CoreLayer Security launched Secure Agent. Available for Chrome and Firefox. Coming soon for Safari.
Platform
Secure AIHow it worksSecurityFor Teams
Services
Resources
OWASP LLM Top 10MITRE ATLASBlog
Company
AboutTeamCareersContact

CoreLayer Security

Privacy Policy

How we handle personal information for this website.

Last updated: 5 April 2026

CoreLayer Security ("CoreLayer", "we", "us") respects your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard personal information when you visit our public website (the "Site") or contact us through it. It does not govern data processed under a separate contract for penetration testing, red-team, or other professional services; those engagements are covered by your agreement with us and applicable confidentiality terms.

Information we collect

We may collect the following categories of information:

  • Information you provide. When you use our contact form or email us, we receive details such as your name, work email address, company name (if provided), and the content of your message.
  • Technical data. When you browse the Site, our hosting and analytics providers may process data such as IP address, approximate location derived from IP, browser type, device type, referring URLs, and pages viewed. This helps us operate and improve the Site.
  • Cookies and similar technologies. We may use cookies or similar technologies as described by our analytics or hosting tools. You can control cookies through your browser settings.

How we use information

We use personal information to:

  • Respond to enquiries submitted via the Site or email.
  • Operate, secure, and improve the Site, including troubleshooting and analytics.
  • Comply with legal obligations and enforce our Terms of Use.
  • Protect the rights, safety, and property of CoreLayer, our users, and others.

We do not sell your personal information as that term is commonly understood in privacy laws.

Where the GDPR or UK GDPR applies, we rely on legitimate interests to operate and secure the Site and analyse aggregate usage; on contract or pre-contract steps when we respond to commercial enquiries; and on consent where we are required to obtain it (for example, for certain non-essential cookies, if applicable). You may object to processing based on legitimate interests as described below.

Sharing and processors

We share personal information with service providers who assist us (for example, email delivery, hosting, and analytics), subject to appropriate contractual safeguards. We may disclose information if required by law, court order, or governmental request, or to protect CoreLayer or others. In the event of a merger, acquisition, or asset sale, information may be transferred as part of that transaction, subject to this Policy or notice to you.

Retention

We retain contact form and enquiry data for as long as needed to fulfil the purpose for which it was collected, manage our relationship with you, and meet legal, accounting, or reporting requirements. Technical logs may be retained for shorter or longer periods depending on security and operational needs.

Security

We implement appropriate technical and organisational measures designed to protect personal information. No method of transmission over the Internet is completely secure; we cannot guarantee absolute security.

Your rights

Depending on where you live, you may have the right to access, correct, delete, or restrict processing of your personal information, to data portability, to object to certain processing, and to withdraw consent where processing is consent-based. You may also have the right to lodge a complaint with a supervisory authority. To exercise these rights, contact us using the contact form. We will respond in line with applicable law.

International transfers

We may process information in countries other than your own. Where we transfer personal data from the EEA, UK, or Switzerland to countries not deemed adequate, we use appropriate safeguards such as standard contractual clauses where required.

Children

The Site is not directed at children under 16, and we do not knowingly collect personal information from children. If you believe we have collected such information, please contact us so we can delete it.

Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version on this page and revise the "Last updated" date. Material changes may be communicated through the Site or by other appropriate means where required.

Contact

For privacy-related questions or requests, use our contact page. You may also refer to our Terms of Use for rules governing use of the Site.