Privacy & Cookie Policy

Last updated: November 7, 2025

Privacy Policy ↓|Cookie Policy ↓

Privacy Policy

§ 1 — General Provisions

https://www.credora.network (hereinafter: “Website”) is run by CredoraRatings Group Ltd, e-mail: support@credora.io, hereinafter referred to as “Controller”.

As part of the Website's activities and providing the various services by the Controller, the data of the Website users (hereinafter: “Users”), including personal data, may be collected, processed and used.

Moreover, information may be collected on the User's IP address, the time of receipt of the inquiry and sending the answer and/or other information as required by the cookies used on the Website. This information is used for the purposes of administering the Website and creating statistics and analyses.

Controller makes every effort to secure Users' personal data and ensures the protection of personal data that he processes. In particular, the Controller uses appropriate technical safeguards and organizational measures to ensure the protection of personal data being processed, appropriate to the threats and categories of data protected. In particular, the Controller protects data against disclosure to unauthorized persons, removal by an unauthorized person, processing in violation of the provisions of law, as well as change, loss, damage or destruction.

Services provided by Controller are not intended for minors (people under age of 18). No minors may use the Controller's services. If we learn we have collected or received personal information from a minor, we will delete that information.

§ 2 — Personal Data

The controller of the personal data is CredoraRatings Group Ltd, Intershore Chambers, Road Town, Tortola, British Virgin Islands.

The processing of personal data takes place in accordance with the provisions of generally applicable law, in particular in accordance with the Regulation of the European Parliament and of the Council (EU) 2016/679 of 27 April 2016 (“GDPR”), and in accordance with this Privacy Policy.

As part of the activities of the Website, the Users' personal data provided by them voluntarily (e.g. as part of filling in the contact form), such as name, an e-mail address or collected as part of the statistics and analysis of Users' behaviour are processed.

Users' personal data may also relate to payment data; User's geolocation, i.e. the place where User is located (this data can be collected using GPS, Bluetooth or Wi-Fi); as well as the financial data and data provided due to the inquiries taken to enter into a contract regarding services offered by the Controller.

§ 3 — Purpose and Duration of Processing the Data

The processing of Users' personal data takes place for the purpose of:

  1. Response to inquiries or correspondence addressed to the Controller, which is the legitimate interest of the Controller (Article 6, section 1, let. f of GDPR), as well as may be the action necessary in order to take steps at the request of the User prior to entering into a contract regarding services offered by the Controller (Art. 6, section 1 let. b of GDPR);
  2. Ensuring the proper performance of the functionalities of the Website (strictly necessary cookies), which is processing necessary for the performance of the contract (Art. 6, section 1, let. b of GDPR);
  3. The Controller's direct marketing of its own products or services — including the sending of a newsletter, which is the Controller's legitimate interest (Art. 6, section 1 let. f of GDPR);
  4. Statistics and analysis of Users' behaviour on website, which is the Controller's legitimate interest (Art. 6, section 1, let. f of GDPR).

Personal data processed for the purpose of:

  1. Response to inquiries or correspondence addressed to the Controller — are processed for a period of 3 years from the moment of sending the inquiry or correspondence;
  2. Ensuring the proper performance of the functionalities of the Website (strictly necessary cookies), that is performance of the contracts — are processed for the period of performance of the contracts and the period necessary to assert its own claims or defend against claims made against the Controller in connection with the performance of the contract;
  3. Data processed for direct marketing purposes — including the sending of newsletters — until objection to its processing for that purpose, withdrawal of consent to receive marketing information or until the Controller decides to delete it;
  4. Keeping statistics and analysis of Users' behaviour on the Website — for a period of 3 years from the date of collection.

§ 4 — Transfer of Personal Data

Personal data may be facilitated to entities providing marketing, IT service providers, as well as entities participating in the process of performing an agreement between the data subject and the Controller, as well as entities from the company group.

The Controller is based in British Virgin Islands, that is outside of the EU, and may also use IT service providers who are based outside the European Union. As such, data will be transferred outside the EU. The Controller shall only use IT services provided by entities established in countries for which the European Commission has determined that they provide an adequate level of protection, from entities that process personal data on the basis of the Standard Contractual Clauses adopted by the European Commission, referred to in Article 46 of the GDPR, concluded between the Controller and that entity, or that process data on the basis of the Data Privacy Framework.

Regarding the contract for the provision of services that is signed with the customers, upon their request, the parties may enter into Standard Contractual Clauses to ensure that the transfer of personal data from the EU or EEA to jurisdictions outside the EU/EEA is compliant with applicable data protection laws, including the GDPR.

§ 5 — User Rights

The User who is the data subject has the following rights:

  1. The right to access personal data and the right to receive a copy — User may request from the Controller information whether his data are processed, and in the case of confirmation, the User may request the Controller to obtain access to them. The User may also request the Controller to provide a copy of his processed personal data. Provision of subsequent copies of data may require the User to pay a fee related to administrative costs;
  2. The right to request the rectification of personal data — User can request the rectification of his incorrect personal data by the Controller, or can request the completion of incomplete personal data, having regard to the purposes of the processing;
  3. The right to request the erasure of personal data — User may request the Controller to delete personal data related to him where: (a) personal data are no longer necessary for the purposes for which they were collected; (b) personal data is processed contrary to the provisions of law; (c) User's consent has been withdrawn and there is no other legal basis; (d) User objects to the processing and there are no overriding legitimate grounds; (e) an obligation to delete personal data has been imposed on the Controller under applicable EU regulations;
  4. The right to request restriction of the processing of personal data — the User may request the Controller to restrict processing where: (a) the User contests the accuracy of personal data; (b) the processing is unlawful and the User opposes erasure; (c) Controller no longer needs the data but they are required by the User for legal claims; (d) User has objected to processing pending verification;
  5. The right to transfer personal data;
  6. The right to object to the processing of personal data;
  7. The right to lodge a complaint with a supervisory authority.

The User who is the data subject may exercise the rights referred to above by sending an appropriate request to the Controller's e-mail address: support@credora.io.

When we receive an individual rights request, we may take steps to verify your identity before complying with the request to protect your privacy and security.

If you reside in the EU, you can also file a complaint with your relevant data protection authority. In the UK, the relevant authority is the Information Commissioner's Office (ICO), Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF; 0303 123 1113; casework@ico.org.uk. In Ireland, the relevant authority is the Data Protection Commission, Canal House, Station Road, Portarlington, R32 AP23 Co. Laois; +353 (0761) 104 800; info@dataprotection.ie.


§ 1 — General Provisions

The cookie policy (hereinafter: “Cookie Policy”) specifies the rules for storing and accessing information on the terminal devices of Users of the website https://www.credora.network (hereinafter: “Website”), by means of cookies, for the purpose of providing services electronically by CredoraRatings Group Ltd (hereinafter: “Controller”).

Cookies are IT data, in particular text files, which are stored in the User's end device and are intended for the use of websites. Cookies usually contain the name of the website they come from, the time they are stored on the end device, content (e.g. action identifiers) and a unique number.

With regard to the length of time for which cookies are installed on the User's terminal device, the cookies used on the Website are divided into two main types:

  1. Session cookies (session storage) — temporary files that are stored on the User's end device until the session expires (e.g. leaving the Website, deletion by the User, or turning off the software);
  2. Permanent cookies (persistent cookies, local storage) — stored on the User's final device for the time specified in the parameters of cookies or until they are deleted by the User.

Depending on the purpose for which they are used, cookies are divided into:

  1. Strictly necessary cookies — enable you to use the basic functions of the Website. Without the strictly necessary cookies, one cannot use the Website properly;
  2. Performance cookies — collect information about how visitors use the site, such as analytical cookies. These cookies cannot be used to directly identify a specific user;
  3. Functionality cookies — are used for additional purposes regarding the proper functionality of the Website (for example language preferences and user authentication), however cannot be classified as the strictly necessary cookies.

§ 2 — Cookies Used on the Website

The Controller, as a part of the Website, uses the following cookies:

Strictly Necessary Cookies
Cookie keyDomainTypeExpirationDescription
redstone_credora_cookie_consentcredora.networkFirst-partySession / 12 monthsStores your cookie consent preferences.
session_idcredora.networkFirst-partySession / 12 monthsIdentifies your unique session during your visit.
csrf_tokencredora.networkFirst-partySession / 12 monthsProtects the site against Cross-Site Request Forgery attacks.
Performance Cookies
Cookie keyDomainTypeExpirationDescription
_gagoogle.comThird-party2 yearsUsed by Google Analytics to distinguish unique users.
_gidgoogle.comThird-party24 hoursUsed by Google Analytics to distinguish users (short-term).
_ga_*google.comThird-party2 yearsPersists session state for Google Analytics.
Functionality Cookies
Cookie keyDomainTypeExpirationDescription
RDST_CRDR_AD_TOUcredora.networkFirst-party6 monthsRecords your acceptance of the Terms of Use.

§ 3 — Cookie Settings & User Rights

The default settings of web browsers usually allow the storage of strictly necessary cookies on the end devices of website users. However, these settings can be changed by the User.

Personal data will be processed in connection with the use of non-strictly necessary cookies only after the User's consent in the use of the Website to the use of the aforementioned cookies has been obtained. Consent to their use may be revoked at any time by selecting the appropriate option in the cookie settings available on the Website.

Notwithstanding the above, the User has the ability to determine the conditions for the use of cookies through the settings of the software (web browser) installed on his/her end device. The change may consist in partial or complete restriction of the possibility of storing cookies on the User's end device, while at the same time it may cause the incorrect display of the Website content.

The use of cookies does not cause configuration changes in the User's terminal device and the software installed on that device.

Detailed information on changing browser settings regarding cookies and their removal:


Contact

To ask questions or comment about this Privacy & Cookie Policy and our privacy practices, contact us at: support@credora.io