Cordis SUITE

Privacy statement

Last updated: 30 April 2026.

Who we are

This site is operated by Cordis Automation B.V., a company registered in the Netherlands. For privacy questions you can reach us at info@cordis-suite.com or by post at the address listed on our contact page.

What data we collect

  • From the contact form: your name, email address, phone number, company, role, country and the message you send us.
  • When you sign in to view gated content: your name, email address, the identity provider you used (Microsoft or Google), the fact that you accessed the presentation and when, and whether you opted in to receive product updates.
  • Technical data: a first-party session cookie (cordis-auth) set only after you sign in, plus standard web server request logs (IP address, user agent, URL) kept for no longer than 30 days.
  • Presentation-viewing progress (when you're signed in): which slide you reached, approximately how many seconds you watched, and whether you completed the presentation. This helps us understand which parts are most useful.
  • From the AI assistant chat: the messages you send, the assistant's replies, and basic technical metadata about each exchange (timestamp, model used, tokens consumed, response time). We do not store your name or email with these messages. Your IP address is one-way hashed before storage so chats from the same visitor can be grouped without your IP being recoverable.

Why we collect it and the legal basis

  • Contact-form submissions are used to reply to your request. Legal basis: steps taken at your request prior to a potential contract (GDPR Art. 6(1)(b)).
  • Sign-in records are used to grant access to gated content and to know who is viewing our technical material. Legal basis: our legitimate interest in protecting shared knowledge (GDPR Art. 6(1)(f)).
  • Marketing emails are sent only if you explicitly opted in. Legal basis: your consent (GDPR Art. 6(1)(a)). You can withdraw consent at any time by using the unsubscribe link in any email or by contacting us.
  • Presentation viewing progress helps us understand which parts of our material are useful so we can improve them. Legal basis: our legitimate interest in improving the material we share (GDPR Art. 6(1)(f)). You can object at any time.
  • AI assistant chat logs are kept so we can answer follow-up questions about a conversation, monitor quality, and improve the assistant's instructions over time. Legal basis: our legitimate interest in operating and improving the assistant (GDPR Art. 6(1)(f)). You can object at any time by emailing us — please mention an approximate date and time so we can locate the conversation.

Who we share it with

We store your contact details in HubSpot (our CRM), which acts as a processor on our behalf. HubSpot is based in the United States; transfers of personal data to HubSpot rely on the EU–US Data Privacy Framework (HubSpot is a certified participant) and, where applicable, on the European Commission's standard contractual clauses. You can request a copy of the safeguards in place by emailing us.

When you sign in with Microsoft or Google, the identity provider you select also processes your data as a separate controller under its own privacy policy.

AI assistant chat messages are processed by OpenAI to generate the replies, and a copy is stored in Langfuse (EU region, hosted in Germany) for quality monitoring and improvement. Both act as processors on our behalf. OpenAI does not use API data submitted by us to train its models.

We do not sell your data, and we do not share it with advertising networks.

How long we keep it

  • Contact records: up to 24 months after our last interaction with you, after which we anonymise or delete them — unless an active commercial relationship justifies longer retention, or you ask us to delete sooner.
  • Authentication cookie: 30 days sliding expiration.
  • Server logs: no longer than 30 days.
  • AI assistant chat logs: 90 days, after which they are automatically deleted.

Cookies we set

We do not use analytics, advertising, marketing, or third-party tracking cookies on this site. The only cookies we set are strictly necessary for the site to work, which is why no cookie consent banner is shown.

  • cordis-auth — holds your session after you sign in and is required for the sign-in feature to work. Set only when you sign in. Lifetime: 30 days sliding expiration. Legal basis: ePrivacy exemption for cookies strictly necessary for a service explicitly requested by the user.
  • Antiforgery cookies — protect form submissions against cross-site request forgery. Set by the framework on pages with forms; session-only.
  • OpenID Connect / OAuth flow cookies — short-lived cookies used by Microsoft or Google to secure the sign-in redirect handshake. Deleted automatically once sign-in completes.

Your rights

Under the GDPR you have the right to access, correct, delete, or port your personal data, to restrict or object to its processing, and to withdraw any consent you've given. To exercise any of these rights, email us at info@cordis-suite.com and we'll respond within 30 days. You also have the right to lodge a complaint with your national data-protection authority — in the Netherlands this is the Autoriteit Persoonsgegevens.

Contact

Cordis Automation B.V.
info@cordis-suite.com

Copyright Cordis SUITE

Platform

Company

An unhandled error has occurred. Reload x

Rejoining the server...

Rejoin failed... trying again in seconds.

Failed to rejoin.
Please retry or reload the page.

The session has been paused by the server.

Failed to resume the session.
Please retry or reload the page.