Privacy Policy

How Core923 Group LLC collects, uses, and protects your data — written in plain English. We collect as little as possible.

Effective: 2026-05-08   ·   Last updated: 2026-05-08

1. Who we are

Core923 Group LLC ("Core923," "we," "us") is an IT consulting firm headquartered in the United States. We operate the website core923group.com and process inquiries through it.

2. Information we collect

We collect only what we need to respond to inquiries and run a small business. Specifically:

  • Contact form submissions: name, work email, company (optional), and the message you write us.
  • Email correspondence: if you email info@core923group.com or hr@core923group.com, we retain the content of that exchange.
  • Server logs: standard web server logs (IP address, user agent, timestamp, requested URL) retained for 30 days for security and debugging.
  • Cookies: we use a single first-party cookie for session continuity (if any). We do not use third-party tracking, analytics with PII, or advertising cookies.

We do not collect: location data, device fingerprints, browsing history, or any information from third-party trackers.

3. How we use it

  • To respond to your inquiry.
  • To deliver services if we enter an engagement (under separate Master Services Agreement).
  • To prevent abuse (rate limiting, spam filtering).
  • To comply with legal obligations.

We do not sell your data, share it with marketing partners, or use it for behavioral advertising.

4. Where it lives

Your data is stored on infrastructure operated by Hostinger International Ltd. (our hosting provider, EU/US-based) and within email systems we operate (Gmail / Hostinger Mail). Both providers are SOC 2 compliant.

5. Retention

  • Inquiry emails: retained while we engage with you, plus 24 months for relationship continuity.
  • Server logs: 30 days, then deleted.
  • Engagement deliverables: per the MSA signed at engagement start.

6. Your rights

If you're in the EU/UK (GDPR)

You have the right to: access your data, correct it, erase it ("right to be forgotten"), restrict processing, object to processing, and data portability. To exercise any right, email info@core923group.com with the subject line "Privacy Request." We respond within 30 days.

If you're in California (CCPA/CPRA)

You have the right to know what personal information we have about you, delete it, opt out of sale (we don't sell, but you can confirm), and non-discrimination for exercising your rights. Same email path.

7. Security

We take security seriously — it's literally one of our service pillars. We use TLS for all data in transit, encryption at rest where supported by our infrastructure, principle of least privilege for access control, and we do not store payment information on our systems (we do not currently take payments via this website).

8. Children

Our services are sold B2B. We do not knowingly collect data from anyone under 16. If you believe we have, email us and we'll delete it.

9. Changes to this policy

We may update this policy. Material changes will be communicated via the website. Last updated date above reflects the most recent change.

10. Contact

Privacy questions or requests: info@core923group.com with subject "Privacy Request."