Kortext privacy policy
Last updated 30/08/2024
Your privacy matters
At Kortext Ltd we take your privacy seriously and we are committed to protecting it.
This Policy explains when and why we and the companies in our group (collectively, “Kortext”) collect personal information about you, how this information is used, and the conditions under which it may be disclosed to others and how it is kept secure. This Policy applies to all of the products, services and sites (including via the web and mobile applications) (together the “Services”) offered by Kortext Ltd or the companies in our group and forms part of the Kortext Terms and Conditions of Service Agreement.
This policy may change from time to time so please check this page occasionally to ensure that you’re happy with any changes.
Kortext Ltd and its group companies processes the personal data of living individuals such as its employees, contractors, partners, suppliers and customers. This processing is regulated by the Data Protection Act 2018 (DPA 2018), the UK General Data Protection Regulation (UK GDPR), and the Privacy and Electronic Communications Regulations 2003 (As Amended) (PECR), which collectively provide a broad framework for the UK’ domestic privacy and data protection legislation. The UK’s regulator for the DPA 2018, UK GDPR and PECR is the Information Commissioner’s Office (ICO).
Kortext Ltd is registered as a Data Controller with the ICO and is responsible for compliance with the DPA 2018, UK GDPR and PECR.
Kortext also complies to the requirements of The Personal Information Protection and Electronic Documents Act (PIPEDA) as regulated by the Office of the Privacy Commissioner of Canada (OPC), and the EU General Data Protection Regulation (EU GDPR) as regulated by member states, with oversight from the European Data Protection Board (EDPB).
Who we are
The Kortext group is made up of different individual companies. For a list of these companies please see the list at the end of this policy. Kortext Ltd’s registered office is at Avalon House, 26-32 Oxford Road, Bournemouth, Dorset, England BH8 8EZ and its registration number is 08617088.
Whenever dealing with our group companies, the relevant company that corresponds with the details in the list at the end of this policy is the data ‘controller’ in relation to the processing activities described below. A data controller is an organisation that decides why and how your personal information is processed.
Where this policy refers to “we”, “our” or “us” below, unless it mentions otherwise, it’s referring to the particular company that is the controller of your personal information.
How we collect data
When you use our Services, the categories of information that we may collect about you are as follows:
Personal information you give to us: This is information about you that you give to us by entering information via our sites, mobile applications, social media platforms and corresponding with us by phone, email or otherwise. This includes information provided at the time of signing up for a Kortext account, subscribing to the services we provide through our site, posting material or requesting further services, managing your account online (including accessing documentation and engaging in correspondence with us by phone, email or otherwise). We may also ask you for information when you report a problem with our sites or services. If you complete any surveys, we will collect information in such circumstances as well. The information you give us may include your name, address, email address, phone number, payment details, enquiry details, your Kortext account username, details of your institution and/or employer, your role at the relevant institution, your professor or teacher, your course subject, and records of any correspondence and responses to any surveys.
Personal information we collect about you: We may automatically collect the following information:
Details of transactions you carry out through our sites and the content that you have purchased or accessed;
Details of your visits to our sites, including, but not limited to, traffic data, clickstream to, through and from the website, page response times, download errors, length of visits, page interaction, methods used to browse away from the page, location data (where enabled), weblogs and other communication data, and the resources and platform tools you access and use;
When you send and receive SMS messages to or from one of our services that provides SMS functionality, we may collect and maintain information associated with those messages, such as the phone number, the wireless operator associated with the phone number, the content of the message as well as the date and time of the message;
Technical information, including, but not limited to, anonymous data collected by the hosting server for statistical purposes, the device IMEI, the Internet protocol (IP) address used to connect your computer or device to the Internet, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform – please see Cookies for further information.
Personal information that you allow to be shared that is part of your public profile or third party social network, type and version, time zone setting, browser plug-in types and versions, operating system and platform; and where you have a Kortext account, we collect information on the pages you visit, your subject areas of interest and your actions whilst using our sites or services, and when and how you use content (for example, cutting and pasting content, taking notes, the use of AI tools, etc).
Personal information we may receive from other sources: We obtain certain personal information about you from sources outside our business which may include our group companies and other third party companies or affiliates, including universities, schools, organisations working with universities and schools, official student funding bodies and our authorised resellers. We offer some of our services on or through other websites and the personal information that you provide to those sites may be sent to us in order to deliver the service. The personal information we receive from third party sources, such as your university or school or any organisation working with your university or school, or third party reseller may include your name, email address, the course you are enrolled on and the names of the modules you are studying, the module leader or teacher and other relevant information that the university or school or third party reseller may send to us.
Use of your personal data
The purposes for which we use your information and the legal basis under data protection laws on which we rely to do this are as follows:
We may use and process your personal information where you have consented for us to do so for the purpose of contacting you via email, text and/or push notification with marketing information about our products and services. You may withdraw your consent for us to use your information in any of these ways at any time. Please see Withdrawing your consent for further details.
We may use and process your personal information where it is necessary to fulfill the contract we have with you, or because you have asked us to take specific steps before entering into a contract. This will include information that we process in order to enable you to make use of our sites and the services we provide through it, including processing orders submitted on the sites and managing your Kortext account in accordance with the Kortext Terms and Conditions of Service Agreement.
We may use and process your personal information where it is necessary for us to pursue our legitimate interests as a business for the following purposes:
- Where we have an agreement in place with your university, school or other third party provider to collect certain information about your use of our services and sharing information with them on your engagement with content and tools on our sites paid for or provided by your university, school or other third party provider – they will use this for their own statistical and analysis purposes.
- For marketing activities (other than where we rely on your consent to contact you with information about our products and services or share your details with third parties to do the same);
- For analysis to inform our product development and marketing strategy, and to enhance and personalise your customer experience (including to improve our services and the recommendations we make to you through our communications with you, on our sites and through our applications);
- To assess and improve our service to customers through recordings of any calls with our contact centres;
- To verify the accuracy of data that we hold about you and create a better understanding of you as a customer;
- For network and information security in order for us to take steps to protect your information against loss or damage, theft or unauthorised access;
- To comply with a request from you in connection with the exercise of your rights (for example where you have asked us not to contact you for marketing purposes, we will keep a record of this on our suppression lists in order to be able to comply with your request);
- To correspond or communicate with you;
- For prevention of fraud and other criminal activities and to prevent, investigate and pursue suspected or actual infringements of publisher copyright and other intellectual property rights accessible on our site;
- For the management of queries, complaints, or claims; and
- For the establishment and defence of our legal rights.
We will use your personal information to comply with our legal obligations: (i) owed to any public authority or criminal investigation body; (ii) to identify you when you contact us; and (iii) to verify the accuracy of data we hold about you.
Data anonymisation and use of aggregated information
Your information may be converted into statistical or aggregated data in such a way as to ensure that you are not identified or identifiable from it. Aggregated data cannot be linked back to you as a natural person. We may use this data for analytical and research purposes and share this anonymised data with interested parties such as universities, schools, student and teaching bodies and content producers.
Disclosure to and use of your information by third parties
Group companies: we may share your information with other companies within the Kortext group (a list of group companies can be found at the end of this policy). They may use your personal information in the ways set out in ‘How we use your personal information and in connection with the products and/or services that we or they offer’.
The StREAM by Kortext product retains the legacy Solutionpath Privacy Policy.
Your university, school, other third party provider and/or organisations that work with them: where your university, school or other third party provider has set up a Kortext account in your name, we receive information about the course and modules you are enrolled on and we will use that information to set up your Kortext account. We also receive other information as described in the section ‘Information we collect about you and how we collect it’ above. We send your university, school or other third party provider data about their students’ interaction with the content and tools they have provided to you through our sites; this information may include data on assessments and tests you have taken.
Our suppliers and service providers: we may disclose your information to our third party service providers, agents, subcontractors and other organisations for the purposes of providing services to us or directly to you on our behalf. Such third parties may include cloud service providers (such as hosting and email management), IT maintenance providers, and administrative service providers. When we use third party service providers, we only disclose to them any personal information that is necessary for them to provide their service and we have a contract in place that requires them to keep your information secure and not to use it other than in accordance with our specific instructions.
Third parties who provide products and services: we work closely with various third parties to bring you a range of products and services which are complementary to those which we provide (for example, citation services, translation services and tutoring). When you enquire about or purchase one or more of these products or services through us, the relevant third party may use your details to provide you with information and carry out their obligations arising from any contracts you have entered into with them. These third party product providers may share your information with us which we will use in accordance with this policy. In some cases, they will be acting as a controller of your information and therefore we advise you to read their privacy policy.
Credit/debit card payment service providers: when you purchase any products or services online, your credit/debit card payment is processed by payment service providers, who specialises in the secure online capture and processing of credit/debit card transactions. If you have any questions regarding secure transactions, please contact us using the details at the end of this policy.
Customer satisfaction surveys: as customer satisfaction is important to us, we may ask a third party research company to contact you for the sole purpose of gathering general information and specific information relating to us and our products and services.
Other ways we may share your personal information: we may transfer your personal information to a third party as part of a sale of some or all of our business and assets to any third party or as part of any business restructuring or reorganisation. We may also transfer your personal information if we’re under a duty to disclose or share it in order to comply with any legal obligation, to detect or report a crime, to enforce or apply the terms of our contracts or to protect the rights, property or safety of our visitors, customers and third party licensees (including publishers we work with). However, we will always take steps with the aim of ensuring that your privacy rights continue to be protected.
Where we store your information/transfers to third party countries
All information you provide to us is stored on our own and our third party hosting providers’, secure servers which are located within the European Economic Area (EEA). We do not transfer to or store your information in the USA.
Third parties acting on our behalf are located within the EEA. Our group company located in Canada may have access to our servers from time to time to undertake development and maintenance of our site; Canada is a country which has been deemed ‘safe’ by the European Commission for the transfer of personal data.
If you use our services whilst you are outside the EEA, your information may be transferred and/or stored outside the EEA in order to provide you with those services.
Retention of your information
If we collect your personal information, the length of time we retain it is determined by a number of factors including the purpose for which we use that information and our obligations under other laws. We do not retain personal information in an identifiable format for longer than is necessary.
We may need your personal information to establish, bring or defend legal claims. For this purpose, we will always retain your personal information for 7 years after the date you cease to use our services (which is from the date at which your account becomes inactive or the date on which you ask us to delete your account). The only exceptions to this are where:
the law requires us to hold your personal information for a longer period, or delete it sooner;
you exercise your right to have the information erased (where it applies) and we do not need to hold it in connection with any of the reasons permitted or required under the law (see further Erasing your personal information or restricting its processing); or
in limited cases, the law permits us to keep your personal information indefinitely provided we put certain protections in place.
Security and links to other sites
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our sites and any transmission is at your own risk. Once we have received your personal information, we put in place reasonable and appropriate controls to ensure that it remains secure against accidental or unlawful destruction, loss, alteration, or unauthorised access.
Where we have given (or where you have chosen) a password which enables you to access your Kortext account, you are responsible for keeping this password confidential. We ask you not to share your password with anyone and to ensure that your password is a minimum of 8 characters long using numbers, symbols and letters. We also ask that you change your password regularly.
Our sites may contain links to other sites run by other organisations. This policy does not apply to those other websites and apps‚ so we encourage you to read their privacy statements. We cannot be responsible for the privacy policies and practices of other websites and apps even if you access them using links that we provide. In addition, if you linked to our sites from a third party website, we cannot be responsible for the privacy policies and practices of the owners and operators of that third party website and recommend that you check the policy of that third party website.
Cookies
For a full list of the cookies we use on our website, please refer to our Cookie Policy for more information.
Cookies are unique identifiers that we transfer to your device to enable our systems to recognize your device and to provide some of our Service features such as simple click purchasing, recommendations etc. We also use cookies (including Google Analytics cookies) to obtain an overall view of visitor habits and visitor volumes to our sites).
The Help feature on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, or how to disable cookies altogether. Because cookies allow you to take advantage of some of our Services essential features, we recommend that you leave them turned on.
Google Analytics
We use Google Analytics cookies to obtain an overall view of visitor habits and visitor volumes to our sites.
If you don’t want Analytics to be used in your browser, you can install the Google Analytics browser add-on. This add-on provides you with an opt out function. Learn more about Google Analytics and privacy.
Further information about “How Google uses information from sites or apps that use their services”, can be found here
Force24 Cookies & Tracking
Our organisation utilises Force24’s marketing automation platform.
Force24 cookies are first party cookies and are enabled at the point of cookie acceptance on this website. The cookies are named below:
- F24_autoID
- F24_personID
They allow us to understand our audience engagement thus allowing better optimisation of marketing activity.
f24_autoId – This is a temporary identifier on a local machine or phone browser that helps us track anonymous information to be later married up with f24_personid. If this is left anonymous it will be deleted after 6 months . Non-essential, first party, 10 years, persistent.
f24_personId – This is an ID generated per individual contact in the Force24 system to be able to track behaviour and form submissions into the Force24 system from outside sources per user. This is used for personalisation and ability to segment decisions for further communications. Non-essential, first party, 10 years, persistent.
The information stored by Force24 cookies remains anonymous until:
- Our website is visited via clicking from an email or SMS message, sent via the Force24 platform and cookies are accepted on the website.
- A user of the website completes a form containing email address from either our website or our Force24 landing pages.
The Force24 cookies will remain on a device for 10 years unless they are deleted.
Other Tracking
We also use similar technologies including tracking pixels and link tracking to monitor your viewing activities
Device & browser type and open statistics
All emails have a tracking pixel ( a tiny invisible image ) with a query string in the URL. Within the URL we have user details to identify who opened an email for statistical purposes.
Link Tracking
All links within emails and SMS messages sent from the Force24 platform contain a unique tracking reference, this reference help us identify who clicked an email for statistical purposes.
Marketing
We may collect your preferences to receive marketing information directly from us by email, text and/or push notification in the following ways:
If you register for a Kortext account, we will ask you if you would like to provide your consent to receive marketing information directly from us; or
if you place an order we may contact you with marketing information, except where you indicate you would prefer otherwise.
We may contact you with marketing information by post or by telephone or with targeted advertising delivered online through social media and platforms operated by other companies by using your personal information, or use your personal information to tailor marketing to improve its relevance to you, unless you object.
If you do not complete a purchase and have not indicated that you would prefer otherwise, we may send a reminder to you about your incomplete purchase or ask why you did not complete the purchase so that we may better refine the service we offer. From time to time, we may ask you to refresh your marketing preferences by asking you to confirm that you consent to continue receiving marketing information from us. You have the right to opt-out of our use of your personal information to provide marketing to you in any of the ways mentioned above.
To opt-out follow these steps:
- Visit store.kortext.com/customer/info to view your account settings
- Uncheck the box “I’d like to be notified about promotions by email or push notifications” in the Marketing Preferences section
- Click save
Your rights
You have a number of rights in relation to your personal information under data protection law. In relation to certain rights, we may ask you for information to confirm your identity and, where applicable, to help us to search for your personal information. Except in rare cases, we will respond to you within one month from either (i) the date that we have confirmed your identity or (ii) where we do not need to do this because we already have this information, from the date we received your request.
To be informed about the processing of your information. This is what this privacy policy sets out to do.
Accessing your personal information. You have the right to ask for a copy of the information that we hold about you by emailing or writing to us at the address at the end of this policy. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.
Correcting and updating your personal information. The accuracy of your information is important to us and we are working on ways to make it easier for you to review and correct the information that we hold about you. In the meantime, if you change your name or address/email address, or you discover that any of the other information we hold is inaccurate or out of date, please let us know by contacting us on any of the details described at the end of this policy.
Withdrawing your consent. Where we rely on your consent as the legal basis for processing your personal information, as set out in this policy, you may withdraw your consent at any time by contacting us using the details at the end of this policy or, for marketing communications, you can use our unsubscribe tool in the relevant communication. If you withdraw your consent, our use of your personal information before you withdraw is still lawful.
Objecting to our use of your personal information and automated decisions made about you. Where we rely on our legitimate interests as the legal basis for processing your personal information for any purposes, as set out in this policy, you may object to us using your information for these purposes by emailing or writing to us at the address at the end of this policy. If we agree that your objection is justified in accordance with your rights under data protection laws, we will permanently stop using your data for those purposes. Otherwise we will provide you with our justification as to why we need to continue using your data. You may object to us using your personal information for direct marketing purposes and we will automatically comply with your request. If you would like to do so, please use our unsubscribe tool, if applicable. You may also contest a decision made about you based on automated processing by emailing or writing to us at the address at the end of this policy.
Erasing your personal information or restricting its processing. In certain circumstances, you may ask for your personal information to be removed from our systems by emailing or writing to us at the address at the end of this policy. Provided we do not have any continuing lawful reason to continue processing or holding your personal information, we will make reasonable efforts to comply with your request. You may also ask us to restrict processing your personal information where you believe it is unlawful for us to do so, you have objected to its use and our investigation is pending or you require us to keep it in connection with legal proceedings. We may only process your personal information whilst its processing is restricted if we have your consent or are legally permitted to do so, for example for storage purposes, to protect the rights of another individual or company or in connection with legal proceedings.
Transferring your personal information in a structured data file. Where we rely on your consent as the legal basis for processing your personal information or need to process it in connection with a contract we have with you, you may ask us to provide you with a copy of that information in a structured data file. We will provide this to you electronically in a structured, commonly used and machine readable form, such as a CSV file.
You can ask us to send your personal information directly to another service provider, and we will do so if this is technically possible. We may not provide you with a copy of your personal information if this concerns other individuals or we have another lawful reason to withhold that information.
Complaining to the UK data protection regulator. If you have concerns about the way we have handled your personal information, we encourage you to contact us and we will seek to resolve any issues or concerns you may have. You will find our contact details at the end of this policy. You have the right to complain to the Information Commissioner’s Office (ICO) if you are concerned about the way we have processed your personal information. Please visit the ICO’s website for further details.
Changes to this policy
We may review this policy from time to time and any changes will be notified to you by posting an updated version on our sites and/or by contacting you by email. Any changes will take effect 7 days after the date of our email or the date on which we post the modified terms on our sites, whichever is the earlier. We recommend you regularly check for changes and review this policy whenever you visit our sites. If you do not agree with any aspect of the updated policy you must immediately notify us and cease using our sites and/or services.
Contact us
Please direct any queries about this policy or about the way we process your personal information to our Data Protection Champion using the contact details below.
If you wish to write to us, please write to Kortext Ltd, Avalon House, 26-32 Oxford Road, Bournemouth BH8 8EZ.
Our email address for data protection queries is data@kortext.com
If you would prefer to speak to us by phone, please call +44-1202-551203
Making a complaint
The supervisory authority in the UK for data protection matters is the Information Commissioner’s Office (ICO). If you think your data protection rights have been breached in any way by us, you are able to make a complaint to the ICO. The ICO helpline is +44 (0)303 123 1113
This Privacy Policy was last updated on 30 August 2024
Group companies:
Kortext Ltd – in UK
Kortext Canada Ltd – in Canada
Kortext Australia Ltd – in Australia
Kortext Inc – in the USA
Kortext FZO – in the United Arab Emirates
Solutionpath Ltd (StREAM by Kortext)– in UK