Skip to content

Privacy Policy

Last updated: March 22, 2026

1. Data Controller

CompliPilot("we", "our", "us") operates the website at https://complipilot.dev. We are the data controller responsible for your personal data.

Contact: support@complipilot.dev

2. Data We Collect

We collect the following categories of personal data:

  • Account data: Email address, API keys (when you register).
  • Usage data: URLs you submit for scanning, scan results, timestamps.
  • Technical data: IP address, browser type, device information (collected via analytics when you consent).
  • Payment data: Processed securely by Stripe. We do not store credit card numbers.
  • Cookie data: Only set with your explicit consent (see section 7).

3. Legal Basis for Processing

We process your data on the following legal bases (GDPR Art. 6):

  • Contract performance: To provide the scanning service you requested.
  • Consent: For analytics cookies and marketing communications.
  • Legitimate interest: For fraud prevention, security, and service improvement.
  • Legal obligation: To comply with applicable laws, including tax regulations.

4. How We Use Your Data

  • To perform compliance scans on URLs you submit
  • To generate and store compliance reports
  • To process payments for paid subscriptions
  • To send service-related communications
  • To improve our scanning algorithms and service quality
  • To detect and prevent fraud or abuse

5. Data Sharing

We share your data only with:

  • Stripe: Payment processing (PCI DSS compliant).
  • Vercel: Hosting infrastructure (EU data processing).
  • Google Analytics: Website analytics (only with your consent).

We do not sell your personal data to third parties.

6. Data Retention

We retain your data for as long as your account is active or as needed to provide services. Scan results are retained for the duration specified by your plan. You can request deletion at any time.

7. Cookies

We use the following categories of cookies:

  • Essential: Required for the website to function (session management, security). Always active.
  • Analytics: Help us understand visitor behavior (Google Analytics). Require your consent.
  • Advertising: Used to serve relevant advertisements. Require your consent.

You can manage your cookie preferences at any time via our cookie consent banner.

8. Your Rights (GDPR)

Under the GDPR, you have the right to:

  • Access: Request a copy of your personal data.
  • Rectification: Correct inaccurate data.
  • Erasure:Request deletion of your data ("right to be forgotten").
  • Portability: Receive your data in a machine-readable format.
  • Objection: Object to processing based on legitimate interest.
  • Withdraw consent: At any time, without affecting lawfulness of prior processing.

To exercise any of these rights, contact us at support@complipilot.dev.

9. Data Security

We implement appropriate technical and organizational measures to protect your data, including encryption in transit (TLS), encryption at rest, access controls, and regular security reviews.

10. International Transfers

Your data may be processed outside the EEA. Where this occurs, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission.

11. Changes to This Policy

We may update this policy from time to time. We will notify you of material changes by email or by posting a notice on our website.

12. Contact & Complaints

If you have questions or complaints about this policy or our data practices, contact us at support@complipilot.dev. You also have the right to lodge a complaint with your local data protection authority.