Skip to content
CompCal
HomeGuidesBlogLog inGet Started

Privacy Policy

Last updated: February 26, 2026

1. Introduction

CompCal Inc. ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our compliance calendar platform. This policy complies with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Data Controller

CompCal Inc. is the data controller for personal data processed through the Service. Contact: privacy@compcal.app.

3. Data We Collect

Account data: Name, email address, and password hash when you register.

Organization data: Company names, compliance obligations, filing deadlines, and documents you upload.

Usage data: Pages visited, features used, browser type, IP address, and device information.

Payment data: Processed by Stripe. We do not store credit card numbers.

4. Legal Basis for Processing (GDPR)

We process your data on the following legal bases:

  • Contract performance: To provide the Service you signed up for.
  • Legitimate interest: To improve the Service, prevent fraud, and ensure security.
  • Consent: For optional communications such as marketing emails.
  • Legal obligation: To comply with applicable laws and regulations.

5. How We Use Your Data

We use your data to: provide and maintain the Service; send compliance alerts and notifications; process payments; improve the Service; provide customer support; and comply with legal obligations.

6. Data Sharing

We do not sell your personal data. We may share data with: service providers (Supabase for hosting, Stripe for payments, Resend for email); law enforcement when legally required; and in connection with a merger or acquisition.

7. Data Retention

We retain your data for as long as your account is active. After account deletion, we remove personal data within 30 days, except where retention is required by law.

8. Your Rights (GDPR)

You have the right to: access your personal data; rectify inaccurate data; erase your data ("right to be forgotten"); restrict processing; data portability; object to processing; and withdraw consent at any time. To exercise these rights, contact privacy@compcal.app.

9. Security

We implement industry-standard security measures including encryption in transit (TLS), encryption at rest, regular security audits, and role-based access controls. However, no method of transmission over the Internet is 100% secure.

10. International Transfers

Your data may be transferred to and processed in countries outside the EEA. We ensure appropriate safeguards are in place, including Standard Contractual Clauses.

11. Cookies

We use essential cookies for authentication and session management. We do not use third-party tracking cookies.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification.

13. Contact

For privacy-related inquiries: privacy@compcal.app

CompCal - Compliance Calendar