Legal

Privacy Policy

Last updated: 7 March 2026

Back to Home

1. Who We Are

COMPLaiNCE ("we", "us", "our") is a regulatory compliance advisory firm. This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you visit our website at complaince.one or engage with our services.

We are committed to protecting your privacy and processing your personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the EU General Data Protection Regulation (EU GDPR), and applicable data protection laws in the jurisdictions in which we operate.

2. Data We Collect

We may collect the following categories of personal data:

  • Identity Data: name, job title, company name
  • Contact Data: email address, telephone number, postal address
  • Technical Data: IP address, browser type, device information, cookies
  • Usage Data: information about how you use our website
  • Communications Data: messages and correspondence you send us
  • Marketing Data: preferences in receiving marketing from us

3. How We Use Your Data

We use your personal data for the following purposes:

  • To respond to your enquiries and provide our services
  • To send you our regulatory intelligence newsletter (with your consent)
  • To improve our website and services
  • To comply with our legal and regulatory obligations
  • To conduct anti-money laundering and know-your-client checks
  • To manage our business relationship with you

4. Legal Basis for Processing

We process your personal data on the following legal bases:

  • Contract: where processing is necessary to perform a contract with you
  • Legitimate Interests: where processing is in our legitimate business interests
  • Legal Obligation: where we are required to process data by law
  • Consent: where you have given us explicit consent (e.g., newsletter subscription)

5. Data Sharing

We do not sell your personal data. We may share your data with trusted third parties who assist us in operating our website and delivering our services, including:

  • IT and cloud service providers
  • Professional advisers (lawyers, accountants)
  • Regulatory authorities where required by law
  • Our network of jurisdiction-specific compliance partners (subject to confidentiality obligations)

6. International Transfers

Given the global nature of our operations across Gibraltar, El Salvador, the UK, Spain, the EU, and Dubai, your data may be transferred to and processed in countries outside your home jurisdiction. We ensure that appropriate safeguards are in place for any such transfers, including standard contractual clauses and adequacy decisions where applicable.

7. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, regulatory, accounting, or reporting requirements. For client data, we typically retain records for a minimum of five years following the end of an engagement, in accordance with AML/CFT regulatory requirements.

8. Your Rights

Under applicable data protection law, you have the following rights:

  • Right of access to your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restriction of processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent at any time

To exercise any of these rights, please contact us at [email protected].

9. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, access controls, and regular security assessments.

10. Cookies

We use cookies and similar tracking technologies on our website. For detailed information about the cookies we use, please see our Cookie Policy.

11. Contact & Complaints

For any privacy-related queries, please contact our Data Protection Officer at [email protected].

You also have the right to lodge a complaint with the relevant supervisory authority in your jurisdiction (e.g., the Information Commissioner's Office in the UK, or the relevant EU Data Protection Authority).

Terms & Conditions →Cookie Policy →