CompliCore
CompliCore.tech
The Compliance Vault
Legal

Privacy Policy

Effective Date: January 1, 2025. Last updated: January 1, 2025.

1. Who We Are

CompliCore.tech is a digital document library operated at complicore.tech. We sell individual compliance documents and annual licensing to organizations. Questions about this policy can be directed to teams@complicore.tech.

2. What Data We Collect

We collect your email address when you request vault access or make a purchase. We collect payment information through Stripe β€” we do not store your card or bank details directly. Stripe processes and stores payment data under their own privacy policy. We collect basic usage data through analytics cookies when you consent.

3. How We Use Your Data

We use your email address to send purchase confirmation emails, download links, magic link vault access emails, and license renewal reminders. We do not use your email for marketing. We do not sell your data to any third party. We do not share your data with any party except Stripe for payment processing and Resend for email delivery.

4. Cookies

We use a session cookie (cc_session) to maintain your vault login. We use a consent cookie (cc_cookie_consent) to remember your cookie preference. Analytics cookies are only set after you accept via the cookie banner. You can decline analytics cookies at any time using the banner. Session cookies are required for vault access and are not subject to consent.

5. Data Retention

We retain your email address and purchase records for as long as your account is active or as required for legal and tax compliance. If you request deletion of your data, contact teams@complicore.tech and we will remove your records within 30 days, subject to legal retention requirements.

6. Your Rights

If you are located in California, you have rights under the California Consumer Privacy Act (CCPA) including the right to know what data we collect, the right to request deletion, and the right to opt out of sale (we do not sell data). If you are located in the European Economic Area, you have rights under GDPR including access, rectification, erasure, and portability. To exercise any of these rights, contact teams@complicore.tech.

7. Security

All vault files are stored in Cloudflare R2 with public access disabled. Files are delivered only through signed temporary URLs that expire after a set period. We use industry-standard security practices including HTTPS, secure cookies, and token-based authentication.

8. Third-Party Services

We use Stripe for payment processing, Resend for transactional email delivery, Cloudflare for DNS and file storage, Turso for database hosting, and Vercel for application hosting. Each of these services operates under their own privacy policies.

9. Changes to This Policy

We may update this policy from time to time. Material changes will be communicated by updating the effective date above. Continued use of the site after changes constitutes acceptance of the updated policy.

10. Contact

For any privacy-related questions or requests, contact us at teams@complicore.tech.