Tabi Data Policy
Overarching Terms
The Data Policy (“Policy”) comprises three policies: Privacy Policy, Cookie Policy, Security Policy.
The Data Policy applies to data that is collected and processed by Cortex Technologies Limited, having its address for correspondence at Hirzel House, Smith Street, St Peter Port, GY1 2NG ("Cortex", "we", "our", “website”, “services”, or "us").
Cortex, as a data controller, collects and processes personal data relating to interactions on the Website or through your use of the Services. This Policy describe how Cortex uses and protects any information that you give us.
Your privacy and the security of your personal data is important to us. It is Cortex's policy to respect your privacy regarding any information we may collect from you across our website, and other sites, services, and apps we own and operate.
We strongly urge you to read this Policy and make sure that you fully understand and agree with it. If you do not agree to this Policy, please do not access or otherwise use the Website or Services.
Privacy Policy
All data collected is stored and processed in accordance with The Data Protection (Bailiwick of Guernsey) Law, 2017. We are duly registered with the Office of the Data Protection Authority in Guernsey.
We only ask for personal information when we need it to provide a service to you. We collect it by fair and lawful means, with your knowledge and consent. We also let you know why we’re collecting it and how it will be used.
We only retain collected information for as long as necessary to provide you with your requested service. What data we store, we’ll protect within commercially acceptable means to prevent loss and theft, as well as unauthorised access, disclosure, copying, use or modification.
We do not share any personally identifying information publicly or with third-parties, except when required to by law.
Our website may link to external sites that are not operated by us. Please be aware that we have no control over the content and practices of these sites and cannot accept responsibility or liability for their respective privacy policies.
You are free to refuse our request for your personal information, with the understanding that we may be unable to provide you with some of your requested services.
You may at any time request all your data to be permanently and irrevocably deleted by contacting us. Provided there is no legitimate reason to not fulfil this request, we will delete all data within 48 hours of your request.
Your continued use of the Website or Services will be regarded as acceptance of our practices around privacy and personal information.
Cookie Policy
The Website uses functional cookies (text files sent to your device) to allow the website to provide you with a better experience (e.g., remembering your username details for logging in and your preferences.)
The Website maintains continuous logs of its web server activity. These log files include the details of website users’ IP address, browser type and page last visited, etc. The log files are used to analyse how the website is being used by visitors and may be kept in an anonymised form for historical records.
The Website may use hosted web analytics software including those provided by a third party such as Plausible and Microsoft Application Insights. These software may use cookies to help analyse how users navigate our website. Data shared with third parties is anonymised. These third parties will use this information for the purpose of evaluating use of our website, compiling reports on website activity for website operators and providing other related services to the Website and the Services.
We cannot guarantee that these anonymous data will not be transmitted to or via the United States of America.
These third parties may also transfer this information to third parties where required to do so by law, or where such third parties process the information on their behalf.
You may decline the use of cookies by configuring your web browser to do so, but it may affect your user experience. By using this website, you consent to the processing of data about you by the Website and Us and other third parties in the manner and for the purposes set out above.
We do not use Google Analytics.
Security Policy
All data is hosted or stored on Microsoft Azure which is Microsoft’s cloud platform (“Azure”). Azure is a SOC-2 certified secure data center. More information on the security of Azure can be read here https://learn.microsoft.com/en-us/azure/compliance/offerings/offering-soc-2.
All infrastructure is hosted in a fully redundant, secure environment. All persistent data is encrypted using transparent data encryption. Data in transport is only submitted over secure (HTTPS) channels using TLS 1.2, SHA384 and 256-bit keys.
The entire environment is operated on the principle of least privilege.
We cannot access your data directly or indirectly at any time. If We are required to provide support and with your explicit permission we may be able to access your data but only by using a login that exists within your data organisation that you grant us access to.
Cortex takes the security of its data and that of its clients and customers seriously and ensures that only vetted personnel are given access to its resources.
All contractors and employees undergo background checks prior to being engaged or employed by us in accordance with local laws and industry best practices.
All contractors, employees and anyone else who may have need to access any of our information, must sign comprehensive Non-Disclosure Agreements (NDAs).
‘Privacy by design and by default’ is fully incorporated in to our software development lifecycle.
Data Policy Version
These policies are effective as of 2022/12/09. They are reviewed regularly and were last amended on 2022/12/09. We may amend these Policies at any time and will reflect any changes on this page.
Contact
If you would like any further information in relation to this Policy or if you have any questions about how we handle user data and personal information, please do not hesitate to contact us, via email or via our address: Hirzel House, Smith Street, St Peter Port, GY1 2NG.