PRIVACY POLICY

Last updated: May 13, 2026

ComplianceAI Company ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you visit our website and use our demo.

1. INFORMATION WE COLLECT

1.1 Information you provide:

- Email address (when joining our waitlist)

- Company name (when using our demo)

- Entity names screened in our demo

- Any other information you voluntarily provide

1.2 Information collected automatically:

- Browser type and version

- Operating system

- IP address

- Pages visited and time spent

- Referring website - Device information

1.3 Information from third parties:

- Public sanctions lists (OFAC, EU, UN)

- Public corporate registries

- Open source intelligence sources

2. HOW WE USE YOUR INFORMATION

We use your information to:

- Provide and improve our demo service

- Send you updates about ComplianceAI (if you joined waitlist)

- Respond to your inquiries

- Analyze usage patterns to improve our product

- Comply with legal obligations

- Detect and prevent fraud or unauthorized access

3. LEGAL BASIS FOR PROCESSING (GDPR/LATAM COMPLIANCE)

We process your data based on:

- Your consent (when joining waitlist or using demo)

- Legitimate interest (improving our services)

- Legal obligation (compliance with applicable regulations)

4. DATA RETENTION

- Waitlist emails: Until you unsubscribe or we cease operations

- Demo screening data: 30 days after demo use

- Usage analytics: 12 months, then anonymized

- Legal hold data: As required by law

5. DATA SHARING

We do NOT sell your personal data. We may share data with:

- Service providers (hosting, analytics) under strict contracts

- Law enforcement if required by law

- Business advisors under NDA (during fundraising)

6. YOUR RIGHTS

Depending on your jurisdiction, you may have the right to:

- Access your personal data

- Correct inaccurate data

- Delete your data

- Object to processing

- Data portability

- Withdraw consent To exercise these rights, contact: aaquinon@proton.me

7. INTERNATIONAL TRANSFERS

Your data may be processed outside your country of residence.

We ensure appropriate safeguards are in place, including:

- Standard contractual clauses (GDPR)

- Adequacy decisions where applicable

- Encryption in transit and at rest

8. SECURITY

We implement appropriate technical and organizational measures:

- Encryption (TLS 1.3 in transit, AES-256 at rest)

- Access controls and authentication

- Regular security assessments

- Employee training on data protection

9. CHILDREN'S PRIVACY

Our service is not directed to individuals under 18.

We do not knowingly collect data from children.

10. CHANGES TO THIS POLICY

We may update this policy periodically.

Changes will be posted on this page with an updated "Last updated" date.

11. CONTACT

ComplianceAI Company

Bogotá, Colombia

complianceAI@proton.me

For data protection inquiries: complianceAI@proton.me

12. SUPERVISORY AUTHORITY

If you believe our processing violates data protection laws, you have the right to lodge a complaint with your local data protection authority.