Corithos Logo
Corithos

Privacy Policy

Last Updated: 18 August 2025

This Privacy Policy explains how Corithos processes your personal data when you use our website (https://corithos.com) (“the Website”). “Corithos” is a trading name of Ecoaetix Ltd. (Company Number: 16459167) registered in England and Wales, 128 City Road, London, EC1V 2NX, United Kingdom. Referred to herein as “Corithos”, “we”, “us”, and “our”.

We are registered with the Information Commissioner's Office (ICO) under application number: CI744430.

Data Controller

Ecoaetix Ltd (trading as Corithos) is the controller of your personal data. If you have any questions or requests about how we handle your data, please contact privacy@corithos.com.

Data We Collect

When you use the Website, we may collect the following categories of personal data:

  • Waitlist and mailing list sign-ups: your email address, and any name or organisation details you choose to provide.
  • Demo bookings: information you provide through Microsoft Bookings, such as name, email address, job title, organisation, and availability.
  • Security and website access: technical data such as IP address and device/browser information collected through Cloudflare Turnstile for spam and abuse prevention.
  • Communications: records of your correspondence with us if you contact us directly.
  • Log data: information about general use of the Website, such as page views, error logs, browser type, device information and timestamps.

We do not knowingly collect data from children. The Website is intended for business and professional use only.

How We Use Your Data

We process your personal data for the following purposes:

  • To provide demo bookings and manage our waitlist.
  • To send you marketing and product updates, where you have opted in to receive these.
  • To secure the Website against spam, fraud, and abuse.
  • To comply with legal and regulatory obligations.

Legal Bases for Processing

We rely on the following lawful bases under UK GDPR:

  • Consent: for sending you marketing communications (you can withdraw at any time).
  • Legitimate interests: for securing the Website and preventing abuse.
  • Contract: for handling demo bookings and enquiries you initiate.
  • Legal obligation: where we must retain data to comply with law.

Our legitimate interests include ensuring the security and integrity of our Website, preventing fraudulent activity, and maintaining reliable access for users.

Data Sharing and Processors

We share your personal data only with trusted third-party providers who act as processors on our behalf:

  • Cloudflare: provides Website security (Turnstile). Processes technical data (e.g. IP address, device/browser metadata) to prevent spam and abuse.
  • Resend: manages mailing list subscriptions and email delivery. Processes email addresses and related metadata.
  • Microsoft: provides demo booking functionality via Microsoft Bookings. Processes booking details (name, email, organisation, availability).

Each of these providers has its own privacy policies and may process data outside the UK/EU under appropriate safeguards (such as Standard Contractual Clauses).

We do not sell or rent your personal data.

Data Retention

We retain your personal data only for as long as necessary:

  • Mailing list data: until you unsubscribe.
  • Demo booking data: for up to 12 months after the booking, unless you request deletion sooner.
  • Security logs: typically retained for 30 days, unless required longer for security investigations.
  • General correspondence: retained for as long as reasonably necessary to resolve your enquiry, then archived for 12 months.

Your Rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your data.
  • Restrict or object to processing.
  • Request data portability.
  • Withdraw consent where processing is based on consent.
  • Lodge a complaint with the ICO: https://ico.org.uk/.

These rights may be subject to legal limitations. For example, we may be unable to delete data that we are required to retain for legal or regulatory purposes.

To exercise your rights, please contact us at privacy@corithos.com.

International Transfers

Some of our processors may transfer data outside the UK and EEA. Where they do, they implement safeguards such as Standard Contractual Clauses or equivalent mechanisms to ensure your data remains protected.

Security

We take appropriate technical and organisational measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction.

While we take appropriate measures to protect your personal data, no system or transmission of information via the internet can be guaranteed to be completely secure.

Updates to this Policy

We may update this Privacy Policy at any time. Any changes will be posted on this page with an updated "Last Updated" date.

Contact Us

If you have any questions about this Privacy Policy, please contact us at privacy@corithos.com.

For general enquiries, please visit our Contact Us (https://corithos.com/contact) page.