Documents

Privacy policy

Corellian Systems Pty Ltd ABN 26 676 657 364 (“Corellian”, “Cor”, “we,” “our,” or “us”) values your privacy. This Privacy Policy (“Policy”) explains how we collect, use, disclose, and otherwise process personal information, and the rights and choices individuals have regarding that personal information.

For a quick summary of your choices, see Section 6. Your Privacy Choices.

Table of Contents

1. Scope
2. Personal Information Collected
3. Purposes for Collecting and Processing
4. Disclosures of Personal Information
5. Cookies and Other Tracking Mechanisms
6. Your Privacy Choices
7. External Links and Features
8. User Generated Content
9. Children’s Privacy
10. Security and Retention
11. Changes to this Policy
12. Australia Specific Provisions
13. EU and UK Specific Provisions
14. Contact Us
‍

1. Scope

‍This Policy applies to our online and offline personal information processing activities, including visitors to www.getcor.ai and related sites where this Policy is posted, individuals who create an account or use our products and services, participants in our events and research, subscribers to our communications, prospective and current customers, and anyone who communicates or interacts with us or our products and services (collectively, the “Services”).

‍Additional notices. Depending on how you interact with us, you may be provided additional privacy notices. Those notices control if they conflict with this Policy for the personal information covered by that notice. This Policy does not apply to job applicants, employees or contractors in the context of those relationships.

‍Customers. For certain features, we act as a service provider or processor to our business customers. Where we process personal information on a customer’s instructions, that customer’s privacy policy applies. If you use our Services because your company provides them to you, contact that company for questions about your privacy.
‍

2. Personal Information Collected

‍We collect personal information directly from you, from third parties, and automatically through the Services. To the extent permitted by law, we may combine information from different sources.

‍Personal information collected directly. Depending on your use of the Services, we may collect:

- Contact information such as name, company, title, email, phone.
- Account and profile information such as username, password, preferences, and settings.
- Purchases and payments such as billing details and transaction history. Our payment processors collect payment card data directly.
- Communications and interactions such as emails, support chats, forms, feedback, and records of our responses.
- Promotional and preference information such as marketing preferences and feature interests.
- Events and training details such as registration data and participation information.
- Professional information related to business contacts and opportunities.
- Integrations that you connect to Cor such as workspace identifiers, application metadata, and content that you authorize us to process to provide functionality.
- Customer Data which is content you or your organisation submit to or generate in the Services. If you do not provide requested personal information, we may be unable to provide parts of the Services.

‍Personal information from third parties. We may receive information from customers, partners, analytics and marketing providers, public databases, social platforms, data enrichment providers, referral programs, and integrated services you connect.

‍Automatically collected information. We automatically collect:

- Device and browsing information such as browser type, device identifiers, operating system, IP address, pages viewed, time stamps, and similar data.
- Activities and usage such as features used, content viewed, and interactions.
- Approximate location derived from IP address.

See Section 5 for cookie details.

Sensitive information. We do not seek to collect sensitive information. If you provide it, we will only process it in line with applicable law.

‍Service provider role. For Customer Data, we primarily process on behalf of our customers and at their direction.
‍

3. Purposes for Collecting and Processing

‍We use personal information for:
‍
- Services and support. Provide, operate, maintain, and secure the Services, manage accounts, deliver customer support, and communicate about the Services.
- Analytics and improvement. Understand usage, improve performance and features, and perform research and quality assurance.
- Communication. Send notices about the Services, including changes to terms and policies.
- Personalisation. Tailor content and experiences.
- Marketing and advertising. Send promotional communications and measure campaigns in accordance with law and your preferences.
- Event management. Plan and manage events, webinars, and trainings.
- Security and protection of rights. Detect, prevent, and respond to fraud, abuse, and security incidents, and enforce our terms.
- Compliance and legal process. Comply with laws, respond to lawful requests, and manage legal claims.
- Auditing and internal operations. Conduct audits, maintain records, and support business operations.
- Business transactions. Support mergers, acquisitions, financings, and reorganisations as permitted by law.

AI Usage. Our Services may use third-party AI providers, including OpenAI, L.L.C., Google LLC, and Anthropic PBC. Customer Data is not used to train or improve general-purpose AI or machine learning models. We use Customer Data only to provide and improve the Services for your organisation, including their safety, reliability, and quality.

‍Ownership and licence to Customer Data. You retain ownership of Customer Data. You grant Cor a non exclusive, royalty free, non transferable, worldwide licence to use Customer Data only as reasonably necessary to provide and support the Services and as otherwise permitted by your agreement with us.You are responsible for the legality, reliability, integrity, accuracy, and quality of Customer Data that you input to the Services.

‍Automated decision-making. We do not use your personal information to make solely automated decisions that have legal or similarly significant effects on you.
‍

4. Disclosures of Personal Information
‍
‍We may disclose personal information as follows:

- Affiliates and subsidiaries. For purposes consistent with this Policy.
- Customers. To the relevant business customer that provides you access to the Services.
- Vendors and service providers. For hosting, storage, customer support, analytics, communications, security, payment processing, and similar services under appropriate contractual safeguards.
- Other users. If you choose to share within social or collaborative features.
- Third party marketing and analytics providers. Device and usage information may be shared to support measurement and improvements, subject to your choices.
- Business transfers. In connection with mergers, financings, or similar transactions as permitted by law.
- Compliance and legal obligations. To comply with laws, legal process, or lawful requests.
- Security and protection of rights. To protect the Services, our users, and the public.
- Other disclosures. With your consent or as otherwise permitted or required by law.

Overseas disclosures. We may disclose personal information to recipients located outside your jurisdiction, including Australia, the United States, the United Kingdom, and the European Economic Area. We take reasonable steps to ensure appropriate safeguards are in place.

‍Aggregate and deidentified data. We may use and disclose aggregate or deidentified data for analytics, research, and improvement. Where we maintain deidentified data, we will not attempt to reidentify it except to verify our processes.
‍

5. Cookies and Other Tracking Mechanisms
‍
‍We and our providers use cookies, pixels, local storage, log files, and similar technologies to operate, secure, understand, and improve the Services, and for marketing and analytics.

- Cookies. Small files stored on your device that support core functionality and help remember your settings.
- Pixel tags. Code embedded in content or emails to measure engagement.
- Local storage. Browser storage that may persist after closing the session.
- Third party analytics and tools. For example, Google Analytics may collect usage data to provide metrics and reports. You can learn about Google’s practices at policies.google.com and opt out with the Google Analytics Opt out Browser Add on.
- Cross device and advertising. We and our partners may infer relationships between browsers and devices and personalise content, subject to your choices.

See Section 6 for how to manage preferences.

6. Your Privacy Choices

- Marketing communications. You can opt out of promotional emails by using the unsubscribe link or contacting us. We may still send transactional or service emails.
- Cookie and tracking preferences. You can set your browser to block or delete cookies. Preferences are browser and device specific. Blocking cookies may impact functionality.
- Targeted advertising industry tools. Where applicable in your region, you may use industry choice tools to opt out of targeted ads on participating networks.
- Access, transfer, correction, or deletion. See Sections 12 and 13 for region specific rights and how to exercise them. You can also contact us at the details in Section 14.
‍

7. External Links and Features

‍The Services may link to third party websites, features, or integrations. Their practices are governed by their own policies. Review those policies before using third party sites or features.
‍

8. User Generated Content

‍Public or community features may allow you to post content. Content you submit can be viewed and searched by others. Do not post information you prefer to keep private.
‍

‍9. Children’s Privacy

‍The Services are not directed to children. We do not knowingly collect personal information from minors. If you believe a minor has provided personal information, contact us and we will take appropriate steps.
‍

‍10. Security and Retention

‍We maintain administrative, technical, and organisational safeguards to protect personal information against unauthorised access, disclosure, alteration, or destruction. No system can be guaranteed secure. You should use a strong, unique password and keep it confidential.We retain personal information for as long as needed for the purposes outlined in this Policy, including to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements, consistent with our retention policies and applicable law.
‍

‍11. Changes to this Policy

‍We may update this Policy from time to time. We will post updates on this page with a new “Last updated” date. For material changes, we will take additional steps as required by law, such as providing prominent notice.
‍

‍12. Australia Specific Provisions

‍We comply with the Australian Privacy Principles in the Privacy Act 1988 (Cth).

‍Access, correction, and portability. You may request access to the personal information we hold about you, request correction if it is inaccurate, out of date, incomplete, irrelevant, or misleading, and request a copy of your information in a portable format (where technically feasible). We will respond within a reasonable time. There is no charge to make a request. We may charge reasonable costs to provide copies if large volumes are involved. We may need to verify your identity and, in limited cases, may refuse access in accordance with the Privacy Act.

‍Complaints. If you have a privacy complaint, contact us using the details in Section 14. We will investigate and respond. If you are not satisfied, you may contact the Office of the Australian Information Commissioner at www.oaic.gov.au.

13. EU and UK Specific Provisions

‍Where the EU GDPR or UK GDPR applies, the following additional terms apply.

‍Controller and processor roles. Corellian is a controller for personal information it collects about visitors and account holders outside of Customer Data. For Customer Data, Corellian is a processor and processes in accordance with the customer’s instructions and the applicable data processing agreement.

‍Legal bases. We process personal information based on one or more of the following legal bases:

- Performance of a contract to provide the Services and manage your account.
- Legitimate interests such as operating, improving, and securing the Services and communicating with you.
- Consent for certain marketing or cookies where required.
- Compliance with legal obligations such as tax, accounting, and regulatory requirements.

Data subject rights. Subject to legal limits, you may request access, rectification, erasure, restriction, portability, and object to processing based on legitimate interests, and you may withdraw consent where processing is based on consent. You also have the right to lodge a complaint with a supervisory authority. Please contact us using the details in Section 14 to exercise these rights.International transfers. Where we transfer personal data outside the EEA or UK, we rely on appropriate safeguards such as adequacy decisions or Standard Contractual Clauses, and supplementary measures as needed.

‍Cookies. Where required, we obtain consent for non essential cookies and provide mechanisms to manage preferences.

14. Contact Us

Corellian Systems Pty Ltd

‍Website: www.getcor.ai
‍Email: team@getcor.ai

‍If you contact us to exercise rights or raise a concern, we may request information to verify your identity and jurisdiction.