Corelix

Legal

Privacy Policy

How we collect, use and protect your information

Last Updated: 09 May 2026  |  Effective Date: 09 May 2026

1. Introduction

Corelix Software Ltd ("Corelix"), a UK-registered company (Company No. 17156660), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit corelixsoftware.com or use our services.

2. Data Controller

Corelix Software Ltd
Registered Office: Office 18421, 182-184 High Street North, East Ham, London E6 2JA, UK
Company Number: 17156660
Data Protection Contact: via /contact form (subject: "Privacy Inquiry")

3. Information We Collect

3.1 Information You Provide

  • Identity Data: name, title
  • Contact Data: postal address, contact form submissions
  • Account Data: username, password, profile information
  • Financial Data: billing address, payment details (processed by Stripe)
  • Transaction Data: purchase history, services engaged
  • Communications Data: support tickets, correspondence

3.2 Automatically Collected

  • Technical Data: IP, browser, device, OS
  • Usage Data: pages visited, time on site, referring URLs
  • Cookies (see Cookie Policy)

3.3 From Third Parties

  • LinkedIn, Google (OAuth)
  • Stripe (payment confirmations)
  • Analytics providers (anonymised)

4. Legal Basis for Processing (UK GDPR Article 6)

  • Contract: To provide services
  • Consent: For marketing and non-essential cookies
  • Legitimate Interests: Service improvement, fraud prevention, security
  • Legal Obligation: Tax records, regulatory compliance

5. How We Use Your Information

  • Deliver consulting services
  • Process payments and invoicing
  • Manage accounts and provide support
  • Send service-related communications
  • Send marketing (with consent)
  • Analyse and improve services
  • Comply with legal obligations
  • Prevent fraud and ensure security

6. Data Sharing

  • Stripe: Payment processing
  • Cloud Providers: AWS, Azure (UK/EU regions)
  • Analytics: Google Analytics (anonymised, with consent)
  • Professional Advisors: Legal, accounting
  • Authorities: When legally required (HMRC, courts, regulators)

We do not sell personal data to third parties.

7. International Data Transfers

We use UK International Data Transfer Agreements (IDTA), EU Standard Contractual Clauses (SCCs), or adequacy decisions for international transfers.

8. Data Retention

  • Active client data: Engagement duration + 7 years (UK accounting)
  • Marketing data: Until consent withdrawn
  • Website analytics: 26 months (anonymised)
  • Support tickets: 3 years post-resolution
  • Legal records: As required by law

9. Your Rights Under UK GDPR

You have rights to: Access, Rectification, Erasure, Restriction, Portability, Object, Withdraw Consent, and to lodge a Complaint. To exercise rights, submit a request via /contact form (subject: "Data Subject Request"). We respond within one calendar month.

10. Cookies

See Cookie Policy at /cookies. Categories: Strictly Necessary (no consent needed), Analytics (consent), Marketing (consent).

11. Children's Privacy

Services are intended for businesses and professionals. We don't knowingly collect data from children under 16.

12. Data Security

  • TLS 1.3 in transit, AES-256 at rest
  • Access controls and authentication
  • Regular security audits
  • Employee training and confidentiality agreements
  • Aligned with ISO 27001 standards

13. Data Breach Notification

For breaches affecting your rights: ICO is notified within 72 hours and affected individuals notified without undue delay.

14. Automated Decision-Making

We don't use automated decision-making producing legal or significant effects.

15. Changes

Material changes are notified via the website. "Last Updated" reflects revision date.

16. Contact and Complaints

Privacy Inquiries: via /contact form
Post: Corelix Software Ltd, Office 18421, 182-184 High Street North, East Ham, London E6 2JA, UK
ICO: Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF — Phone 0303 123 1113 — ico.org.uk