Privacy

Cortex Reply respects your privacy and is committed to protecting it. The purpose of this website is to share knowledge. Each article is written based on knowledge and experience of our employees and promoted through LinkedIn. If you landed on this website, you might have read a snippet in your LinkedIn feed or found us through Google search. 

​
Introduction
​
We take the protection of our users’ data on our website  very seriously and are committed to protecting the information users provide to us in connection with their use of our website. Additionally, we are committed to protecting and using your data in compliance with applicable law. 
​
​This privacy policy applies to the processing of personal data in connection with our website as well as to personal data processed in the context of our recruitment activities, which are handled using a separate applicant tracking system. 
​
Please read this privacy policy carefully to ensure that you fully understand our practices regarding your data before using our services. If you have read, fully understood, and do not agree with this policy, you must cease use of our digital assets and services. By using our services, you acknowledge the terms of this privacy policy. Continued use of the services constitutes your acceptance of this privacy policy and any amendments to it.
​
This privacy policy explains:

• How we collect data

• What data we collect

• Why we collect this data

• To whom we disclose the data

• Where the data is stored

• How long the data is retained

• How we protect the data

• Updates or changes to the privacy policy

​​
What Data Do We Collect?
​

Below is an overview of the data we may collect: 

• Non-identifiable and non-identifying information that is collected through your use of our services (“non-personal data”). Non-personal data cannot be used to identify the individual from whom it was collected. Non-personal data we collect primarily consists of technical and aggregated usage information. 

• Individually identifiable information, meaning any data that can identify you or could reasonably be used to identify you (“personal data”). Personal data collected through our services may include, but is not limited to, information such as names, email addresses, physical addresses, phone numbers, IP addresses, and other details as required. If we combine personal data with non-personal data, the combined data will be treated as personal data as long as it remains combined. 

​
How Do We Collect Data?
​
We collect data using the following primary methods:

• Data collected through your use of our services: When you visit our digital assets and use our services, we may collect, record, and store usage, session, and related data. 

• Data you voluntarily provide: For example, when you contact us directly via any communication channel (e.g., an email with comments or feedback). 

• Data collected from third-party sources as described below. 

​
Why Do We Collect This Data?
​

We process personal data under Article 6(1)(f) of the GDPR based on our legitimate interest in providing a secure, efficient, and user-friendly website. We may use your data for the following purposes: 

• To provide and operate our services. 

• To develop, customize, and improve our services. 

• To respond to your feedback, inquiries, and requests and offer assistance. 

• To analyze usage patterns and demands. 

• For other internal, statistical, and research purposes. 

• To improve our data security and fraud prevention capabilities. 

• To investigate and enforce violations of our policies and terms and comply with applicable laws, regulations, or governmental orders. 

To send you updates, notices, promotional materials, and other information related to our services. For promotional emails, you can opt out by clicking the unsubscribe link included in such emails. 

​

The processing of personal data in the context of job applications is subject to separate purposes and legal bases as described in the “Recruiting / Job Applications” section below. 

​
To Whom Do We Disclose This Data?
​
We may share your data with service providers to operate our services (e.g., hosting services, technical support, etc.).
We may also disclose your data under the following circumstances:

1. To investigate, detect, prevent, or act against illegal activities or other misconduct.

2. To establish or exercise our rights of defense.

3. To protect our rights, property, or personal safety and that of our users or the public.

4. In the event of a corporate transaction (e.g., a merger, acquisition, or asset sale).

5. To collect, retain, and/or manage your data via authorized third-party providers as needed for business purposes.

6. To collaborate with third-party providers to improve your user experience.

​
Hosting
​

We host the content of our website with the following provider: WIX 

The provider is Wix.com Ltd., 40 Namal Tel Aviv St., Tel Aviv 6350671, Israel (hereinafter referred to as “WIX”). 

WIX is a tool for creating and hosting websites. When you visit our website, WIX analyzes user behavior, visitor sources, the region of website visitors, and visitor numbers. WIX stores cookies in your browser, which are necessary for the website’s display and security (essential cookies). 

​ 

The data collected by WIX may be stored on various servers worldwide. WIX servers are located, among other places, in the USA. 

​ 

For details, please refer to WIX's Privacy Policy: https://www.wix.com/about/privacy. 

​ 

According to WIX, data transfers to the USA and other third countries are based on the EU Commission’s Standard Contractual Clauses or similar guarantees pursuant to Art. 46 GDPR. Details can be found here: https://www.wix.com/about/privacy-dpa-users. 

​ 

The use of WIX is based on Art. 6(1)(f) GDPR. We have a legitimate interest in a reliable presentation of our website. Where consent has been requested, the processing is exclusively based on Art. 6(1)(a) GDPR and § 25(1) TTDPA, insofar as the consent includes the storage of cookies or access to information in the user's device (e.g., device fingerprinting) as defined by the TTDPA. Consent can be revoked at any time. 

​ 

The company is certified under the “EU-US Data Privacy Framework” (DPF). The DPF is an agreement between the European Union and the United States aimed at ensuring compliance with European data protection standards when processing data in the USA. Every company certified under the DPF is obligated to adhere to these data protection standards. Further information can be obtained directly from the provider at the following link: https://www.dataprivacyframework.gov/participant/5626 

​
Data Processing Agreement (DPA)
​
We have entered into a Data Processing Agreement (DPA) for the use of the above-mentioned service. This is a legally required contract ensuring that the provider processes the personal data of our website visitors exclusively according to our instructions and in compliance with the GDPR. For more information on the DPA, please see: https://www.wix.com/about/privacy-dpa-users 
​
Use of LinkedIn Plugins
​
Our website uses plugins from the social network LinkedIn. The provider of this service is LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. You can recognize the LinkedIn plugins by the LinkedIn logo.
When you visit our website, a direct connection is established between your browser and the LinkedIn servers via the plugin. LinkedIn is informed that you have visited our website with your IP address. If you click the LinkedIn button and are logged into your LinkedIn account, LinkedIn can associate your visit to our website with your user account. Please note that as the provider of this website, we have no knowledge of the content of the transmitted data or how it is used by LinkedIn.
​
Legal Basis for Processing
 
The use of LinkedIn plugins is based on Art. 6 (1) (f) GDPR. Our legitimate interest lies in optimizing and improving the visibility of our online offerings. If consent was requested (e.g., via a cookie banner), the processing is solely based on Art. 6 (1) (a) GDPR; consent can be revoked at any time.
​
Data Transfer to Third Countries
 
LinkedIn may transfer personal data to the USA or other third countries outside the European Economic Area (EEA). Please note that these countries do not provide a comparable level of data protection as in the EU. If LinkedIn transfers data to the USA, the data transfer is based on standard contractual clauses of the European Commission.
​
Further Information
​
For more details on the collection and use of your data by LinkedIn, as well as your rights and privacy settings, please refer to LinkedIn's privacy policy at: LinkedIn Privacy Policy.
​
Deactivation of LinkedIn Plugins
​
If you do not want LinkedIn to associate your visit to our website with your user account, please log out of your LinkedIn account before visiting our website. You can also completely prevent the loading of LinkedIn plugins by using corresponding add-ons for your browser (e.g., script blockers).
​
LinkedIn Company Page 
​
We maintain a company page on the LinkedIn platform, provided by LinkedIn Ireland Unlimited Company, Wilton Place, Dublin 2, Ireland. When you visit our LinkedIn page, LinkedIn processes personal data (such as IP address, device information and interactions) and provides us with anonymised statistics (“Page Insights”) about the use of our page. We do not gain access to identifiable personal data of individual visitors. The processing is based on Art. 6(1)(f) GDPR and our legitimate interest in corporate communication and public visibility. With regard to Page Insights data, LinkedIn and we are considered joint controllers pursuant to Art. 26 GDPR; LinkedIn assumes primary responsibility under the joint controller arrangement. Further details on data processing by LinkedIn can be found at: LinkedIn Privacy Policy. 
​
Use of Facebook Plugins 
​
Our website uses plugins from the social media network Facebook. The provider of this service is Meta Platforms Ireland Limited, 4 Grand Canal Square, Grand Canal Harbour, Dublin 2, Ireland. The Facebook plugins can be identified by the Facebook logo or the "Like" or "Share" button on our website. 
When you visit our website, a direct connection is established between your browser and Facebook's servers through the plugin. Facebook thereby receives information that you have visited our website with your IP address. If you click the Facebook "Like" or "Share" button while logged into your Facebook account, you can link or share the content of our website on your Facebook profile. This allows Facebook to associate your visit to our website with your user account. Please note that as the provider of this website, we have no knowledge of the content of the transmitted data or how it is used by Facebook. 
​
Legal Basis for Processing 

The use of Facebook plugins is based on Art. 6 (1) (f) GDPR. Our legitimate interest lies in enabling the sharing of content from our website to increase visibility and reach. If consent was requested (e.g., via a cookie banner), the processing is solely based on Art. 6 (1) (a) GDPR; consent can be revoked at any time. 
​
Data Transfer to Third Countries 

Meta may transfer personal data to the USA or other third countries outside the European Economic Area (EEA). We point out that these countries may not offer a data protection level comparable to that of the EU. For transfers to the USA, Meta relies on standard contractual clauses as approved by the European Commission. 
​
Further Information 

For more details on how Facebook processes your data, please refer to their privacy policy: Facebook Privacy Policy. 
​
Deactivation of Facebook Plugins 

If you do not wish Facebook to associate your visit to our website with your Facebook account, please log out of your Facebook account before visiting our website. You can also block the Facebook plugins entirely by using appropriate browser add-ons (e.g., script blockers). 
​
Use of X (formerly Twitter) Plugins 
​
Our website integrates plugins from the social media platform X (formerly Twitter). The provider of this service is X Corp., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. You can recognize the X plugins by the X logo or terms such as "Tweet" or "Retweet." 
When you visit our website, a direct connection is established between your browser and X's servers through the plugin. This enables X to receive information that you have visited our website with your IP address. If you click on the X button while logged into your X account, you can share the content of our website on your X profile. This action allows X to associate your visit to our website with your account. We would like to point out that, as the provider of this website, we have no knowledge of the content of the transmitted data or how it is used by X. 
​
Legal Basis for Processing 

The use of X plugins is based on Art. 6 (1) (f) GDPR. Our legitimate interest lies in enabling the sharing of content from our website to increase visibility and reach. If consent was requested (e.g., via a cookie banner), the processing is solely based on Art. 6 (1) (a) GDPR; consent can be revoked at any time. 
​
Data Transfer to Third Countries 

X may process and transfer personal data to the USA or other third countries outside the European Economic Area (EEA). We highlight that these countries may not provide a comparable level of data protection to that of the EU. The data transfer by X may rely on appropriate safeguards, such as standard contractual clauses.
 
Further Information 

For more details on how X processes your data, please refer to their privacy policy: X Privacy Policy. 
Deactivation of X Plugins 
If you do not wish X to associate your visit to our website with your X account, please log out of your X account before visiting our website. You can also block the X plugins entirely by using appropriate browser add-ons (e.g., script blockers). 
 
Use of Search Engine Optimization Tools 
We use search engine tools such as Google Search Console, Bing Webmaster Tools and the IndexNow protocol solely to monitor and improve the technical availability and indexing of our website. These services provide us with aggregated, non-personal technical information generated within the search engines’ own systems; our website does not transmit personal data of visitors (including IP addresses, cookies or user identifiers) to these services and no client-side tracking code from these services is used. The legal basis is Art. 6(1)(f) GDPR (legitimate interest in ensuring proper functionality and search accessibility of our website). 
​
Cookies and Similar Technologies
​
Our websites use so-called "cookies." Cookies are small data packets and do not harm your device. They are either temporarily stored for the duration of a session (session cookies) or permanently (persistent cookies) on your device. Session cookies are automatically deleted after your visit. Persistent cookies remain on your device until you delete them yourself or they are automatically deleted by your web browser.
​
Cookies may come from us (first-party cookies) or third parties (so-called third-party cookies). Third-party cookies enable the integration of certain third-party services within websites (e.g., cookies for processing payment services).
Cookies serve various functions. Many cookies are technically necessary, as certain website functions would not work without them (e.g., shopping cart functionality or video display). Other cookies may be used for analyzing user behavior or for advertising purposes.
​
When you visit or access our services, we authorize third parties to use web beacons, cookies, pixel tags, scripts, and other technologies and analytics services ("tracking technologies"). These tracking technologies may allow third parties to automatically collect your data to improve the navigation experience on our digital assets, optimize their performance, and ensure a customized user experience, as well as for security and fraud prevention purposes.
To learn more about this, please read the Wix Cookie Policy: Wix Cookie Policy.
​
Without your consent, we will not disclose your email address or other personal data to advertising companies or advertising networks.​
​
Where Do We Store the Data?
​

Personal data processed in connection with our website is stored and processed primarily on the systems of our hosting provider WIX. Depending on the technical operation of the services used, processing may take place on servers located within the European Union and, where necessary, in third countries. In such cases, personal data is transferred in accordance with the requirements of applicable data protection law and the legally provided transfer mechanisms. 

Personal data processed in the context of job applications is stored and processed on the systems of our applicant tracking system provider and its sub-processors, in accordance with this privacy notice and applicable data protection law. 

​
How Long Will the Data Be Retained?
​

Please note that we will retain the collected data for as long as necessary to provide our services, comply with our legal and contractual obligations to you, resolve disputes, and enforce our agreements. 

We may correct, supplement, or delete inaccurate or incomplete data at any time, at our discretion. 

Specific retention periods for applicant data are described in the “Recruiting / Job Applications” section below. 

​
How Do We Protect Your Data?
​
The hosting service for our digital assets provides us with the online platform through which we offer our services to you. Your data may be stored through the data storage, databases, and general applications of our hosting provider. It stores your data on secure servers behind a firewall and provides secure HTTPS access to most areas of its services.
Despite the measures and efforts taken by us and our hosting provider, we cannot and do not guarantee absolute protection or security of the data you upload, publish, or otherwise share with us or others.
​
For this reason, we ask you to set secure passwords and avoid transmitting sensitive information to us or others, especially if you believe its disclosure could cause significant or lasting harm to you. Additionally, since email and instant messaging are not considered secure communication channels, we kindly ask you not to share sensitive information via these means.
​
We use your personal data only for the purposes outlined in the Privacy Policy and only when we are confident that:

• The use of your personal data is necessary to fulfill or enter into a contract (e.g., to provide you with the services themselves or to offer customer support or technical assistance).

• The use of your personal data is required to comply with applicable legal or regulatory obligations.

• The use of your personal data is necessary to support our legitimate business interests (provided that this is always done in a manner that is proportionate and respects your privacy rights).

 
As an EU resident, you can:

• Request confirmation as to whether personal data concerning you is being processed and access your stored personal data along with certain additional information.

• Request to receive personal data you have provided to us in a structured, commonly used, and machine-readable format.

• Request the rectification of your personal data stored with us.

• Request the deletion of your personal data.

• Object to the processing of your personal data by us.

• Request the restriction of the processing of your personal data.

• File a complaint with a supervisory authority.

​

Please note that these rights are not unlimited and may be subject to our own legitimate interests and regulatory requirements. If you have general questions about the personal data we collect and how it is used, please contact us as indicated below. 

​These rights apply to the processing of personal data in connection with our website as well as to personal data processed as part of our recruitment activities. 

In the course of providing the services, we may transfer data across borders to affiliated companies or other third parties and from your country/jurisdiction to other countries/jurisdictions worldwide.  

​ 

If you are a resident of the EEA, your personal data will only be transferred to locations outside the EEA if we are confident that an adequate or comparable level of protection for personal data exists. We will take appropriate steps to ensure that we have suitable contractual agreements with our third parties to guarantee that appropriate safeguards are in place. This minimizes the risk of unlawful use, alteration, deletion, loss, or theft of your personal data and ensures that these third parties act in compliance with applicable laws at all times. ​
​
Rights Under the California Consumer Privacy Act
​
If you use the services as a California resident, you may be entitled under the California Consumer Privacy Act (CCPA) to request access to and deletion of your data.
To exercise your right to access or delete your data, please see below for how to contact us.
We do not sell users' personal data for the purposes and intents of the CCPA.
​
Recruiting / Job Applications
​
We process personal data you submit as part of a job application exclusively for the purpose of conducting the recruitment process and deciding on the establishment of an employment relationship. This processing is carried out via our external applicant tracking system Recruitee (Tellent B.V.) and not via our website hosting platform (WIX). The legal basis is Art. 6(1)(b) GDPR in conjunction with § 26 BDSG. Recruitee acts as our data processor pursuant to Art. 28 GDPR on the basis of a data processing agreement. Applicant data is deleted after completion of the application process unless statutory retention obligations apply or you have expressly consented to longer storage (e.g. talent pool). In certain cases, applicant data may be collected by other companies within the Reply Group and transferred to us. We then process such data for our own recruitment purposes in accordance with this privacy notice.  
​
Updates or Changes to the Privacy Policy
​
We may revise this Privacy Policy at our discretion from time to time; the version published on the website is always the most current (see the "Last Updated" notice). We kindly ask you to regularly review this Privacy Policy for any changes. In the event of significant changes, we will post a notice on our website. If you continue to use the services after being notified of changes on our website, this will be considered your acknowledgment and acceptance of the changes to the Privacy Policy and your agreement to be bound by the terms of those changes. 
​
Contact
​
If you have general questions about the services or the data we collect about you and its use, please contact us at:

Controller pursuant to Art. 4(7) GDPR: 

Cortex Reply
a business division of Liquid Reply GmbH
 
Location: Bartholomäusweg 26 - 33334 Gütersloh - Germany
Phone: +49 5241 5009-0
Mail to: cortex@reply.de
Registered office of the company: Gütersloh