your account:
IP addresses and cookies
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and reporting purposes. This is statistical data about your browsing actions and patterns, and does not identify any individual. We may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer's hard drive. They help us to improve our site and to deliver a better and more personalised service. They enable us:
Where we store your personal data
Your personal data is stored on our own servers and this hardware is located in Enfield Data Centre ISO27001 certified. None of your personal data is transferred outside the EEA.
We have strict security measures to protect your personal information, follow our security procedures and apply suitable technical measures, such as encryption, regular penetration testing of systems to protect your information. All Coreix Ltd employees are trained with regards to access, security and processing of any personal data stored on our servers.
Uses made of the information
We use information held about you in the following ways:
We (and our group companies) may also use your data to provide you with information about our goods and services which may be of interest to you and we may contact you about these by email, post or telephone. If you do not want us to use your data in this way, or to pass your details on to third parties for marketing purposes, please tick the relevant box situated on the form on which we collect your data.
Disclosure of your information
We may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 Companies Act 2006.
We may disclose your personal information to third parties:
Disclosure of your information for legal reasons
We disclose your information to other third parties in specific circumstances:
The use of your data
The Board of Directors for Coreix Limited is committed to comply with applicable legal requirements and with other requirements which relate to all aspects of personal information in relation to its business activities, products and services we offer. We are committed to fulfilling compliance obligations by continually improving our business management system (which includes the personal information management system) and general performance as an integral part of our business strategy and operating methods. Development will be reviewed annually with objectives and targets through the Business Management System framework.
Coreix Limited is committed to comply with data protection requirements and good practice where applicable, including:
The policy is applicable to the entire business.
Coreix does not store any data which falls into Article 9 of the GDPR, which are defined under 3.1.30 under BS10012:2017 as follows:
Coreix is not required to appoint a DPO due to the fact we do not meet criteria stated under Article 37 of the GDPR.
How long we retain your personal data
We will retain your personal information for as long as necessary to fulfil the purposes we collected it for; such as any legal, accounting, or reporting requirements. After such time, we will either delete or anonymize your information or, if this is not possible, then we will securely store your information and isolate it from any further use until deletion is possible.
Order information, copy of your bills we retain for 6 years from the date of the order placed in accordance with our legal obligation to keep records for tax purposes. Contact Details we retain as long as you are one of our clients and six years after
Criteria for determining retention periods
To determine the appropriate retention period for personal data, we consider the following:
In the unlikely event of a breach occurring (as defined in the GDPR) we will notify you within 48 hours of the breach coming to our attention. This will be enough time for you to consider your requirements, under GDPR, for reporting the breach to the ICO and Data Subjects.
You have the right to ask us not to process your personal data for marketing purposes. We will usually inform you (before collecting your data) if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at firstname.lastname@example.org.
Our site may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
Access to information
To access information we have on you use: https://www.coreix.net/assets/pdf/p_Company_Right_of_Access.pdf and follow the instruction.