Privacy Policy

ComplyStack ('we', 'our', or 'us') is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our service to generate legal documents.

We collect information you provide directly to us: • Account Information: Name, email address, and authentication credentials through Supabase. • Billing Information: Payment details processed securely via Stripe. We do not store your full credit card details. • Business Profiles: Information about your company (name, type, location) required to generate your legal documents. • Usage Data: Information about how you interact with our platform to improve our user experience.

We use essential cookies for authentication and session management. We may also use analytics cookies (e.g., Mixpanel, Google Analytics) to understand how users navigate our site and to improve our features. You can manage your cookie preferences through your browser settings.

Your data is used to: • Provide and maintain our service. • Process your transactions through Stripe. • Generate customized legal documents based on your business profile. • Provide customer support and respond to your inquiries. • Send you service-related notifications and marketing communications (with your consent).

We do not sell your personal data. We share information with trusted service providers to run ComplyStack: • Supabase: For database management and secure authentication. • Stripe: For payment processing and subscription management. • Vercel: For website hosting and performance. These providers are compliant with major data protection regulations.

As ComplyStack is a global service, your information may be processed in countries other than your own. We ensure appropriate safeguards are in place to project your data according to GDPR and other relevant privacy frameworks.

Depending on your location (e.g., European Union), you have rights under the GDPR and other laws: • Right to access your personal data. • Right to rectify incorrect information. • Right to erasure ('right to be forgotten'). • Right to data portability. • Right to object to processing. You can exercise these rights through your account settings or by contacting us.