ComplyBridge
Legal Documentation

Privacy Policy

Last Updated: 22 December 2025

ComplyBridge, Inc. ("ComplyBridge," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and protect your personal information when you:

  • visit our website at complybridge.xyz (the "Website")
  • use our compliance management platform and services (the "Services")
  • interact with us in any other way.

Who we are: ComplyBridge is a Delaware corporation with its registered address at 169 Madison Avenue, New York, NY 10016, United States.

Data controller: We are the data controller for the personal information we collect about you, except where you use our Services to process personal data (in which case you are the controller and we are the processor, as described in our Data Processing Addendum).

Contact us: If you have questions about this Privacy Policy or how we handle your personal information, contact us at support@complybridge.xyz.

1. What Information We Collect

We collect the following types of personal information:

1.1 Information You Provide to Us

Account Information:

  • Name, email address, password
  • Company name, job title
  • Phone number (if provided)
  • Billing and payment information (processed by our payment provider, Stripe)

Service Data:

  • Information you upload, create, or store in the Services (documents, compliance records, notes, etc.)
  • Communications with us (support requests, feedback, enquiries)
  • Preferences and settings

Trial and Marketing:

  • Information you provide when signing up for a trial or requesting information
  • Responses to surveys or questionnaires

1.2 Information We Collect Automatically

Usage Information:

  • How you use the Services (features accessed, actions taken, time spent)
  • Log data (IP address, browser type, device information, operating system)
  • Cookies and similar technologies (see Section 7)

Performance Data:

  • Error reports and diagnostic information
  • Service performance metrics

2. How We Use Your Information

We use your personal information for the following purposes:

2.1 To Provide the Services

  • Create and manage your account
  • Provide access to the Services and their features
  • Process payments and billing
  • Provide customer support
  • Send service-related communications (account notifications, updates, security alerts)

Legal basis: Performance of our contract with you (Terms of Service)

2.2 To Improve and Develop the Services

  • Analyse how the Services are used
  • Develop new features and functionality
  • Test and improve our AI models
  • Fix bugs and improve performance
  • Conduct research and analytics

Legal basis: Legitimate interests (improving our Services and user experience)

2.3 To Communicate with You

  • Respond to your enquiries and requests
  • Send you marketing communications about our Services (where you've consented or we have a legitimate interest)
  • Send you updates about changes to our Services or policies

Legal basis: Performance of contract (service communications), Consent (marketing emails - you can opt out anytime), Legitimate interests (product updates and improvements)

2.4 For Security and Compliance

  • Detect and prevent fraud, abuse, and security incidents
  • Comply with legal obligations
  • Enforce our Terms of Service
  • Protect our rights and property

Legal basis: Legal obligation, Legitimate interests (security and fraud prevention)

2.5 For Business Operations

  • Manage our business operations
  • Conduct financial reporting and analysis
  • Facilitate business transactions (e.g., mergers, acquisitions)

Legal basis: Legitimate interests (running our business)

3. How We Share Your Information

We do not sell your personal information. We share your information only in the following circumstances:

3.1 Service Providers (Subprocessors)

We share information with third-party service providers who help us provide the Services, including:

  • Cloud hosting providers - for infrastructure and data storage
  • Payment processors - for payment processing
  • Communication tools - for service delivery
  • AI service providers - for AI-powered features
  • Analytics providers - for usage analytics

These providers are contractually obligated to protect your information and use it only for the purposes we specify. A current list is available in our Data Processing Addendum.

3.2 Legal Requirements

We may disclose your information if required by law or in response to:

  • Court orders or legal processes
  • Requests from law enforcement or regulatory authorities
  • Protection of our rights, property, or safety, or that of others

3.3 Business Transfers

If we are involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred to the successor entity.

3.4 With Your Consent

We may share your information with third parties where you have given us consent to do so.

3.5 Aggregated or Anonymised Data

We may share aggregated or anonymised information that cannot reasonably identify you for analytics, research, or marketing purposes.

4. International Transfers

Your personal information may be transferred to and processed in countries outside the United Kingdom and European Economic Area, including the United States, where our service providers operate.

When we transfer your information internationally, we ensure appropriate safeguards are in place, including:

  • Standard Contractual Clauses approved by the European Commission and UK ICO
  • Adequacy decisions (where the destination country is recognised as providing adequate protection)
  • Other lawful transfer mechanisms

For more information about international transfers, see our Data Processing Addendum or contact us at support@complybridge.xyz.

5. How Long We Keep Your Information

We retain your personal information only for as long as necessary to fulfil the purposes described in this Privacy Policy, unless a longer retention period is required by law.

Retention periods:

  • Account information: For the duration of your account, plus up to 7 years after closure for legal and accounting purposes
  • Service data: As specified in our Terms of Service (typically 30 days after account termination, unless you request earlier deletion)
  • Marketing data: Until you unsubscribe or request deletion
  • Usage and log data: Typically 12-24 months
  • Payment records: Up to 7 years for tax and accounting purposes

You can request deletion of your information at any time (subject to legal retention requirements) by contacting support@complybridge.xyz.

6. Your Rights

Under data protection law, you have the following rights:

6.1 Access

Request a copy of the personal information we hold about you.

6.2 Correction

Request correction of inaccurate or incomplete information.

6.3 Deletion

Request deletion of your personal information (subject to legal retention requirements).

6.4 Restriction

Request that we restrict processing of your information in certain circumstances.

6.5 Portability

Request a copy of your information in a structured, machine-readable format.

6.6 Objection

Object to processing based on legitimate interests or for direct marketing purposes.

6.7 Withdraw Consent

Where we rely on consent, you can withdraw it at any time.

6.8 Automated Decision-Making

You have rights relating to automated decision-making and profiling (though we don't currently make solely automated decisions that significantly affect you).

How to exercise your rights:

  • Email us at support@complybridge.xyz
  • Use the account settings in the Services (for access, correction, and deletion of certain information)
  • Click "unsubscribe" in marketing emails

We will respond to your request within one month (or sooner where required by law).

Right to complain: If you're unhappy with how we've handled your information, you can complain to your local data protection authority:

  • UK: Information Commissioner's Office (ico.org.uk)
  • EU: Your local supervisory authority
  • Switzerland: Federal Data Protection and Information Commissioner

7. Cookies and Tracking Technologies

We use cookies and similar technologies like local storage to track activity on our service and maintain certain information necessary for platform functionality.

Types of Cookies We Use:

Essential cookies that are strictly necessary for basic website or app functionality, including authentication, session management, and security features.

Analytics cookies that help us understand how users interact with our platform to improve user experience and platform performance.

For more information, see our Cookie Policy at https://www.complybridge.xyz/legal/cookie-policy

8. Security

We implement appropriate technical and organisational measures to protect your personal information, including:

  • Encryption of data in transit and at rest
  • Access controls and authentication
  • Regular security testing and monitoring
  • Staff training on data protection

However, no system is completely secure. If you believe your account has been compromised, contact us immediately at support@complybridge.xyz.

9. Children's Privacy

The Services are not intended for children under 16. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us at support@complybridge.xyz and we will delete it.

10. Third-Party Links

The Services may contain links to third-party websites or services. We are not responsible for their privacy practices. We encourage you to read their privacy policies.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will:

  • Post the updated Privacy Policy on our Website
  • Update the "Last Updated" date at the top
  • Notify you of material changes (via email or in-Service notification)

Your continued use of the Services after changes constitutes acceptance of the updated Privacy Policy.

12. California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA):

  • Right to know: What personal information we collect, use, disclose, and sell (we don't sell personal information)
  • Right to delete: Request deletion of your personal information
  • Right to opt-out: Opt out of the "sale" or "sharing" of personal information (we don't sell or share)
  • Right to correct: Request correction of inaccurate information
  • Right to limit: Limit use of sensitive personal information (we don't use sensitive personal information for purposes requiring opt-out rights)
  • Non-discrimination: We won't discriminate against you for exercising your rights

To exercise these rights, contact support@complybridge.xyz

Categories of information we collect: See Section 1

Business purposes: See Section 2

Categories of third parties: See Section 3

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices:

Email: support@complybridge.xyz

Address: ComplyBridge, Inc., 169 Madison Avenue, New York, NY 10016, United States.

We aim to respond to all enquiries within 5 business days.

Questions About This Policy?

If you have any questions about this Privacy Policy, please contact us.

Contact Us