Last updated: April 2026
ComplianceRevolution provides AI-led compliance readiness assessments and advisory services for regulated firms, fintechs, and crypto-exposed businesses. Our website is compliancerevolution.co.uk.
We collect the following information when you use our service:
Account information: Name, email address, and authentication details provided via Google sign-in or email registration (processed by Clerk).
Assessment data: Your responses to compliance readiness questions, selected domains, jurisdiction, and organisation type.
Payment information: Payment details are processed securely by Stripe. We do not store card numbers.
Usage data: Basic analytics including pages visited and features used.
We use your data to:
Generate your compliance readiness report and executive summary. Process payments for premium services. Send transactional emails (report delivery, booking confirmations). Improve our assessment questions and service quality. Contact you about your assessment results (only if you consented to advisor sharing).
We process your data on the following legal bases under UK GDPR:
Consent: You explicitly consent to data storage when completing the consent form before your assessment. Advisor sharing is optional and separately consented.
Contract: Processing necessary to deliver the services you have purchased.
Legitimate interest: Service improvement and fraud prevention.
We use the following third-party processors:
Clerk (authentication), Supabase (database hosting), Stripe (payments), Resend (email delivery), Cal.com (appointment scheduling), Netlify (hosting), and Anthropic/OpenAI (AI summary generation).
We do not sell your data to third parties. Assessment data is only shared with an advisor if you have explicitly consented.
Assessment data is retained for 24 months after your last interaction, or until you request deletion. Payment records are retained as required by UK tax law (typically 6 years). You can request deletion of your data at any time by contacting us.
Under UK GDPR, you have the right to: access your personal data, rectify inaccurate data, erase your data, restrict processing, data portability, object to processing, and withdraw consent at any time.
To exercise any of these rights, contact us at info@compliancerevolution.co.uk.
All data is encrypted in transit (TLS) and at rest. API keys and sensitive credentials are stored securely and never exposed to client-side code. We use industry-standard authentication and access controls.
For privacy-related enquiries: info@compliancerevolution.co.uk