Privacy Notice
Last updated: June 15, 2026
1. Who we are
CompliWorx is operated by Taproot Commerce LLC ("we", "us"), a Connecticut limited liability company with EIN 41-3990277, located at 2389 Main St., Ste 100, Glastonbury, CT 06033, USA. We are the data controller for personal data processed through the CompliWorx service.
2. Personal data we collect
- Account data — name, email, password (hashed), company, role.
- Profile and content data — worker records, asset records, documents, inspection logs, and other data you upload.
- Support data — messages you send to support.
- Usage and telemetry — pages visited, features used, error logs, device and browser identifiers, IP address.
- Payment data — handled by Paddle (our Merchant of Record). We do not store full card details.
3. How we use personal data and our legal basis
| Purpose | Legal basis |
|---|---|
| Create and operate your account; provide the Service | Performance of a contract |
| Process payments, taxes, invoicing (via Paddle) | Performance of a contract; legal obligation |
| Customer support | Performance of a contract; legitimate interests |
| Security, fraud prevention, abuse detection | Legitimate interests; legal obligation |
| Product improvement and analytics | Legitimate interests |
| Marketing communications | Consent (where required); legitimate interests |
4. Who we share data with
- Paddle — our Merchant of Record, processes payments, subscription management, taxes, and invoicing on our behalf.
- Service providers / subprocessors — hosting, database, email delivery, error monitoring, and analytics providers acting under our instructions.
- Professional advisers — legal, accounting, and audit advisers, where required.
- Authorities — where required by law, court order, or to protect rights, property, or safety.
- Successors — in connection with a merger, acquisition, or sale of assets.
We do not sell your personal data.
5. International transfers
Our service providers may process data in the United States and other countries. Where data is transferred from the UK or EEA, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.
6. Data retention
We keep account and content data while your account is active and for a reasonable period after closure to comply with legal, tax, and audit obligations. We delete or anonymize data when it is no longer needed.
7. Security
We use appropriate technical and organisational measures, including encryption in transit, access controls, and row-level security in our database, to protect your data.
8. Your rights
Depending on where you live, you may have the right to:
- access the personal data we hold about you;
- request correction or deletion;
- request restriction of, or object to, our processing;
- request portability;
- withdraw consent at any time;
- lodge a complaint with your local supervisory authority (UK/EEA residents).
To exercise these rights, contact privacy@compliworx.com. We respond within one month.
9. Cookies
We use essential cookies required to keep you signed in and to operate the Service, and limited analytics cookies to understand aggregate usage. You can manage cookies through your browser settings.
10. Children
The Service is not directed to children under 16.
11. Changes to this notice
We may update this notice from time to time. Material changes will be notified through the Service or by email.
12. Contact
Taproot Commerce LLC, 2389 Main St., Ste 100, Glastonbury, CT 06033, USA. Email: privacy@compliworx.com.