Privacy Policy

ComplianceAlert is a UK regulatory monitoring service operated by Dan Hall, trading as ComplianceAlert. Our contact address for data protection matters is:

We are the data controller for the personal data we collect about you. We will notify the ICO (Information Commissioner's Office) of our data processing activities as required by law. If you have any concerns about how we handle your data, you have the right to contact the ICO at ico.org.uk.

We collect the following categories of personal data when you create an account or use our service:

• Identity data: Your name
• Contact data: Email address
• Business data: Business name, business type (e.g. restaurant, retail, construction), and UK region
• Payment data: Payment card details and billing information, processed securely via Stripe. We do not store full card numbers on our systems.
• Usage data: Information about how you use the service, including alert preferences and account settings
• Technical data: IP address, browser type and version, time zone setting, operating system — collected automatically when you visit our website

We do not collect any special category personal data (such as health, ethnicity, or political views).

We use your personal data for the following purposes:

We share your data with the following trusted third-party processors, each bound by data processing agreements and appropriate safeguards:

We do not sell your personal data to any third party.

We retain your personal data for as long as your account is active, and for 1 year after you cancel your subscription. After this period, your data is securely deleted or anonymised.

We may retain certain data for longer where required by law (e.g. financial records for HMRC purposes — typically 6 years from the end of the relevant tax year).

Under UK GDPR, you have the following rights in relation to your personal data:

• Right of access: You can request a copy of the personal data we hold about you.
• Right to rectification: You can ask us to correct inaccurate or incomplete data.
• Right to erasure: You can ask us to delete your data in certain circumstances (the “right to be forgotten”).
• Right to data portability: You can request your data in a structured, commonly used, machine-readable format.
• Right to object: You can object to processing based on legitimate interests or for direct marketing.
• Right to restrict processing: You can ask us to pause processing of your data in certain circumstances.

To exercise any of these rights, please email hello@compliancealert.co.uk. We will respond within 30 days.

If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.

We use only essential cookies necessary to operate the service (e.g. session authentication). We do not use tracking or advertising cookies. You can disable cookies in your browser settings, though this may affect your ability to use the service.

We take appropriate technical and organisational measures to protect your personal data against accidental loss, unauthorised access, alteration, or disclosure. All data is encrypted in transit (TLS/HTTPS). Payment data is handled exclusively by Stripe and never stored on our servers in raw form.

Our service is intended for business owners and is not directed at children under 18. We do not knowingly collect data from children. If you believe we have inadvertently collected such data, please contact us immediately.

We may update this privacy policy from time to time. We will notify you of material changes by email or by posting a notice on our website. The “last updated” date at the top of this page reflects the most recent revision.

For any questions about this privacy policy or how we handle your data, please contact us at: