Legal
Privacy Policy
Effective date: June 19, 2026
This policy explains what Kortex Digital Labs collects through this site, how we use and share it, and the choices you have. It is written to be read, not buried. See also our Cookie Policy and Terms of Service.
Who we are
This Privacy Policy explains how Kortex Digital Labs ("Kortex Digital Labs," "we," "us," or "our"), a studio based in San Antonio, TX, collects, uses, discloses, and protects personal information through https://kortexdigitallabs.com and the services we provide (together, the "Services").
By using the Services, you agree to this Policy. If you do not agree, please do not use the Services. You can reach us at info@kortexdigitallabs.com or by mail at 9110 N Loop 1604 W, Suite 104 PMB 1074, San Antonio, TX 78249-3397.
Information you provide to us
We collect the information you choose to give us, including:
- Contact and project details: your name, email, phone number, company, what you tell us about your project, and any files, photos, or reference links you upload.
- Account information: if you use the client portal, your email, password, and multi-factor authentication details.
- Messages and content: messages you send through the portal or to our Kora assistant, and content you submit for a project.
- Payment information: processed by our payment provider. We receive confirmation and limited transaction details but do not store full payment-card numbers.
- Newsletter: the email address you provide if you subscribe.
Information we collect automatically
When you use the site, we collect certain information automatically:
- Usage and device data: IP address, browser type, device, pages viewed, the site that referred you, approximate location, and similar server-log data.
- Cookies and similar technologies: essential cookies that make the site work, plus first-party analytics cookies (ktx_visitor, ktx_pages, ktx_referrer, ktx_utm_*) and functional cookies for the Kora assistant, which are set only with your consent.
Cookies
We use a small set of first-party cookies and honor the Global Privacy Control signal. Non-essential cookies stay off until you allow them, and you can change your choice at any time.
How we use your information
We use personal information to:
- Respond to your inquiries and provide the mockups and services you request.
- Operate the client portal, process payments, and manage projects, invoices, and support.
- Send transactional messages and, with your consent, our newsletter.
- Understand and improve how the site is used, through privacy-respecting analytics, with your consent.
- Protect the Services, prevent fraud and abuse, and maintain security.
- Comply with legal obligations and enforce our Terms of Service.
Legal bases for EEA and UK visitors
If you are in the European Economic Area or the United Kingdom, we process personal data on these legal bases: performance of a contract; your consent (for example, analytics cookies and the newsletter); our legitimate interests in operating, securing, and improving the Services; and compliance with legal obligations.
How we share information
We share personal information only as described here:
- Service providers and sub-processors that operate the Services on our behalf, under contract and only as needed (listed below).
- Professional advisors and authorities, where required by law or to protect rights, property, or safety.
- A successor, in connection with a merger, acquisition, financing, or sale of assets, subject to this Policy.
What we never do
We do not sell your personal information, and we do not share it for cross-context behavioral advertising. We have not done so in the preceding twelve months.
Our sub-processors
We rely on a small number of trusted providers, each bound by its own data-processing terms:
- Supabase: database, authentication, and file storage.
- Vercel: website hosting and content delivery.
- Stripe: payment processing.
- Resend: transactional and newsletter email delivery.
- Our AI language-model provider: powers the Kora assistant.
How long we keep it
We keep personal information only as long as needed for the purposes above: to respond to your request, deliver an engagement, meet legal, tax, and accounting obligations, and resolve disputes. When information is no longer needed, we delete or de-identify it. You may ask us to delete your information sooner.
How we protect it
We protect personal information with measures including encryption in transit, row-level access controls and data isolation, least-privilege access, and multi-factor authentication on the client portal. No method of transmission or storage is completely secure, so we cannot guarantee absolute security.
Your privacy rights
Depending on where you live, you may have the right to:
- Know and access the personal information we hold about you.
- Correct inaccurate personal information.
- Delete your personal information.
- Receive a portable copy of your personal information.
- Opt out of the sale or sharing of personal information (we do not sell or share).
- Limit the use and disclosure of sensitive personal information.
- Withdraw consent you previously gave.
- Not receive discriminatory treatment for exercising any of these rights.
How to exercise your rights
Email info@kortexdigitallabs.com to make a request. We will take reasonable steps to verify your identity and will respond within 45 days, extending once where the law allows. You may use an authorized agent. If we decline a request, you may appeal by replying to our decision, and we will respond to appeals as required by your state's law.
California residents (CCPA/CPRA)
In the past twelve months we have collected these statutory categories of personal information: identifiers (such as name, email, and IP address); customer records (such as phone number, company, and billing details); commercial information (services you inquired about or purchased); internet or network activity (site usage); approximate geolocation; and audiovisual information (files you choose to upload). We disclose these categories to the sub-processors listed above for business purposes only.
We do not sell or share personal information. California residents have the rights described above, including the right to opt out, which we honor through our cookie controls and the Global Privacy Control signal, and the right not to be discriminated against for exercising their rights.
Texas and other US state residents
Texas residents, under the Texas Data Privacy and Security Act, and residents of other states with comprehensive privacy laws have the rights described above, including the right to appeal a denied request. We do not sell sensitive personal data, and we do not process sensitive data without consent.
EEA and UK residents (GDPR)
If you are in the EEA or UK, you have the rights of access, rectification, erasure, restriction, data portability, and objection, and the right to withdraw consent at any time. You may also lodge a complaint with your local supervisory authority. Because we operate from the United States, your information is processed in the US; where required, we rely on appropriate safeguards such as Standard Contractual Clauses provided through our processors.
Global Privacy Control
We treat the Global Privacy Control (GPC) browser signal as a valid request to opt out of any sale or sharing and to disable non-essential cookies. When we detect GPC, we apply that choice automatically.
Children's privacy
The Services are intended for adults and for businesses. They are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe a child has provided us personal information, contact us and we will delete it.
Third-party links
Our site may link to third-party websites and services we do not control. Their privacy practices are their own, and we encourage you to review their policies.
Changes to this policy
If we change this Policy, we will update this page and revise the effective date above. Material changes will be made clear. Your continued use of the Services after an update means you accept the revised Policy.
Contact us
Questions or requests about privacy go to info@kortexdigitallabs.com, or by mail to 9110 N Loop 1604 W, Suite 104 PMB 1074, San Antonio, TX 78249-3397.
Start here
Ready when you are.
Questions answered, fine print read. The next step is planning your project.