At Kortext Ltd we take your privacy seriously and we are committed to protecting it.
This Policy explains when and why we and the companies in our group collect personal information about you, how this information is used, and the conditions under which it may be disclosed to others and how it is kept secure. This Policy applies to all of the products, services and sites (including via the web and mobile applications) (together the “Services”) offered by Kortext Ltd or the companies in our group and forms part of the Kortext Terms and Conditions of Service Agreement.
This policy may change from time to time so please check this page occasionally to ensure that you’re happy with any changes.
Who we are
The Kortext group is made up of different individual companies. For a list of these companies please see the list at the end of this policy. Kortext Ltd’s registered office is at Avalon House, 26-32 Oxford Road, Bournemouth, Dorset, England BH8 8EZ and its registration number is 08617088.
Whenever dealing with our group companies, the relevant company that corresponds with the details in the list at the end of this policy is the data ‘controller’ in relation to the processing activities described below. A data controller is an organisation that decides why and how your personal information is processed.
Where this policy refers to “we”, “our” or “us” below, unless it mentions otherwise, it’s referring to the particular company that is the controller of your personal information.
Information we collect about you and how we collect it
When you use our Services, the categories of information that we may collect about you are as follows:
- Personal information you give to us: This is information about you that you give to us by entering information via our sites, mobile applications, social media platforms and corresponding with us by phone, email or otherwise. This includes information provided at the time of signing up for a Kortext account, subscribing to the services we provide through our site, posting material or requesting further services, managing your account online (including accessing documentation and engaging in correspondence with us by phone, email or otherwise). We may also ask you for information when you report a problem with our sites or services. If you complete any surveys, we will collect information in such circumstances as well. The information you give us may include your name, address, email address, phone number, payment details, enquiry details, your Kortext account username, details of your institution and/or employer, your role at the relevant institution, your professor or teacher, your course subject, and records of any correspondence and responses to any surveys.
- Personal information we collect about you: We may automatically collect the following information:
- Details of transactions you carry out through our sites and the content that you have purchased or accessed;
- Details of your visits to our sites, including, but not limited to, traffic data, clickstream to, through and from the website, page response times, download errors, length of visits, page interaction, methods used to browse away from the page, location data (where enabled), weblogs and other communication data, and the resources you access;
- When you send and receive SMS messages to or from one of our services that provides SMS functionality, we may collect and maintain information associated with those messages, such as the phone number, the wireless operator associated with the phone number, the content of the message as well as the date and time of the transaction;
- Technical information, including, but not limited to, anonymous data collected by the hosting server for statistical purposes, the device IMEI, the Internet protocol (IP) address used to connect your computer or device to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform – please see Cookies for further information;
- Personal information that you allow to be shared that is part of your public profile or third party social network, type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
- Where you have a Kortext account, we collect information on the pages you visit, your subject areas of interest and your actions whilst using our sites or services, and when and how you use content (for example, cutting and pasting content, taking notes etc).
- Personal information we may receive from other sources: We obtain certain personal information about you from sources outside our business which may include our group companies and other third party companies or affiliates, including universities, schools, organisations working with universities and schools, official student funding bodies and our authorised resellers. We offer some of our services on or through other websites and the personal information that you provide to those sites may be sent to us in order to deliver the service. The personal information we receive from third party sources, such as your university or school or any organisation working with your university or school, may include your name, email address, the course you are enrolled on and the names of the modules you are studying, the module leader or teacher and other relevant information that the university or school may send to us.
How we use your personal information
The purposes for which we use your information and the legal basis under data protection laws on which we rely to do this are as follows:
- We may use and process your personal information where you have consented for us to do so for the purpose of contacting you via email, text and/or push notification with marketing information about our products and services. You may withdraw your consent for us to use your information in any of these ways at any time. Please see Withdrawing your consent for further details.
- We may use and process your personal information where it is necessary to fulfil a contract we have with you, or because you have asked us to take specific steps before entering into a contract. This will include information that we process in order to enable you to make use of our sites and the services we provide through it, including processing orders submitted on the sites and managing your Kortext account in accordance with the Kortext Terms and Conditions of Service Agreement.
- We may use and process your personal information where it is necessary for us to pursue our legitimate interests as a business for the following purposes:
- Where we have an agreement in place with your university or school to collect certain information about your use of our services and sharing information with them on your engagement with content on our sites paid for or provided by your university or school – they will use this for their own statistical and analysis purposes.
- For marketing activities (other than where we rely on your consent to contact you with information about our products and services or share your details with third parties to do the same);
- For analysis to inform our product development and marketing strategy, and to enhance and personalise your customer experience (including to improve our services and the recommendations we make to you through our communications with you, on our sites and through our applications);
- To assess and improve our service to customers through recordings of any calls with our contact centres;
- To verify the accuracy of data that we hold about you and create a better understanding of you as a customer;
- For network and information security in order for us to take steps to protect your information against loss or damage, theft or unauthorised access;
- To comply with a request from you in connection with the exercise of your rights (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists in order to be able to comply with your request);
- To correspond or communicate with you;
- For prevention of fraud and other criminal activities and to prevent, investigate and pursue suspected or actual infringements of publisher copyright and other intellectual property rights accessible on our site;
- For the management of queries, complaints, or claims; and
- For the establishment and defence of our legal rights.
- We will use your personal information to comply with our legal obligations: (i) owed to any public authority or criminal investigation body; (ii) to identify you when you contact us; and (iii) to verify the accuracy of data we hold about you.
Data anonymisation and use of aggregated information
Your information may be converted into statistical or aggregated data in such a way as to ensure that you are not identified or identifiable from it. Aggregated data cannot be linked back to you as a natural person. We may use this data for analytical and research purposes and share this anonymised data with interested parties such as universities, schools, student and teaching bodies and content producers.
Disclosure to and use of your information by third parties
- Group companies: we may share your information with other companies within the Kortext group (a list of group companies can be found at the end of this policy). They may use your personal information in the ways set out in How we use your personal information and in connection with the products and/or services that we or they offer.
- Your university or school and/or organisations that work with them: where your university or school has set up a Kortext account in your name, we receive information about the course and modules you are enrolled on and we will use that information to set up your Kortext account. We also receive other information as described in section Information we collect about you and how we collect it. We send your university or school data about their students’ interaction with the content they have provided to you through our sites; this information may include data on assessments and tests you have taken.
- Our suppliers and service providers: we may disclose your information to our third party service providers, agents, subcontractors and other organisations for the purposes of providing services to us or directly to you on our behalf. Such third parties may include cloud service providers (such as hosting and email management), IT maintenance providers, and administrative service providers. When we use third party service providers, we only disclose to them any personal information that is necessary for them to provide their service and we have a contract in place that requires them to keep your information secure and not to use it other than in accordance with our specific instructions.
- Credit/debit card payment processors: when you purchase any products or services online, your credit/debit card payment is processed by a third party payment processor, who specialises in the secure online capture and processing of credit/debit card transactions. If you have any questions regarding secure transactions, please contact us using the details at the end of this policy.
- Customer satisfaction surveys: as customer satisfaction is important to us, we may ask a third party research company to contact you for the sole purpose of gathering general information and specific information relating to us and our products and services.
- Other ways we may share your personal information: we may transfer your personal information to a third party as part of a sale of some or all of our business and assets to any third party or as part of any business restructuring or reorganisation. We may also transfer your personal information if we’re under a duty to disclose or share it in order to comply with any legal obligation, to detect or report a crime, to enforce or apply the terms of our contracts or to protect the rights, property or safety of our visitors, customers and third party licensees (including publishers we work with). However, we will always take steps with the aim of ensuring that your privacy rights continue to be protected.
Where we store your information/ transfers to third countries
All information you provide to us is stored on our own and our third party hosting providers’, secure servers which are located within the European Economic Area (EEA). We do not transfer to or store your information in the USA.
Third parties acting on our behalf are located within the EEA. Our group company located in Canada may have access to our servers from time to time to undertake development and maintenance of our site; Canada is a country which has been deemed ‘safe’ by the European Commission for the transfer of personal data.
If you use our services whilst you are outside the EEA, your information may be transferred and/or stored outside the EEA in order to provide you with those services.
Retention of your information
If we collect your personal information, the length of time we retain it is determined by a number of factors including the purpose for which we use that information and our obligations under other laws. We do not retain personal information in an identifiable format for longer than is necessary.
We may need your personal information to establish, bring or defend legal claims. For this purpose, we will always retain your personal information for 7 years after the date you cease to use our services (which is from the date at which your account becomes inactive or the date on which you ask us to delete your account). The only exceptions to this are where:
- the law requires us to hold your personal information for a longer period, or delete it sooner;
- you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law (see further Erasing your personal information or restricting its processing); or
- in limited cases, the law permits us to keep your personal information indefinitely provided we put certain protections in place.
Security and links to other sites
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our sites and any transmission is at your own risk. Once we have received your personal information, we put in place reasonable and appropriate controls to ensure that it remains secure against accidental or unlawful destruction, loss, alteration, or unauthorised access.
Where we have given (or where you have chosen) a password which enables you to access your Kortext account, you are responsible for keeping this password confidential. We ask you not to share your password with anyone and to ensure that your password is a minimum of 8 characters long using numbers, symbols and letters. We also ask that you change your password regularly.
Our sites may contain links to other sites run by other organisations. This policy does not apply to those other websites and apps‚ so we encourage you to read their privacy statements. We cannot be responsible for the privacy policies and practices of other websites and apps even if you access them using links that we provide. In addition, if you linked to our sites from a third party website, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party website and recommend that you check the policy of that third party website.
We may collect your preferences to receive marketing information directly from us by email, text and/or push notification in the following ways:
- if you register for a Kortext account, we will ask you if you would like to provide your consent to receive marketing information directly from us; or
- if you place an order we may contact you with marketing information, except where you indicate you would prefer otherwise.
We may contact you with marketing information by post or by telephone or with targeted advertising delivered online through social media and platforms operated by other companies by using your personal information, or use your personal information to tailor marketing to improve its relevance to you, unless you object.
If you do not complete a purchase and have not indicated that you would prefer otherwise, we may send a reminder to you about your incomplete purchase or ask why you did not complete the purchase so that we may better refine the service we offer.
From time to time, we may ask you to refresh your marketing preferences by asking you to confirm that you consent to continue receiving marketing information from us.
You have the right to opt-out of our use of your personal information to provide marketing to you in any of the ways mentioned above. Please see Withdrawing your Consent and Objecting to our use of your personal information and automated decisions made about you for further details on how you can do this.
You have a number of rights in relation to your personal information under data protection law. In relation to certain rights, we may ask you for information to confirm your identity and, where applicable, to help us to search for your personal information. Except in rare cases, we will respond to you within one month from either (i) the date that we have confirmed your identity or (ii) where we do not need to do this because we already have this information, from the date we received your request.
- Accessing your personal information. You have the right to ask for a copy of the information that we hold about you by emailing or writing to us at the address at the end of this policy. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.
- Correcting and updating your personal information. The accuracy of your information is important to us and we are working on ways to make it easier for you to review and correct the information that we hold about you. In the meantime, if you change your name or address/email address, or you discover that any of the other information we hold is inaccurate or out of date, please let us know by contacting us on any of the details described at the end of this policy.
- Withdrawing your consent. Where we rely on your consent as the legal basis for processing your personal information, as set out in this policy, you may withdraw your consent at any time by contacting us using the details at the end of this policy or, for marketing communications, you can use our unsubscribe tool in the relevant communication. If you withdraw your consent, our use of your personal information before you withdraw is still lawful.
- Objecting to our use of your personal information and automated decisions made about you. Where we rely on our legitimate interests as the legal basis for processing your personal information for any purposes, as set out in this policy, you may object to us using your information for these purposes by emailing or writing to us at the address at the end of this policy. If we agree that your objection is justified in accordance with your rights under data protection laws, we will permanently stop using your data for those purposes. Otherwise we will provide you with our justification as to why we need to continue using your data. You may object to us using your personal information for direct marketing purposes and we will automatically comply with your request. If you would like to do so, please use our unsubscribe tool, if applicable. You may also contest a decision made about you based on automated processing by emailing or writing to us at the address at the end of this policy.
- Erasing your personal information or restricting its processing. In certain circumstances, you may ask for your personal information to be removed from our systems by emailing or writing to us at the address at the end of this policy. Provided we do not have any continuing lawful reason to continue processing or holding your personal information, we will make reasonable efforts to comply with your request. You may also ask us to restrict processing your personal information where you believe it is unlawful for us to do so, you have objected to its use and our investigation is pending or you require us to keep it in connection with legal proceedings. We may only process your personal information whilst its processing is restricted if we have your consent or are legally permitted to do so, for example for storage purposes, to protect the rights of another individual or company or in connection with legal proceedings.
- Transferring your personal information in a structured data file. Where we rely on your consent as the legal basis for processing your personal information or need to process it in connection with a contract we have with you, you may ask us to provide you with a copy of that information in a structured data file. We will provide this to you electronically in a structured, commonly used and machine readable form, such as a CSV file.
- You can ask us to send your personal information directly to another service provider, and we will do so if this is technically possible. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.
- Complaining to the UK data protection regulator. If you have concerns about the way we have handled your personal information, we encourage you to contact us and we will seek to resolve any issues or concerns you may have. You will find our contact details at the end of this policy. You have the right to complain to the Information Commissioner’s Office (ICO) if you are concerned about the way we have processed your personal information. Please visit the ICO’s website for further details.
Changes to this policy
We may review this policy from time to time and any changes will be notified to you by posting an updated version on our sites and/or by contacting you by email. Any changes will take effect 7 days after the date of our email or the date on which we post the modified terms on our sites, whichever is the earlier. We recommend you regularly check for changes and review this policy whenever you visit our sites. If you do not agree with any aspect of the updated policy you must immediately notify us and cease using our sites and/or services.
Please direct any queries about this policy or about the way we process your personal information to our Data Protection Champion using the contact details below.
If you wish to write to us, please write to Kortext Ltd, Avalon House, 26-32 Oxford Road, Bournemouth BH8 8EZ.
Our email address for data protection queries is firstname.lastname@example.org
If you would prefer to speak to us by phone, please call +44-1202-551203
Kortext Ltd – in UK
Kortext Canada Ltd – in Canada
Kortext Australia Ltd – in Australia