Privacy Policy

Last updated: January 2024

1. Introduction

ConsentProof Ltd ("ConsentProof", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our consent management API service and website.

2. Information We Collect

2.1 Information You Provide

  • Account information (name, email, company name)
  • Payment information (processed securely by Stripe)
  • Communication data (support tickets, emails)

2.2 Information Collected Automatically

  • API usage data and analytics
  • Log data (IP addresses, browser type, pages visited)
  • Device information

2.3 Data Processed on Behalf of Customers

As a data processor, we process consent records that our customers submit through our API. This data is processed solely according to our customers' instructions and our Data Processing Agreement.

3. How We Use Your Information

  • To provide and maintain our service
  • To process payments and billing
  • To send service-related communications
  • To provide customer support
  • To improve our services
  • To comply with legal obligations

4. Data Retention

We retain your personal information for as long as your account is active or as needed to provide services. Consent records processed on behalf of customers are retained according to the customer's configuration and our data retention policies (default: 24 months).

5. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • Encryption in transit (TLS 1.3) and at rest (AES-256)
  • Regular security audits
  • Access controls and authentication
  • Secure data centers with SOC 2 compliance

6. Your Rights

Under GDPR and other applicable laws, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request deletion of your data
  • Object to processing
  • Data portability
  • Withdraw consent

7. Cookies

We use essential cookies to operate our website and service. We do not use tracking or advertising cookies.

8. Third-Party Services

We use the following third-party services:

  • Stripe (payment processing)
  • AWS/Cloud providers (infrastructure)
  • Email service providers (transactional emails)

9. International Transfers

Your data may be transferred to and processed in countries outside the EEA. We ensure appropriate safeguards are in place, including Standard Contractual Clauses.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

11. Contact Us

If you have questions about this Privacy Policy, please contact us at:

Email: privacy@consentproof.io

ConsentProof Ltd
London, United Kingdom