Legal
Privacy Policy
We engineer certainty -- including how we handle your data. This policy explains exactly what we collect, why we collect it, and the rights you hold over your information.
Last updated:
Data Collection Scope
We collect only the information you voluntarily provide through our website contact forms and discovery call scheduling. We do not use tracking pixels, behavioral profiling tools, or third-party data brokers to supplement your profile.
Information collected via our forms:
Identity Information
Full name and job title as entered in the contact form
Contact Details
Business email address and phone number (if provided)
Company Information
Company name and industry category as self-described
Project Context
Free-text description of your engineering challenge or inquiry
No passive data collection: We do not automatically collect IP addresses, browser fingerprints, or behavioral analytics beyond standard server access logs required for website security.
Data Usage Purpose
Your data is used exclusively to respond to your inquiry and facilitate business engagement with CORIO. We apply the same engineering precision to data use that we apply to product specifications -- no scope creep, no undeclared purposes.
Discovery Call Scheduling
Coordinating your 30-minute discovery call and sending calendar confirmations or rescheduling communications.
Inquiry Follow-Up
Responding to your specific engineering questions or project brief with relevant methodology context and next-step recommendations.
Engagement Onboarding
If you proceed to a paid engagement, your contact information is used to establish the project record and assign your dedicated three-person team.
We will never use your data for:
Unsolicited marketing or cold outreach campaigns
Sale or rental to any third-party list brokers
Automated profiling or algorithmic scoring
Any purpose not stated in this policy
Confidentiality Commitment
Confidentiality is foundational to how CORIO operates. Our clients share sensitive product roadmaps, competitive intelligence, and supply chain strategies with us. The same protection we extend to client project data applies to your contact information.
Our Core Commitment
We do not disclose, sell, share, or transfer your personal information to any third party -- including suppliers, manufacturers, industry partners, or analytics vendors -- without your explicit written consent.
Data protection measures in place:
Internal Access Controls
Only the team member assigned to your inquiry has access to your contact data. It is not shared across unrelated internal projects.
Encrypted Storage
Form submissions are transmitted via TLS encryption and stored in access-controlled systems.
Defined Retention Period
Contact data for non-engaged inquiries is retained for a maximum of 24 months, after which it is permanently deleted unless an active engagement relationship exists.
No Subprocessor Disclosure
We do not engage marketing automation platforms, CRM data enrichment services, or analytics subprocessors that would receive your identifiable information.
Legal disclosure exception: We may disclose information only if required by applicable law, court order, or regulatory authority -- and only to the extent strictly required. We will notify you of any such request where legally permitted to do so.
Your Data Rights
You retain full control over any personal information you have submitted to CORIO. The following rights are available to you at any time, at no cost, with no requirement to justify your request.
Right of Access
Request a complete copy of all personal data we hold about you, including how it has been used and by whom it has been accessed.
Right to Correction
Request correction of any inaccurate or outdated information -- including name, email address, company details, or project context notes.
Right to Deletion
Request permanent deletion of all personal data associated with your inquiry. Deletion will be completed within 14 business days and confirmed in writing.
Right to Withdraw Consent
Withdraw consent for any communication at any time. Opt-out requests are processed within 5 business days with no effect on any prior service delivered.
How to Exercise Your Rights
Submit your request directly via email. Include your full name, the email address used in your original inquiry, and a brief description of your request (access, correction, or deletion). We will acknowledge receipt within 2 business days and complete the action within 14 business days.
Submit a Data RequestPolicy Updates
This policy may be updated periodically. Material changes will be communicated to active clients directly. The current version is always available at this URL.