- Privacy Policy

Privacy Policy With Respect to Data Received from Clients

INTRODUCTION

Coresecure, Inc. ("Coresecure" or "we") provides software development and managed hosting solutions, along with related offerings to its clients. This Privacy Policy outlines our general privacy and security practices concerning personally identifiable information ("personal information") received from clients via various online form submissions ("transaction data"). In cases where there is a conflict between this policy and a client contract, the client contract will prevail.

Please note, this policy does not cover how personal data is collected and processed by our clients who obtain personal information directly from consumers. Consumers should refer to the privacy policies of the entities with whom they share their data directly.

Coresecure adheres to this Privacy Policy across all its registered offices in the United States and Italy, and consistently works to comply with the General Data Protection Regulation (GDPR).

NATURE OF DATA RECEIVED AND FORMS OF COLLECTION

Coresecure processes personal information in several ways:

  1. Through our Website: We use cookies to collect statistical data about website usage (e.g., pages visited, visitor count) and any information users voluntarily provide.
  2. Through Business Interactions and Use of Our Services: As a data processor, we immediately transmit any personal information collected on behalf of our clients without storing it on our servers.
  3. Through Contractual Agreements: We collect and store information about entities we contact for business purposes (e.g., our clients) in our ERP solution, provided by Netsuite, Inc.
  4. Through Access to Public Databases and Other Online Resources: We may access publicly available information on the internet; however, we do not guarantee its accuracy or manage its presence online.

Cookies are small files stored on your device when you visit our website. They may be used to identify unique users by storing certain preferences and data. Our website uses Google Analytics, a web analytics service that uses cookies to evaluate website use, compile reports, and provide other services related to website activity and internet usage. These cookies do not collect sensitive information (e.g., name, age, ethnicity) and are anonymized. You may opt-out of cookies by adjusting your browser settings, but this may affect website functionality. For more details, visit Google’s Privacy Policy.

Coresecure also uses JobScore for recruitment management. For more information on how JobScore handles your data, please see JobScore's Privacy Policy.

USE OF DATA RECEIVED

Coresecure processes personal information to assist its clients in preventing fraud, online scams, and policy abuse. Personal information may be used to:

  • Administer and personalize the website;
  • Enable access to and use of website services;
  • Publish information on the website;
  • Process and deliver purchases or services;
  • Send statements, invoices, and marketing communications.

The retention period for personal information is defined by our contracts with clients and may vary based on service type. Generally, data is retained only for as long as necessary to fulfill its processing purposes. Information suspected of fraudulent use may be retained for longer in accordance with our agreements.

We may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

DISCLOSURES TO THIRD PARTIES

Coresecure does not share form submission data with third parties except in the following limited situations:

  • Third-Party Service Providers: Personal information may be accessible to third-party service providers who process data on behalf of our customers. These providers are contractually required to maintain privacy and security standards, including compliance with the GDPR.
  • Client-Directed Disclosures: Information may be disclosed to third parties as directed by the client who provided the information to Coresecure.
  • Business Transactions: Personal information may be transferred if Coresecure enters into a transaction involving the acquisition of all or substantially all of its assets.

DATA SUBJECT RIGHTS

Individuals whose data is processed by Coresecure have the right to:

  • Access, correct, or delete their personal data;
  • Restrict or object to the processing of their personal data;
  • Exercise the right to data portability;
  • Withdraw consent for marketing communications;
  • Lodge a complaint with a supervisory authority.

If your data was processed by Coresecure on behalf of one of its clients, please contact that client directly or Coresecure using the contact details provided below.

DATA RETENTION AND SECURITY

Personal data is retained only for as long as necessary to fulfill its intended purposes or as required by law. We implement organizational and technical measures to protect your data, including encryption, access controls, and regular security assessments. Despite these measures, data transmission over the internet is not completely secure, and we cannot guarantee absolute security.

INTERNATIONAL DATA TRANSFERS

When personal information is transferred internationally, Coresecure ensures that such transfers comply with applicable data protection laws, including the use of Standard Contractual Clauses or other safeguards as required by the GDPR.

ACCESS, CHOICE, AND CORRECTION

You may request access to, correction of, or deletion of your personal data by contacting us at:

Email: compliance@coresecure.com (subject: "Privacy Compliance")

Mailing Address:
Legal/Privacy Compliance
Coresecure, Inc.
10 Rogers Street, Suite 121
Cambridge, MA 02142, USA

We will respond within 30 days. To confirm your identity, we may request additional information, which will be stored only as necessary to fulfill the request.

CHILDREN'S PERSONAL INFORMATION

Coresecure's website is not intended for children under the age of 13, and we do not knowingly collect data from them. If you have questions about the privacy of children's personal information, please contact compliance@coresecure.com.

CHANGES TO THIS PRIVACY POLICY

This Privacy Policy may be updated periodically to reflect changes in regulations or our practices. The date of the last update will be indicated at the beginning of this policy.

CONTACT FOR QUESTIONS

If you have questions regarding the accuracy, use, processing, or storage of your data, please contact us at compliance@coresecure.com.

ENFORCEMENT

Coresecure regularly reviews its privacy practices to ensure compliance. We are subject to the investigatory and enforcement powers of the Federal Trade Commission (FTC).