Privacy Policy

Account information. When you create an account we collect your name, email address, business name, and optional details you provide such as industry, company size, and time zone.

Documents you upload. The certificates of insurance, licenses, and permits you (or your vendors) upload, along with the fields we read from them — names, dates, coverage types, and limits.

Usage and security records. We keep an audit log of key actions in your account (uploads, edits, sign-ins) and basic technical data such as IP address and browser type, which we use to operate, secure, and troubleshoot the service.

Payment information. Paid plans are billed through Stripe. Your card details are entered directly with Stripe and processed by them — CompliDrop never sees or stores your full card number.

We use the information above to:

• provide the service — read your documents, check them against your requirements, and send expiration reminders;
• create and secure your account and isolate your data from other customers;
• process payments and manage your subscription;
• respond to support requests and send service-related notices;
• detect, prevent, and investigate abuse, and meet legal obligations.

We do not sell your data, and we do not use the documents you upload to train public AI models.

We share data only with the vendors that help us run CompliDrop, and only to the extent each needs it to do its job. These include:

• Stripe — payment processing.
• Google Cloud (Document AI & Vertex AI) — reading text and fields from your uploaded documents.
• Microsoft Azure — encrypted storage of your uploaded files.
• Neon — our application database.
• Resend — sending reminder and notification emails.
• PostHog — product analytics that help us understand and improve how the app is used.
• Sentry — error monitoring so we can fix problems quickly.

We process and store data primarily in the United States. We work only with providers that commit to protecting it, and we share only what each provider needs to perform its function.

We may also disclose information if required by law, or to protect the rights, safety, and security of CompliDrop, our customers, or the public.

We use essential, first-party cookies to keep you signed in securely. We also use a product-analytics tool (PostHog) that sets a cookie and records how the app is used — such as pages viewed and features used — so we can understand and improve it. We do not use cookies for advertising, we do not run third-party ad trackers, and we do not sell your data.

Data is transmitted over encrypted connections and stored privately. Each account's data is logically isolated from every other account, passwords are stored only as salted hashes, and changes are written to an audit log. No system is perfectly secure, but we work to protect your information using industry-standard measures.

We keep your account information and documents for as long as your account is active. If you close your account, we delete or de-identify your data within a reasonable period, except where we must retain certain records to meet legal, tax, or security obligations.

You can access and update most of your information from within the app. You can also ask us to provide a copy of your data, correct it, or delete it. Depending on where you live, you may have additional rights — to know what we collect, to access or correct it, to delete it, and to opt out of any "sale" or "sharing" of personal information (we don't sell or share it). We honor these rights as required by applicable law and aim to respond within 30 days.

If your information appears inside a document that one of our customers uploaded — for example, a certificate naming you — that business controls that record. Contact them directly, or email us and we'll help route your request.

CompliDrop is a business tool, not intended for individual consumers or minors, and we do not knowingly collect personal information from children.

We may update this policy as the service evolves. When we make material changes we will update the date above and, where appropriate, notify you in the app or by email.

Questions about this policy or your data? Email us at support@complidrop.com or visit our contact page.