BREAKING NEWS: Cortex welcomes Mike Bohndiek as Managing Director

Privacy Notice

Last modified: 16/01/2025

Privacy Notice

1. Who we are and what we do

Who we are

We are Cortex Tech Limited t/a Cortex (“Cortex”, “us”, “we”, “our”). We are a limited company registered in England and Wales under registration number 15817221 and we have our registered office at Mimet House, 5a Praed Street, London, England, W2 1NJ. We are registered with the UK supervisory authority, Information Commissioner’s Office (“ICO”), in relation to our processing of Personal Data under registration number ZB723058.

What we do

We provide sports businesses with a fully integrated suite of data powered technology and supporting services. We and our related entities are committed to protecting the privacy and security of the Personal Data we process about you.

Controller

Unless we notify you otherwise, we are the controller of the Personal Data we process about you. This means that we decide what Personal Data to collect and how to process it.

2. Purpose of this privacy notice

The purpose of this privacy notice is to explain what Personal Data we collect about you and how we process it. This privacy notice also explains your rights, so please read it carefully. If you have any questions, you can contact us using the information provided below under the ‘How to contact us’ section.

3. Who this privacy notice applies to

This privacy notice applies to you if:

  1. You visit our website
  2. You purchase products or services from us
  3. You enquire about our products and/or services
  4. You sign up to receive newsletters and/or other promotional communications from us

4. What Personal Data is

‘Personal Data’ means any information from which someone can be identified either directly or indirectly. For example, you can be identified by your name or an online identifier.

5. Personal Data we collect

The type of Personal Data we collect about you will depend on our relationship with you. For the type of Personal Data we collect see the table below in the section entitled ‘Purposes, lawful bases and retention periods’.

6. How we collect your Personal Data

We collect most of the Personal Data directly from you in person, by telephone, text or email and/or via our website.

However, we may also collect your Personal Data from third parties such as:

  • reputable companies who provide lead generation contact lists
  • others to whom you have provided consent
  • publicly available sources such as social media platforms

For details about how we use cookies and other tracking technologies, please see our specific page on Cookies and similar technologies.

7. Purposes and lawful bases

We will only use your Personal Data when the law allows. Most commonly, we will use your Personal Data in the following circumstances:

Categories of individuals Categories of Personal Data Purpose of Processing Lawful Basis
Clients’ employees Name, job title, work email address, work phone number, company you work for To fulfil services Legitimate interests – to manage Client relationship
Clients’ employees Name, job title, work email address, work phone number, company you work for To access Cortex managed services Legitimate interest – to fulfil our agreement with your organisation
Members of public, professionals, clients’ employees, prospective clients’ employees Name, job title, work email address, work phone number, company you work for To respond to queries about our services Legitimate interests – to respond to your enquiry
Professionals, clients’ employees, prospective clients’ employees Name, job title, work email address, work phone number, company you work for To send you newsletters and other promotional material Legitimate interests – to promote our services in order to win new business

Where Personal Data is processed because it is necessary for the performance of a contract to which you are a party, we will be unable to provide our services without the required information.

You may opt-out of receiving marketing communications and other promotional material at any time by clicking the link in the relevant email or contacting us via the details below.

8. Retention of your Personal Data

We will retain your Personal Data on our systems only for as long as is strictly necessary for the purposes for which such data was originally collected, being the period during which we are contracted to provide you with the products or services (or for such longer period as may be required by law, including in connection with any tax obligations).

9. Sharing your Personal Data

We may share your Personal Data with our affiliates and carefully selected third parties, for example, we may use a supplier to provide services which support the services which we provide to you. In this case, we remain responsible for your personal data and will ensure we have a written agreement in place with any third party provider. We currently use third-party suppliers:

  • for invoice purposes
  • to set up direct debits and payments
  • for software for internal business purposes
  • for communicating with all Cortex stakeholders

We may also need to disclose your Personal Data in the following circumstances:

  • if we are required to do so by law or pursuant to a binding regulatory request (in each case, such disclosure will be solely to the extent required by law or the applicable regulatory request);
  • in the event that we sell or buy any business or assets we may be required to disclose certain of your Personal Data to the prospective seller or buyer of such business or assets; or
  • in order to enforce or apply our terms of use and other agreements.

10. International Transfers

Your personal information may be transferred to and processed outside of the UK/EEA.  This is because the organisations we use to provide our services to you may be based outside the UK or have servers based outside the UK.

We will only transfer your personal information from countries in the UK or EU/EEA to countries outside of the UK or EU/EEA where:

  • the transfer is to a country (or an international organisation) that the UK government/European Commission has determined ensures an adequate level of protection (“Adequacy”);
  • an International Data Transfer Agreement (IDTA) or Standard Contractual Clauses adopted by the UK Government or European Commission (whichever is applicable) have been put in place between the entity in the UK or EU/EEA and the entity located outside the UK or EU/EEA;
  • binding corporate rules have been implemented, where applicable; or where
  • the transfer is otherwise permitted by the law.

11. Keeping Personal Data secure

We have implemented industry standard security measures to prevent unauthorised access to, use or loss of, your Personal Data. We also make sure that third parties who need to handle your Personal Data when helping us to deliver our services are bound by appropriate confidentiality and security obligations.

Despite the security measures that we implement, please be aware that the transmission of data via the internet is not 100% secure. Therefore, we are unable to guarantee the security of any information which you transmit to us via the internet and any transmission is at your own risk.

12. Your rights and how to complain

You have certain rights in relation to the processing of your Personal Data, including to:

  • Right to be informed
    You have the right to know what Personal Data we collect about you, how we use it, for what purpose and in accordance with which lawful basis, who we share it with and how long we keep it. We use our privacy notice to explain this.
  • Right of access (commonly known as a “Subject Access Request”)You have the right to receive a copy of the Personal Data we hold about you.
  • Right to rectification
    You have the right to have any incomplete or inaccurate information we hold about you corrected.
  • Right to erasure (commonly known as the right to be forgotten)
    You have the right to ask us to delete your Personal Data.
  • Right to object to processing
    You have the right to object to us processing your Personal Data. If you object to us using your Personal Data for marketing purposes, we will stop sending you marketing material.
  • Right to restrict processing
    You have the right to restrict our use of your Personal Data.
  • Right to portability
    You have the right to ask us to transfer your Personal Data to another party.
  • Automated decision-making. You have the right not to be subject to a decision based solely on automated processing which will significantly affect you. We do not use automated decision-making.
  • Right to withdraw consent
    If you have provided your consent for us to process your Personal Data for a specific purpose, you have the right to withdraw your consent at any time. If you do withdraw your consent, we will no longer process your information for the purpose(s) you originally agreed to, unless we are permitted by law to do so.
  • Right to lodge a complaint
    You have the right to lodge a complaint with the relevant supervisory authority, if you are concerned about the way in which we are handling your Personal Data. The supervisory authority in the UK is the Information Commissioner’s Office who can be contacted online at: Contact us | ICO or by telephone on 0303 123 1113.
How to exercise your rights

You will not usually need to pay a fee to exercise any of the above rights. However, we may charge a reasonable fee if your request is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

If you wish to exercise your rights, you may contact us using the details set out below within the section called ‘How to contact us and our Data Protection Officer’. We may need to request specific information from you to confirm your identity before we can process your request. Once in receipt of this, we will process your request without undue delay and within one month. In some cases, such as with complex requests, it may take us longer than this and, if so, we will keep you updated. Some rights only apply in certain circumstances. We will inform you if we are unable to comply with your request for any reason.

13. How to contact us and our Data Protection Officer

If you wish to contact us in relation to this privacy notice or if you wish to exercise any of your rights outlined above, please contact us as follows:

Telephone: +44 (0)20 3137 9873

Email: compliance@cortextech.io

Post: Fifth Floor, Mimet House, 5a Praed Street, London, W2 1NJ

We have also appointed a Data protection Officer (“DPO”). Our DPO is Evalian Limited and they can be contacted using the above details. Please mark your communications FAO the ‘Data Protection Officer’.

14. Changes to this privacy notice

We may update this notice (and any supplemental privacy notice), from time to time as shown below. We will notify of the changes where required by applicable law to do so.