1. Information We Collect
When you use Compliance Manager, we collect the following information:
- Account information: Email address, company name, and industry when you register.
- Usage data: Compliance items, documents you generate, and actions you take within the application.
- Payment information: When you subscribe to a paid plan, payment processing is handled by Stripe. We do not store your credit card details.
- Log data: Server logs including IP address, browser type, and access timestamps for security and debugging purposes.
2. How We Use Your Information
We use your information to:
- Provide and maintain the Compliance Manager service
- Generate personalized compliance documents using your company and industry information
- Process payments and manage your subscription
- Send important service-related communications
- Improve our service and develop new features
- Maintain security and prevent abuse
3. Data Storage and Security
Your data is stored in encrypted databases. We implement industry-standard security measures including:
- Password hashing using bcrypt
- HTTPS encryption for all data in transit
- Session-based authentication with secure cookies
- Rate limiting to prevent abuse
- Ownership-based access controls ensuring you can only access your own data
4. Data Sharing
We do not sell, trade, or share your personal information with third parties except:
- Payment processing: Stripe processes your payment information under their own privacy policy.
- Legal requirements: We may disclose information if required by law or to protect our rights.
- Service providers: We use hosting services that process data on our behalf under strict confidentiality agreements.
5. Your Rights
You have the right to:
- Access and download your data
- Update or correct your personal information via the Settings page
- Delete your account and associated data by contacting us
- Export your compliance documents as PDF
6. Cookies
We use session cookies to maintain your login state. These are essential for the application to function and cannot be disabled. We do not use tracking or advertising cookies.
7. Data Retention
We retain your data for as long as your account is active. If you delete your account, we will remove your personal data within 30 days, except where retention is required by law.
8. Children's Privacy
Compliance Manager is not intended for use by children under 16. We do not knowingly collect personal information from children.
9. Changes to This Policy
We may update this privacy policy from time to time. We will notify you of significant changes via email or through the application.
10. Contact Us
If you have questions about this privacy policy or your data, please contact us.