Last updated: 03 August 2025
Compliance Standards (“we”, “us” or “our”) provides advisory services and resources through the website compliancestandards.com (the “Site”). We are headquartered in the United States and serve clients globally, including in the European Union (EU) and European Economic Area (EEA). This Privacy Policy describes how we collect, use and protect personal information obtained through our Site and associated services (including forms, newsletters and paid subscriptions) and explains your rights.
1. Information We Collect
| Category of data | Examples | Purpose (legal basis) |
|---|---|---|
| Contact details | Name, job title, company, email address, telephone number, business address | Collected when you create an account, request information, register for free access, sign up for newsletters or participate in events; used to provide requested information or services (legitimate interest/contract performance). |
| Newsletter & marketing data | Preferences and areas of interest (e.g., compliance topics), confirmation of marketing opt‑in | Collected when you subscribe to newsletters; used to send updates and marketing communications. We only send marketing emails to individuals in the EU/EEA with prior consent or where permitted under legitimate interest; you can unsubscribe at any time. |
| Account data | Username and password for registered users (free or paid) | Used to manage accounts, authenticate users and provide access to resources; necessary for contract performance. |
| Payment information | When you purchase paid products or services, payment card details are transmitted directly to a third‑party payment processor (e.g., Stripe, PayPal, Square) | We do not store or collect full credit‑card details. Payment processors handle this information and are PCI‑DSS compliant. We receive confirmation of payment and limited billing details (e.g., last four digits, transaction identifier) to manage orders (contract performance). |
| Usage data | IP address, browser type, device identifiers, pages visited, date/time, referring URL | Collected via cookies and similar technologies to analyse site usage, remember preferences, and maintain security. Cookies are only set with consent where required by the EU ePrivacy Directive. |
| Support or inquiry data | Information you provide when you contact us via email or web forms | Used to respond to your questions or requests (legitimate interest). |
| Third‑party data | Data about your payment or engagement collected by third‑party processors or analytics services | Used according to their privacy policies; we require vendors to adhere to appropriate security and data‑protection standards. |
2. How We Collect Information
We collect personal information directly from you when you fill out forms on our Site (e.g., creating an account, signing up for newsletters, requesting reports or white papers, purchasing subscriptions), contact us by email or phone, or attend our events. We may also collect information automatically through cookies or similar technologies when you visit our Site, and from third‑party payment processors when you make a purchase.
3. How We Use Your Information
We use personal information for the following purposes:
- Provide services and fulfill contracts. We use your information to create and manage your account, provide access to free and paid resources, deliver reports or newsletters you request, and process transactions (contract performance). For paid subscriptions, we share payment information with trusted payment processors and do not store full credit‑card data.
- Communicate with you. We respond to inquiries, send administrative messages (e.g., confirmations, account updates, security alerts), and deliver newsletters and marketing communications with your consent or where permitted under legitimate interest.
- Improve our Site and services. We analyse usage data to understand how visitors use our Site and to improve user experience and content.
- Comply with legal obligations and protect our rights. We may process data to comply with applicable laws, respond to lawful requests, prevent fraud, and protect the security of our systems.
4. Legal Basis for Processing
For individuals in the EU/EEA, we rely on one or more of the following legal grounds under the General Data Protection Regulation (GDPR):
- Consent – you have given consent for specific purposes (e.g., subscribing to newsletters or optional marketing).
- Contract performance – processing is necessary to fulfil our agreement with you (e.g., managing accounts, providing services, processing payments).
- Legal obligations – compliance with applicable laws and regulations (e.g., tax, anti‑money‑laundering requirements).
- Legitimate interests – we have a legitimate interest in conducting and managing our business, such as improving our Site, communicating about services, and preventing fraud, and we balance this against your interests and rights.
5. How We Share Information
We do not sell your personal data. We may share your information in the following circumstances:
- Vendors and service providers. We share data with third parties who provide services on our behalf (e.g., payment processors, cloud hosting, analytics, email delivery). These providers only process data as instructed by us and must implement appropriate security measures.
- Affiliates and subsidiaries. We may share data within our corporate group for administrative purposes and to provide services.
- Legal requirements and business transfers. We may disclose information where required by law, in response to lawful requests by authorities, or in connection with mergers, acquisitions or business restructuring.
6. International Data Transfers
Because we are based in the United States and serve clients in the EU/EEA, your information may be transferred to and processed in countries outside your jurisdiction. For personal data subject to European data protection laws, we implement appropriate safeguards, such as Standard Contractual Clauses and other lawful transfer mechanisms. We also participate in the EU‑U.S. Privacy Shield successor frameworks and require our vendors to provide equivalent protection.
7. Data Retention
We retain personal information for as long as necessary to fulfil the purposes described above, comply with legal obligations, resolve disputes, and enforce our agreements. Retention periods vary depending on the nature of the data and our contractual or legal obligations.
8. Security Measures
We employ physical, technical and administrative measures designed to protect personal information against unauthorized access, disclosure or loss. Access to personal data is limited to authorized personnel and service providers who require it to perform their duties. While we strive to protect your information, no method of transmission or storage is completely secure. Please notify us immediately if you believe your account or interaction with us is no longer secure.
9. Your Rights
9.1 Rights of individuals in the EU/EEA
Depending on the jurisdiction, you may have the following rights under applicable data‑protection laws:
- Access. Request copies of your personal data.
- Rectification. Request correction of inaccurate or incomplete data.
- Erasure. Request deletion of your personal data (subject to legal or contractual obligations).
- Restrict processing. Request that we limit the processing of your data in certain circumstances.
- Object to processing. Object to processing based on legitimate interests or direct marketing.
- Portability. Request transfer of your data to you or another organization in a structured, commonly used format.
- Withdraw consent. Withdraw previously granted consent at any time.
To exercise these rights, please contact us using the details in the Contact Us section. We may require verification of your identity and may be unable to fulfil requests where legal exemptions apply.
9.2 California & Virginia residents
If you reside in California or Virginia, state privacy laws (e.g., CCPA, VCDPA) provide additional rights. These may include rights to know what categories of personal information we collect, request deletion or correction, opt out of certain data sharing or sales, and not be discriminated against for exercising your rights. We provide specific notices on our Site for these jurisdictions and comply with statutory requirements.
10. Cookies and Similar Technologies
We use cookies to improve your experience, keep you signed in, analyze how our Site is used and deliver relevant content. Cookies may collect information such as your IP address, device type, pages visited and preferences. In the EU/EEA, we obtain your consent before placing non‑essential cookies. You can control cookies through your browser settings; note that disabling cookies may affect site functionality.
11. Newsletter and Marketing Communications
If you subscribe to our newsletters or other marketing communications, we will collect your contact details and areas of interest. We may send you compliance updates, industry insights and promotional information. For individuals in the EU/EEA (and certain other jurisdictions), we only send marketing communications with your prior consent or where permitted under legitimate interest. You can opt out at any time by using the “unsubscribe” link in our emails or by contacting us.
12. Children’s Privacy
Our Site and services are not directed at children under 16. We do not knowingly collect personal information from children. If we learn that we have collected personal data from a child without parental consent, we will delete it.
13. Third‑Party Websites
Our Site may contain links to other websites. We are not responsible for the privacy practices or content of third‑party sites. Please review the privacy policies of any websites you visit via external links.
14. Changes to this Policy
We may update this Privacy Policy periodically. We will post the updated policy on our Site and indicate the date of revision. If changes materially affect your rights, we will notify you via email or a prominent notice on our Site. Your continued use of the Site after posting the changes constitutes acceptance.
15. Contact Us
If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:
Compliance Standards
Address: 2361 Walnut Court, Pembroke Pines, FL 33026
Email: inquiries@compliancestandards.com
Phone: 754.229.0095