How Cortex IQ handles personal data

This Privacy Policy explains how Cortex IQ, operated for Reify Maxim Group, processes personal information when users access the platform for provider operations, learner onboarding, staff onboarding, resource access, training delivery, assessment workflows, audit readiness, and certification support. It applies to invited users, public signups, authenticated workspace users, and organisations using the platform.

We collect only the information reasonably required to operate the platform, maintain traceability, and support training delivery and compliance obligations.

We use personal information to authenticate users, manage role-based access, process invitations, create and maintain learner or staff profiles, support dashboards, deliver resources, track attendance and assessments, manage communications, monitor compliance readiness, investigate issues, and maintain platform integrity.

Where applicable, we process personal information under lawful bases that include consent, the performance of a contract or service arrangement, compliance with legal or regulatory obligations, and legitimate interests in operating a secure, auditable, and effective training management platform. In the South African context, this policy is intended to align with POPIA. Where relevant, the processing principles also reflect GDPR-aligned expectations around lawfulness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity, and accountability.

We do not sell personal information. We may share data only where required to operate the platform or support legitimate delivery and compliance functions.

Where technology providers or infrastructure services process data outside South Africa, we take reasonable steps to ensure an appropriate level of protection through contractual controls, provider safeguards, or other recognised security and privacy measures.

We retain information only for as long as necessary to provide the platform, preserve delivery and audit records, meet legal or contractual obligations, resolve disputes, and support system security. Retention periods may differ according to record type, including learner records, staff records, assessment evidence, communications, and audit logs.

Depending on applicable law and the relationship between the user, the provider, and the platform, data subjects may request access to their personal information, correction of inaccurate information, deletion where appropriate, restriction of processing, objection to certain processing, and information about how their data is being used. Users may also request a copy of relevant information where legally applicable. We may need to retain certain records where required for legal, contractual, audit, or compliance reasons.

We use reasonable technical and organisational safeguards to protect personal information against unauthorised access, loss, misuse, alteration, or disclosure. These safeguards may include access controls, password hashing, role-based permissions, audit logging, environment-based configuration, and controlled operational visibility.

The platform uses essential cookies or local storage mechanisms required for authentication, navigation continuity, preference persistence, and application security. If a separate cookie policy is published later, this section may be updated to reference it directly.

Cortex IQ is intended for managed training operations and is not designed as an open consumer service for children. Where learner data involves minors, the responsible organisation or provider must ensure that appropriate lawful authority, consent, and operational controls are in place before that information is processed through the platform.

We may update this Privacy Policy when platform capabilities, legal obligations, data flows, or operating practices change. Updated versions will be published on this page with the latest effective date, last updated date, and version reference.

Questions, access requests, correction requests, or privacy concerns can be directed to frederick@reifymaximgroup.co.za.