Privacy Policy
Your privacy and data protection are important to us
Last Updated: July 6, 2026
1. Introduction
Complisanc Consulting Services (SEY) ("we," "our," or "us") operates as a systems integrator for the CompliSey KYC/AML compliance platform. We provide deployment, support, and related services.
This Privacy Policy covers:
- Our website at complisey.com (information pages and the contact form), and
- The CompliSey software deployed on our clients' infrastructure.
CompliSey software: deployed on-premise on your organisation's infrastructure. You control your environment and the customer data held in the system.
Our website: a marketing and enquiry site. It does not host your CompliSey installation or your compliance records.
We aim to handle personal data lawfully and transparently, including where GDPR or similar laws apply.
2. Information We Collect
2.1 Website visitors (complisey.com)
If you use our contact form, we collect what you submit, such as:
- Name and email address
- Company or institution
- Phone number (if you provide it)
- Request type (quote, demo, trial, more information)
- Optional fields (company size, industry, jurisdictions, expected users) when relevant to your request
- Your message
We use this to respond to your enquiry. Our lawful basis is typically legitimate interest (handling business enquiries) and, where relevant, steps at your request before a contract.
2.2 CompliSey software clients
If you are a CompliSey customer, we may also process:
- Account and licence information (name, email, organisation)
- Customer and compliance data you enter in the system (under your control on-premise)
- Documents and metadata uploaded for KYC/AML purposes
- Support and implementation correspondence
2.3 Technical data
Website: our hosting provider may log standard server data (e.g. IP address, browser type, pages requested, date and time). We do not use advertising or analytics cookies on complisey.com at the time of this policy.
CompliSey software: audit logs and usage data within your on-premise installation, as configured by your organisation.
3. How We Use Your Information
We use the information we collect to:
- Respond to website enquiries (quotes, demos, trials, support)
- Provide, maintain, and improve our services
- Process transactions and manage your account
- Perform KYC/AML compliance functions as requested
- Send you service-related communications
- Respond to your inquiries and provide support
- Ensure security and prevent fraud
- Comply with legal obligations
4. Data Security and On-Premise Deployment
On-Premise Installation: CompliSey is deployed exclusively on your organization's infrastructure. All data remains within your controlled environment, and you are responsible for:
- Physical security of your servers and infrastructure
- Network security and firewall configurations
- Backup and disaster recovery procedures
- Access control to your premises and systems
- Compliance with your organization's security policies
CompliSey provides the following security features within the software:
- Encryption: AES-256 encryption at rest for sensitive data
- Access Controls: Role-based access control and authentication
- Audit Logging: Complete audit trails of all data access
- Secure Storage: Data stored in secure, access-controlled environments
- Regular Updates: Security patches and updates provided for the software
While we provide secure software and security recommendations, the ultimate security of your on-premise installation depends on your infrastructure, policies, and practices. We cannot guarantee absolute security of your deployment environment.
5. Data Retention
Website enquiries: we keep contact form submissions in our business email for as long as needed to handle your request and for ordinary business records, unless you ask us to delete them and we are not required to keep them.
CompliSey clients: we retain data for as long as necessary to:
- Provide our services to you
- Comply with legal and regulatory obligations
- Resolve disputes and enforce agreements
Compliance data may be retained longer as required by applicable regulations (typically 5-7 years for AML compliance records).
6. Data Sharing and Disclosure
We do not sell personal data. We may share information only as follows:
- Website contact form: when you submit the form, your details are sent through EmailJS (EmailJS privacy policy) to deliver the message. EmailJS may process and temporarily store submission data on its systems. Outbound email is sent via our business email provider (Namecheap Private Email / SMTP). EmailJS and our email host may process data in countries outside Seychelles, including the United States.
- Website delivery: complisey.com is hosted by our web hosting provider. Fonts are loaded from Google Fonts; the contact form script is loaded from jsDelivr (EmailJS browser SDK). These services may receive technical data such as IP address when your browser requests their resources.
- Service providers: other trusted providers who help us operate our business (under appropriate confidentiality and data protection terms)
- Legal requirements: when required by law, court order, or regulatory authority
- Business transfers: in connection with a merger, acquisition, or sale of assets (with notice where required)
- With your consent: when you explicitly authorise sharing
On-premise CompliSey data: customer and screening data in the software stays on your infrastructure. We do not access it unless you grant access for support or implementation.
7. Your Rights
Depending on your location, you may have the following rights regarding your personal data:
- Access: Request access to your personal data
- Rectification: Request correction of inaccurate data
- Erasure: Request deletion of your data (subject to legal obligations)
- Restriction: Request restriction of processing
- Data Portability: Request transfer of your data
- Objection: Object to certain types of processing
- Withdraw Consent: Withdraw consent where processing is based on consent
To exercise these rights, please use our contact form.
8. Cookies and Third-Party Scripts
complisey.com does not set marketing or analytics cookies at the time of this policy. The contact form uses JavaScript from jsDelivr to connect to EmailJS; that is a network request, not a cookie we place on your device.
Your browser may store standard technical data when loading pages, fonts (Google Fonts), or scripts. You can control cookies and similar storage in your browser settings.
CompliSey software (on-premise) may use session mechanisms as part of normal application login; that is governed by your organisation's deployment and policies.
9. Third-Party Data and Limitations of Responsibility
Client Customer Data: CompliSey is a software platform that processes data entered by you, our client. When you use CompliSey to manage KYC/AML compliance for your customers, you are responsible for:
- The accuracy, completeness, and legality of all customer data you enter into the system
- Obtaining appropriate consent and authorization from your customers for data processing
- Compliance with applicable data protection laws regarding your customers' data
- Ensuring that your use of CompliSey complies with all relevant regulations
Limitation of Liability: Complisanc Consulting Services (SEY) cannot be held responsible for:
- The accuracy, completeness, or legality of third-party data (your customers' data) entered into CompliSey by you
- Data quality issues arising from incorrect or incomplete information provided by you
- Compliance decisions made by you based on data processed through CompliSey
- Regulatory actions or penalties resulting from your use of the system or the data you process
- Third-party data breaches that occur within your infrastructure
CompliSey provides tools and features to assist with compliance, but you remain solely responsible for your compliance obligations and the data you process through the system.
10. International Data Transfers
CompliSey software: deployed on your infrastructure. Data in the application remains in the environment you control. You are responsible for cross-border transfers that arise from your own use of the system.
Website enquiries: contact form submissions are processed by EmailJS and our email/hosting providers, which may operate in countries outside Seychelles (including the United States). Where required, we rely on appropriate safeguards such as standard contractual clauses or equivalent mechanisms offered by those providers.
11. Children's Privacy
Our service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.
12. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date.
13. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us:
- Entity: COMPLISANC CONSULTING SERVICES (SEY)
- Trading as: CompliSey
- BRN: B8440882
- Trade licence: 923280
- Activity: Systems integration and compliance technology services
- Contact: Contact form on complisey.com
14. Compliance
We are committed to complying with applicable data protection laws, including:
- General Data Protection Regulation (GDPR)
- California Consumer Privacy Act (CCPA)
- Other applicable regional data protection laws