Privacy Policy

Your privacy and data protection are important to us

Last Updated: January 2, 2026

1. Introduction

Complisanc Consultancy Services ("we," "our," or "us") operates the CompliSanc KYC/AML compliance management system. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

Important: CompliSanc is deployed exclusively as an on-premise solution. All installations are hosted on your organization's infrastructure, and you maintain full control over your data and system environment.

We are committed to protecting your privacy and ensuring the security of your personal data. This policy complies with applicable data protection laws, including the General Data Protection Regulation (GDPR).

2. Information We Collect

2.1 Information You Provide

We collect information that you provide directly to us, including:

  • Account information (name, email address, username)
  • Customer data entered into the system (for compliance purposes)
  • Document uploads and related metadata
  • Communication data (emails, support requests)
  • Payment information (processed through secure payment processors)

2.2 Automatically Collected Information

We automatically collect certain information when you use our service:

  • Usage data (pages visited, features used, time spent)
  • Technical data (IP address, browser type, device information)
  • Audit logs (system activities, user actions)

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our services
  • Process transactions and manage your account
  • Perform KYC/AML compliance functions as requested
  • Send you service-related communications
  • Respond to your inquiries and provide support
  • Ensure security and prevent fraud
  • Comply with legal obligations

4. Data Security and On-Premise Deployment

On-Premise Installation: CompliSanc is deployed exclusively on your organization's infrastructure. All data remains within your controlled environment, and you are responsible for:

  • Physical security of your servers and infrastructure
  • Network security and firewall configurations
  • Backup and disaster recovery procedures
  • Access control to your premises and systems
  • Compliance with your organization's security policies

CompliSanc provides the following security features within the software:

  • Encryption: AES-256 encryption at rest for sensitive data
  • Access Controls: Role-based access control and authentication
  • Audit Logging: Complete audit trails of all data access
  • Secure Storage: Data stored in secure, access-controlled environments
  • Regular Updates: Security patches and updates provided for the software

While we provide secure software and security recommendations, the ultimate security of your on-premise installation depends on your infrastructure, policies, and practices. We cannot guarantee absolute security of your deployment environment.

5. Data Retention

We retain your data for as long as necessary to:

  • Provide our services to you
  • Comply with legal and regulatory obligations
  • Resolve disputes and enforce agreements

Compliance data may be retained longer as required by applicable regulations (typically 5-7 years for AML compliance records).

6. Data Sharing and Disclosure

We do not sell your personal data. We may share your information only in the following circumstances:

  • Service Providers: With trusted third-party service providers who assist in operating our service (under strict confidentiality agreements)
  • Legal Requirements: When required by law, court order, or regulatory authority
  • Business Transfers: In connection with a merger, acquisition, or sale of assets (with notice to users)
  • With Your Consent: When you explicitly authorize us to share your information

On-Premise Data: Since CompliSanc is deployed on your infrastructure, we do not have access to your customer data unless you explicitly grant us access for support purposes. Your data remains under your control and within your environment.

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request access to your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data (subject to legal obligations)
  • Restriction: Request restriction of processing
  • Data Portability: Request transfer of your data
  • Objection: Object to certain types of processing
  • Withdraw Consent: Withdraw consent where processing is based on consent

To exercise these rights, please contact us at Privacy.

8. Cookies and Tracking

We use cookies and similar technologies to:

  • Maintain your session
  • Remember your preferences
  • Analyze service usage
  • Improve security

You can control cookies through your browser settings, though this may affect service functionality.

9. Third-Party Data and Limitations of Responsibility

Client Customer Data: CompliSanc is a software platform that processes data entered by you, our client. When you use CompliSanc to manage KYC/AML compliance for your customers, you are responsible for:

  • The accuracy, completeness, and legality of all customer data you enter into the system
  • Obtaining appropriate consent and authorization from your customers for data processing
  • Compliance with applicable data protection laws regarding your customers' data
  • Ensuring that your use of CompliSanc complies with all relevant regulations

Limitation of Liability: Complisanc Consultancy Services cannot be held responsible for:

  • The accuracy, completeness, or legality of third-party data (your customers' data) entered into CompliSanc by you
  • Data quality issues arising from incorrect or incomplete information provided by you
  • Compliance decisions made by you based on data processed through CompliSanc
  • Regulatory actions or penalties resulting from your use of the system or the data you process
  • Third-party data breaches that occur within your infrastructure

CompliSanc provides tools and features to assist with compliance, but you remain solely responsible for your compliance obligations and the data you process through the system.

10. International Data Transfers

Since CompliSanc is deployed on-premise, your data remains within your infrastructure and jurisdiction. You are responsible for ensuring that any international data transfers comply with applicable laws. We do not transfer your data internationally as part of our service.

11. Children's Privacy

Our service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date.

13. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

  • Email: Privacy
  • Address: Complisanc Consultancy Services

14. Compliance

We are committed to complying with applicable data protection laws, including:

  • General Data Protection Regulation (GDPR)
  • California Consumer Privacy Act (CCPA)
  • Other applicable regional data protection laws