Privacy Policy

At Complima ("we," "us," or "our"), your privacy is paramount. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our compliance auditing platform. By using Complima, you agree to the practices described in this policy.

1. Information We Collect

• Account Information: When you sign up, we collect your name, email address, and payment details (processed via third-party providers like Stripe).
• Uploaded Files: You may upload files (e.g., PDF, TXT, CSV, EML, DOCX) for compliance analysis. These files are processed in-memory only and are never stored on our servers. Only the compliance scan results are saved.
• Usage Data: We collect data on how you interact with the Service, such as pages visited, features used, and IP addresses, to improve functionality.

2. How We Use Your Information

• Service Delivery: To process and analyze uploaded files in real-time, generate compliance reports, and provide user support. Your original documents are never stored.
• Account Management: To manage your account, process payments, and communicate updates or issues.
• Improvement: To analyze usage data for enhancing the Service's performance and user experience.

3. Data Storage and Security

• Privacy-First Architecture: Your uploaded documents are processed in-memory only and are NEVER stored on our servers or Google Cloud. Only the compliance scan results (identified issues and recommendations) are saved to our database.
• Scan Result Storage: Scan results are stored in Google Firebase Firestore with industry-standard encryption. Retention periods vary by subscription tier (30 days for Starter, 1 year for Professional, unlimited for Enterprise).
• Security: All data is encrypted in transit (TLS) and at rest. Firebase employs industry-standard security measures to protect your scan results.
• Deletion: Scan results are automatically deleted when the retention period expires or upon your explicit request. Once deleted, scan results cannot be recovered.

4. Data Sharing

• No Third-Party Sharing: Complima does not share your account information, scan results, or usage data with any third-party associations, except as required by law or to facilitate payment processing (e.g., Stripe).
• Service Providers: We use Firebase for database services and authentication, and OpenAI for document analysis. Your documents are sent to OpenAI for processing but are not retained by OpenAI or used to train AI models. These providers process data under their own privacy policies.

5. AI-Generated Outputs

The Service uses AI to analyze uploaded files and generate compliance recommendations. These outputs are not certified and may contain errors. Complima is not liable for any decisions or actions taken based on these recommendations.

6. Your Rights

• Access and Deletion: You may request access to or deletion of your account data and scan results by contacting [email protected] or through your dashboard. Scan results are deleted promptly upon request or per the retention period.
• No Third-Party Sharing: As we do not share data with third parties (except service providers), there are no third-party opt-outs to manage.

7. No Liability for Uploaded Content

You are solely responsible for the content of uploaded files. Complima processes documents in real-time and does not monitor, endorse, or assume liability for any data you upload, including its legality or compliance with regulations. Your documents are never stored on our servers.

8. Cookies and Tracking

We use cookies to manage user sessions and improve the Service. You can disable cookies in your browser, but this may affect functionality.

9. Children's Privacy

The Service is not intended for users under 18. We do not knowingly collect data from children.

10. Changes to Privacy Policy

We may update this Privacy Policy at any time. Continued use of the Service after changes constitutes acceptance of the updated policy.

11. Contact

For privacy-related questions, contact us at [email protected].