This Privacy Statement is issued by ComplyReg (“ComplyReg”, “we” or “us”). ComplyReg is dedicated to protecting the confidentiality and privacy of information entrusted to us in accordance with the EU General Data Protection Regulation (GDPR) and National Law L.125(I)/2018. Please read this Privacy Statement to learn about your rights, what information we collect, and how we use and protect it.

1. Who are we?

This Privacy Statement applies to ComplyReg and its affiliated entities.

2. How do we collect personal data?

Direct Collection

We obtain personal data directly from individuals in various ways, including business interactions, online forms, newsletter subscriptions, event registrations, recruitment processes, and professional engagements.

Indirect Collection

We also obtain personal data indirectly from:

Public sources – such as company registries, news articles, sanctions lists, and crime prevention agencies.

Social and professional networking sites – including LinkedIn, Facebook, and other platforms based on your privacy settings.

Business clients – when we provide compliance or advisory services that involve processing personal data.

Recruitment services – including employment agencies, academic references, and former employers.

3. What categories of personal data do we collect?

We may obtain the following categories of personal data:

Contact details – Name, company name, job title, phone number, email, and postal address.

Professional details – Career history, educational background, professional memberships.

Financial information – Tax details, payroll, bank details, insolvency records.

CCTV recordings – If you visit our offices, we may record CCTV footage for security purposes.

Special Categories of Data

While we typically do not collect special categories of personal data, in certain cases, we may process:

Identification documents that may reveal race, religion, or biometric data.

Expense receipts for tax or accounting services that may indicate trade union affiliations.

Criminal conviction records if required by regulatory obligations.

Diversity and equal opportunity data volunteered in professional programs.

4. What lawful reasons do we have for processing personal data?

We rely on the following lawful bases for processing personal data:

Contractual necessity – To perform contractual obligations.

Legitimate interests – To deliver services, prevent fraud, and conduct direct marketing.

Legal obligations – To comply with laws, including anti-money laundering regulations.

Consent – Where freely given by individuals.

Vital interests – To protect individuals in critical situations.

5. Why do we need personal data?

We collect personal data for:

Providing professional compliance and advisory services.

Marketing and communication purposes.

Event registrations and webinar participation.

IT system security and fraud prevention.

Recruitment and employment purposes.

Compliance with legal obligations.

6. Do we share personal data with third parties?

We may share data with trusted third parties, including:

Business partners and affiliates – Where necessary for service delivery.

Professional advisors – Such as legal firms, auditors, and insurers.

Regulatory authorities – As required by law.

Cloud and IT service providers – For secure data processing.

ComplyReg does not sell personal data to third parties for marketing purposes.

7. Do we transfer personal data outside the European Economic Area (EEA)?

We may transfer data internationally when required for business purposes. We ensure such transfers comply with relevant data protection laws through contractual safeguards.

8. Do we use cookies?

Our websites may use cookies. For more information, please refer to our Cookie Policy.

9. What are your data protection rights?

You have rights to:

Access – Request a copy of your personal data.

Rectification – Correct inaccurate information.

Erasure – Request deletion of personal data.

Restriction – Limit processing under specific conditions.

Objection – Object to processing, including for marketing purposes.

Data portability – Transfer data to another service provider.

Withdraw consent – If processing is based on consent.

To exercise your rights, please contact us at info@complyreg.com.

10. How do we protect your data?

We implement technical and organizational security measures to safeguard personal data. However, as no method of transmission over the internet is 100% secure, we cannot guarantee absolute security.

11. How long do we retain personal data?

We retain personal data as long as necessary to fulfill legal, regulatory, and business requirements, typically up to seven years, unless required otherwise.

12. Do we link to other websites?

Our website may contain external links. ComplyReg is not responsible for third-party privacy practices.

13. Who can you contact for privacy questions?

If you have questions about this Privacy Statement, please contact us at: info@compylreg.com

14. Will this Privacy Statement change?

We regularly review this Privacy Statement and will update it as necessary. Any changes will be posted on this webpage.

This Privacy Statement was last updated in July 2024.

We are here to help you

Lorem ipsum dolor sit amet consectetur. Ac aliquam mauris nulla non senectus mauris bibendum. Libero risus ultrices feugiat blandit quis justo vitae facilisi.

Contact us