Privacy Policy

Last updated: January 15, 2024

We practice what we preach. This privacy policy reflects the same high standards we help our customers achieve.

Introduction

Compliance Checking Pro ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our compliance scanning service.

As a company that specializes in privacy compliance, we hold ourselves to the highest standards of data protection and transparency. We comply with GDPR, CCPA, and other applicable privacy regulations worldwide.

Information We Collect

Personal Information You Provide

  • Account Information: Name, email address, password, company name, phone number
  • Billing Information: Payment details (processed securely through Stripe), billing address
  • Communication Data: Messages you send us, support requests, feedback
  • Website URLs: URLs you submit for compliance scanning

Information Automatically Collected

  • Usage Data: How you interact with our service, features used, scan history
  • Technical Data: IP address, browser type, device information, operating system
  • Performance Data: Service performance metrics, error logs (anonymized)
  • Analytics Data: Aggregated usage statistics (anonymized)

Information from Third Parties

  • Payment Processors: Transaction data from Stripe (tokenized)
  • Website Scanning: Public information from websites you submit for scanning
  • IP Geolocation: Geographic location data for jurisdiction detection

How We Use Your Information

Service Delivery

  • Perform compliance scans on websites you submit
  • Generate compliance reports and recommendations
  • Provide customer support and technical assistance
  • Process payments and manage billing

Service Improvement

  • Analyze usage patterns to improve our service
  • Develop new features and functionality
  • Enhance security and prevent fraud
  • Conduct research and analytics (anonymized data only)

Communication

  • Send service notifications and updates
  • Respond to your inquiries and requests
  • Provide security alerts and important notices
  • Send marketing communications (with consent)

Legal Compliance

  • Comply with applicable laws and regulations
  • Respond to legal requests and court orders
  • Protect our rights and those of our users
  • Investigate and prevent fraudulent activities

Information Sharing and Disclosure

We do not sell, trade, or rent your personal information. We may share your information in the following limited circumstances:

Service Providers

  • Payment Processing: Stripe (for secure payment processing)
  • Email Services: Postmark (for service emails)
  • Cloud Infrastructure: AWS/Google Cloud (for hosting and storage)
  • Analytics: Privacy-focused analytics providers

Legal Requirements

  • When required by law or court order
  • To protect our rights and property
  • To investigate fraud or security issues
  • To protect the safety of our users

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the new entity. You will be notified of any such change.

Data Security

We implement industry-standard security measures to protect your information:

Technical Safeguards

  • TLS/SSL encryption for data in transit
  • AES-256 encryption for data at rest
  • Secure database configurations
  • Regular security audits and penetration testing

Administrative Safeguards

  • Role-based access controls
  • Employee background checks
  • Security awareness training
  • Incident response procedures

Your Privacy Rights

Depending on your location, you may have the following rights regarding your personal information:

Access & Control

  • Access your personal information
  • Correct inaccurate data
  • Delete your account and data
  • Export your data (portability)

Processing Rights

  • Restrict processing of your data
  • Object to processing for marketing
  • Withdraw consent where applicable
  • Lodge complaints with supervisory authorities

Exercise Your Rights: Contact us at privacy@compliancecheck.com or use the settings in your account dashboard. We will respond within 30 days.

Data Retention

We retain your information only as long as necessary for the purposes outlined in this policy:

  • Account Data: Until you delete your account, plus 90 days for account recovery
  • Scan Results: Retained according to your subscription plan (30 days to 2 years)
  • Billing Data: 7 years for tax and legal compliance
  • Support Communications: 3 years for quality assurance
  • Usage Analytics: Anonymized and retained indefinitely for service improvement

Contact Us

If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

Email: privacy@compliancecheck.com

Mail: Compliance Checking Pro Privacy Officer
123 Privacy Street, Suite 400
San Francisco, CA 94105

Phone: +1 (555) 123-4567

EU Representative: For GDPR-related inquiries, contact our EU representative at gdpr@compliancecheck.com

Policy Updates

We may update this Privacy Policy from time to time. We will notify you of any material changes by email and by posting a notice on our website. Your continued use of our service after such notification constitutes acceptance of the updated policy.

Version: 2.1

Effective Date: January 15, 2024

Previous Update: October 12, 2023