CoComply Privacy Policy

CoComply ("CoComply", "we", "our", or "us") is committed to protecting the privacy and security of individuals and organizations that access or use our platform.

This Privacy Policy explains how CoComply collects, uses, discloses, and protects information when you:

  • Visit our website
  • Access or use the CoComply platform
  • Interact with our services, integrations, or support channels

If you use the Services on behalf of an organization, references to "you" include that organization.

1. Scope of This Policy

This Privacy Policy applies to:

  • The CoComply website
  • The CoComply platform and software services
  • Customer interactions with support and communications
  • Data processed through platform integrations

Depending on how the platform is used, CoComply may act as either:

Controller
For information collected through the website, account registration, and communications.

Processor / Service Provider
For customer data uploaded or processed through the platform.

Customers remain responsible for determining the data they submit to the platform.

2. Information We Collect

We collect information in several ways.

2.1 Information You Provide

When registering or using the platform, we may collect:

  • Name
  • Work email address
  • Organization name
  • Account credentials
  • Job title or role
  • Support communications

2.2 Usage and Technical Information

When you interact with the platform or website, we may automatically collect:

  • IP address
  • Browser type and version
  • Device identifiers
  • Operating system
  • Platform activity logs
  • Session timestamps
  • Referring URLs

This information helps maintain performance, security, and system integrity.

2.3 Customer Platform Data

Customers may upload or connect operational data including:

  • Governance documentation
  • Regulatory mappings
  • Compliance policies and controls
  • Risk and audit artifacts
  • System inventory or metadata
  • Supporting documents and evidence

This data is processed solely for the purpose of providing platform functionality.

Customers retain ownership of their data.

2.4 Integration Data

If customers enable integrations, CoComply may process limited metadata required to enable those integrations.

This may include identifiers, workspace metadata, connection settings, and job execution information.

3. How We Use Information

CoComply uses collected information to:

  • Provide and operate the platform
  • Authenticate users and manage accounts
  • Process customer platform data
  • Maintain system security and integrity
  • Detect and prevent abuse or unauthorized access
  • Improve platform performance and features
  • Provide customer support
  • Communicate service updates
  • Enable integrations with external systems

CoComply does not sell personal information to third parties.

4. Sharing and Disclosure of Information

CoComply may share information only in limited circumstances.

4.1 Service Providers

We may share information with service providers that support:

  • Cloud infrastructure hosting
  • Security monitoring
  • Analytics and system performance
  • Customer support tools

These providers may only process data according to our instructions.

4.2 Integration Partners

If a customer enables integrations, information may be exchanged with the relevant third-party service to enable that functionality.

4.3 Legal Compliance

We may disclose information when required to:

  • Comply with legal obligations
  • Respond to lawful requests
  • Protect the rights or safety of users
  • Investigate fraud or security incidents

4.4 Business Transfers

If CoComply undergoes a merger, acquisition, or asset transfer, information may be transferred as part of that transaction.

5. Cookies and Tracking Technologies

CoComply uses cookies and similar technologies to:

  • Maintain secure user sessions
  • Store user preferences
  • Measure platform performance
  • Analyze usage trends

Users can control cookies through browser settings.

Disabling cookies may affect some platform functionality.

6. Data Retention

CoComply retains information only for as long as necessary to:

  • Provide platform services
  • Meet legal and regulatory obligations
  • Resolve disputes
  • Enforce contractual agreements

Customer data is retained according to the customer's service agreement and deletion instructions.

7. Security

CoComply implements administrative, technical, and organizational safeguards designed to protect information.

Security practices may include:

  • Role-based access controls
  • Encryption of data in transit where applicable
  • Infrastructure security monitoring
  • Activity logging and audit trails

Despite these safeguards, no system can guarantee complete security.

8. International Data Transfers

Information may be processed in jurisdictions where CoComply or its service providers operate.

Where required, appropriate safeguards are implemented to protect cross-border data transfers.

9. User Privacy Rights

Depending on applicable laws, individuals may have rights to:

  • Access their personal data
  • Correct inaccurate data
  • Request deletion
  • Restrict or object to processing
  • Receive a copy of their data

Requests may be submitted using the contact information below.

If you use CoComply through an organization account, your organization may control certain requests for Customer Content.

If you are using the platform through your organization, your organization may manage these requests.

10. Children's Privacy

The Services are not directed to children under 13 (or under 16 where required by law).

CoComply does not knowingly collect personal data from children.

11. Updates to This Policy

CoComply may update this Privacy Policy periodically.

When updates occur:

  • The "Last Updated" date will be revised
  • Material changes may be communicated through the platform or email

12. Contact Information

For privacy-related inquiries:

Email: Patrick.Jacolenne@cocomply.ai
Company: CoComply
Address: Kanab,
Utah, United States