Last updated: 22/01/2026
This summary describes the data processing activities performed by ComplySafe.io as a data processor on behalf of its customers, who act as data controllers under the EU General Data Protection Regulation.
ComplySafe.io acts solely as a data processor and processes personal data only on documented instructions from the customer for the purpose of providing compliance scanning services.
Personal data is processed exclusively to perform automated compliance analysis, generate reports, and provide related service functionality requested by the customer.
Scan data and reports are retained for a limited period as defined in the Privacy Policy or until deletion is requested by the customer, unless legal obligations require longer retention.
ComplySafe.io uses vetted subprocessors for infrastructure and payment processing, including cloud hosting and billing providers. A current list is available upon request.
All personnel with access to personal data are bound by confidentiality obligations and receive appropriate data protection training.
ComplySafe.io assists customers in fulfilling data subject rights requests, including access, deletion, and rectification, as required by GDPR.
Customer data is never used to train machine learning or AI models. Processing is limited strictly to delivering the requested service.
ComplySafe.io is registered in Estonia and processes personal data in accordance with EU GDPR requirements.
For questions regarding data processing or to request a full Data Processing Agreement, contact:
Email: contact@complysafe.io