Privacy Policy

Rogue Cortex Ltd ("Rogue Cortex", "we", "us", or "our") is committed to protecting your personal data. This Privacy Policy explains what information we collect, how we use it, the legal bases we rely on, and your rights under the UK General Data Protection Regulation (UK GDPR) and the EU General Data Protection Regulation (EU GDPR).

1. Who We Are

Rogue Cortex Ltd is the data controller responsible for your personal data. We are incorporated in England and Wales.

If you have any questions about this policy or wish to exercise your rights, you can contact us at:
Email: corporate@roguecortex.com
Post: Rogue Cortex Ltd, England, United Kingdom

2. What Personal Data We Collect

We may collect and process the following categories of personal data:

• Identity data: name, username, or similar identifiers you provide when contacting us or creating an account.
• Contact data: email address and any other contact details you provide.
• Technical data: IP address, browser type and version, time zone, operating system, and device information collected automatically when you visit our website.
• Usage data: information about how you use our website, products, and services, including pages visited and actions taken.
• Communications data: messages you send to us via email, contact forms, or other channels.

We do not collect special category data (such as health, biometric, or racial/ethnic origin data) unless explicitly required and with your explicit consent.

3. How We Collect Your Data

• Directly from you when you fill in forms, correspond with us, or use our services.
• Automatically as you interact with our website through cookies and similar technologies (see Section 9).
• From third parties such as analytics providers or business partners, where they are lawfully permitted to share data with us.

4. How We Use Your Data

We use your personal data for the following purposes:

• To provide, operate, and improve our website and services.
• To respond to your enquiries and provide customer support.
• To send you information about our products, services, or events where you have consented or where we have a legitimate interest to do so.
• To comply with legal obligations.
• To detect and prevent fraud, abuse, or security incidents.
• To analyse usage and improve the performance and user experience of our website.

5. Legal Bases for Processing

We rely on the following legal bases under UK/EU GDPR to process your personal data:

• Contract: processing is necessary to perform a contract with you or to take steps at your request before entering into one.
• Legitimate interests: processing is necessary for our legitimate interests (such as improving our services and preventing fraud), provided those interests are not overridden by your rights.
• Legal obligation: processing is necessary to comply with a legal or regulatory obligation.
• Consent: where we have obtained your explicit consent, for example for marketing communications or non-essential cookies. You may withdraw consent at any time.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including for satisfying any legal, accounting, or reporting requirements. In general:

• Contact and communication records are retained for up to 3 years after our last interaction.
• Technical and usage logs are retained for up to 12 months.
• Data retained to comply with a legal obligation is kept for the period required by that obligation.

When data is no longer required, it is securely deleted or anonymised.

7. Sharing Your Data

We do not sell your personal data. We may share it with:

• Service providers who process data on our behalf (e.g. hosting, analytics, email delivery) under contractual data processing agreements.
• Professional advisers such as lawyers, auditors, and insurers, where necessary.
• Regulators and authorities where required by law or to protect our legal rights.
• Successors in the event of a merger, acquisition, or sale of all or part of our business, subject to the incoming party honouring this policy.

Where we transfer personal data outside the UK or the European Economic Area (EEA), we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the relevant authority.

8. Your Rights

Under UK/EU GDPR, you have the following rights in relation to your personal data:

• Right of access: to obtain a copy of the personal data we hold about you.
• Right to rectification: to have inaccurate or incomplete data corrected.
• Right to erasure ("right to be forgotten"): to request deletion of your data in certain circumstances.
• Right to restrict processing: to request that we limit how we use your data.
• Right to data portability: to receive your data in a structured, machine-readable format.
• Right to object: to object to processing based on legitimate interests or for direct marketing purposes.
• Rights related to automated decision-making: not to be subject to solely automated decisions that produce significant legal or similarly significant effects.
• Right to withdraw consent: where processing is based on consent, to withdraw it at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at corporate@roguecortex.com. We will respond within one calendar month. We may need to verify your identity before processing your request.

You also have the right to lodge a complaint with the UK supervisory authority, the Information Commissioner's Office (ICO), at ico.org.uk, or with the relevant EU supervisory authority in your country of residence.

9. Cookies

Our website uses cookies and similar tracking technologies. Cookies are small files stored on your device that help us operate the site and understand how it is used.

• Strictly necessary cookies: required for the website to function (e.g. session management). These cannot be opted out of.
• Analytics cookies: help us understand visitor behaviour in aggregate so we can improve the site. These are only set with your consent.

You can control cookies through your browser settings and, where consent is required, through our cookie preference controls. Disabling strictly necessary cookies may affect website functionality.

10. Security

We have implemented appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

11. Third-Party Links

Our website may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties and encourage you to review their privacy policies.

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this page periodically. Continued use of our website after changes are posted constitutes your acknowledgement of the updated policy.

Rogue Cortex Ltd — Incorporated in England and Wales. For privacy enquiries: corporate@roguecortex.com