Privacy Policy

ComplianceKit helps founder-led SaaS teams create buyer-ready compliance materials. This policy explains what information we collect, how we use it, and the limits of what the service is designed to do.

What we collect

We collect account information you provide during sign-up, onboarding answers about your company and systems, documents or questionnaire files you upload, billing information handled through our payment processor, and product usage analytics when enabled.

How we use information

We use your information to authenticate your account, generate policies and other compliance artifacts, render your trust page, improve product reliability, prevent abuse, and support billing and customer support workflows.

Trust pages and public information

Trust pages are designed to be shared publicly by your team. Only information intentionally included in your generated trust-page posture should be treated as public. Do not include secrets, credentials, or private customer data in trust-page content.

Analytics and cookies

We may use analytics tools such as PostHog to understand traffic source, trial starts, onboarding completion, and checkout behavior. When analytics is enabled, browser storage may be used to preserve attribution and basic product analytics state.

Service providers

ComplianceKit may rely on infrastructure, storage, authentication, payment, email, and model providers to operate the service. These providers process data only as needed to provide the service on our behalf.

Retention

We retain account data and generated artifacts for as long as needed to provide the service, comply with legal obligations, resolve disputes, and enforce agreements. You can contact us to request account deletion, subject to operational and legal requirements.

Contact

For privacy requests, contact privacy@klytics.io.