Contact Us

Privacy Policy

Effective date: 01 January 2026
Last updated: 01 January 2026

The Core Code (“we”, “us”, “our”) is a Saudi brand science consultancy.

This Privacy Policy explains how we handle personal data when you visit our website or contact us.

1. Personal data we collect

We collect only what we need for clear communication, security, and website performance.

A) Data you provide

  • Contact & professional details
    Name, email, phone, company, role, sector
  • Inquiry content
    Messages you submit and any information you choose to share
  • Meeting details
    Scheduling information and notes you provide when booking a call
  • Business intake details (if relevant)
    High-level information to understand fit and scope (e.g. organization size, objectives)

B) Data collected automatically

  • Usage & device data
    IP address, browser type, device identifiers, pages visited, approximate location (from IP), timestamps, referral URLs
  • Cookie data
    As described in Section 5

C) Data from third parties (limited)

If you engage with our content on platforms (e.g. LinkedIn), we may receive basic engagement data according to those platforms’ settings and policies.

2. Why we use your data

We use your personal data to:

  • Respond to inquiries and communicate with you
  • Provide and improve our website and user experience
  • Schedule meetings and manage communications
  • Deliver services when you become a client (e.g. governance documentation, access to the Brand Operating System / BOS Core where applicable)
  • Send updates or insights if you subscribe (you can unsubscribe anytime)
  • Protect our business and website (security, fraud prevention, misuse detection)
  • Comply with legal obligations where required

3. Legal bases for processing (where applicable)

Depending on your location, we rely on:

  • Contract / pre-contract steps (e.g. responding to service requests)
  • Legitimate interests (operating a secure website, improving performance, handling communications)
  • Consent (marketing emails and non-essential cookies where required)
  • Legal obligations (compliance requests)

4. How we share your data

We do not sell your personal data.

We may share data with:

  • Service providers
    Hosting, analytics, email delivery, forms, scheduling, CRM — all under our instructions and confidentiality obligations
  • Professional advisors
    Legal and accounting services where necessary
  • Authorities
    If required by law or to protect rights, safety, and security
  • Business transfers
    Mergers, acquisitions, or restructuring with appropriate protections

5. Cookies and similar technologies

We use cookies and similar technologies for:

  • Essential site functions and security
  • Analytics (traffic and content improvement)
  • Marketing (only if enabled or legally permitted)

Your choices

You can control cookies via:

  • Our cookie banner or settings (if enabled)
  • Your browser settings (block or delete cookies)

Blocking some cookies may affect site functionality.

6. International data transfers

Your data may be processed in countries outside your country of residence.
Where required, we use appropriate safeguards to protect personal data during such transfers.

7. Data retention

We keep personal data only as long as needed for the purposes described, then delete or anonymize it.

Typical retention periods

  • Inquiries: as long as needed to respond and keep reasonable records
  • Marketing subscriptions: until you unsubscribe
  • Security logs: limited periods for security and troubleshooting
  • Client data: duration of engagement and as required by legal or professional obligations

8. Security

We use reasonable technical and organizational safeguards, including access controls, least-privilege access, and reputable service providers.
No system is fully risk-free, but we work to protect your data.

9. Your rights

Depending on applicable law and your location, you may have the right to:

  • Correct inaccurate data
  • Access your personal data
  • Delete data (in certain cases)
  • Object to processing or request restriction (in certain cases)
  • Withdraw consent at any time (where processing is based on consent)
  • Data portability (where applicable)
  • Opt out of marketing at any time (via unsubscribe link or by contacting us)

10. Children

Our website is not intended for children, and we do not knowingly collect personal data from children.

11. Third-party links

Our website may link to third-party sites.
We are not responsible for their privacy practices. Please review their policies before providing any personal data.

12. Changes to this policy

We may update this Privacy Policy from time to time.
The updated version will be posted on this page, and the “Last updated” date above will be revised accordingly.

Contact Us