Terms of Service

By accessing or using the Complyy website at complyy.io (the "Site") or purchasing any products or services offered by Complyy ("we", "us", or "our"), you agree to be bound by these Terms of Service ("Terms"). If you do not agree to these Terms, do not use the Site.

We reserve the right to update these Terms at any time. Material changes will be communicated by updating the "Last updated" date. Continued use of the Site after changes constitutes acceptance.

Complyy provides an automated compliance monitoring platform that:

• Tests third-party websites for compliance with privacy and accessibility regulations including, but not limited to, GDPR, CCPA, CAN-SPAM, WCAG, LGPD, and US state privacy laws.
• Uses synthetic (fictitious) user identities to simulate real-user interactions such as account registration, data access requests, and opt-out flows.
• Generates compliance reports containing timestamped, cryptographically verified evidence of detected violations.
• Makes aggregate compliance data publicly available through a Compliance Directory.

You must be at least 18 years of age and capable of forming a binding contract to use the Site. By using the Site, you represent and warrant that you meet these requirements. The Site is not available to users previously barred from using our services.

Certain features require an account. You are responsible for maintaining the confidentiality of your account credentials and for all activity that occurs under your account. You must notify us immediately of any unauthorised use. We reserve the right to suspend or terminate accounts that violate these Terms.

Complyy offers subscription plans (currently Free, Starter, and Pro; an Enterprise plan is available on request).

Payments are processed by our payment provider(s). By subscribing, you also agree to the applicable payment provider's terms of service. We do not store your payment card or financial details.

Billing and auto-renewal

• Paid subscriptions are billed in advance on a monthly or annual basis, depending on the billing interval you select at checkout.
• Your subscription will automatically renew at the start of each billing period at the then-current price until you cancel. By subscribing, you authorise us (through our payment provider) to charge your payment method for each renewal.
• You are responsible for keeping your payment method up to date.

Plan upgrades

• Upgrades (e.g., Starter → Pro, or monthly → annual) take effect immediately.
• You will be charged a prorated amount for the remainder of your current billing period at the new plan's rate, less any credit for what you have already paid at the lower rate.

Plan downgrades and cancellations

• Downgrades (e.g., Pro → Starter, annual → monthly, or downgrade to Free) take effect at the end of your current billing period.
• You retain full plan benefits until then. No additional charges apply until the switch.
• If after a downgrade you have more monitored websites, team seats, or other resources than your new plan permits, the excess will be paused (disabled but preserved), not deleted. Assets are paused newest-first; the oldest-added assets remain active up to your new plan's limit. You can re-enable paused assets by upgrading again or by removing active assets to free up capacity.
• Upon downgrade, your scan history visibility is immediately reduced to the window permitted by your new plan. Scan results that fall outside the new plan's history window will no longer be accessible, even if you could access them before the downgrade. Upgrading restores access to previously visible history.
• Cancellation takes effect at the end of your current billing period. Until then, your service continues unchanged.

No refunds

All subscription payments are final and non-refundable. We do not issue refunds, credits, or pro-rata returns for:

• Partial billing periods following a downgrade or cancellation;
• Unused features or unused capacity;
• Account closure, suspension, or termination for any reason;
• Periods during which you choose not to use the service;
• Errors, inaccuracies, false positives, false negatives, missed findings, or other defects in scan results, compliance scores, or reports. Our service is automated and results are provided on an "as is" basis (see Section 6). If you believe a result is incorrect, contact [email protected] and we will investigate, but this does not entitle you to a refund or credit.

This policy applies to the maximum extent permitted by law. See subsection "EU/UK consumer right of withdrawal" below for an exception applicable to certain consumers.

Failed payments

• If a renewal payment fails, our payment provider will automatically retry the charge and notify you to update your payment method, in accordance with its own dunning policy.
• If the payment is not successfully collected within the retry window set by our payment provider, your subscription will be cancelled and your account will be moved to the Free plan. Over-limit resources will be paused following the rules described above.
• Your data is not deleted in this scenario - see Section 7 ("Data Ownership") for details on the platform's ownership of compliance data.

Price changes

We may change subscription prices from time to time. For active subscribers, we will provide at least 30 days' notice before any price change takes effect. The new price will apply at the start of the first billing period after the notice period. If you do not wish to continue at the new price, you may cancel before the change takes effect.

EU/UK and global consumers

Our payment processing is handled by a Merchant of Record (MoR) that is responsible for collecting and remitting applicable taxes (including VAT and sales tax), managing chargebacks, and ensuring compliance with local consumer protection laws in the jurisdictions where it operates. Statutory rights applicable to you under the laws of your country are governed by the MoR's terms of service. By completing a purchase, you also agree to the MoR's terms.

Compliance reports, scan results, scores, and findings provided by Complyy are produced by automated software and are for informational purposes only. They do not constitute legal advice.

Because the service is fully automated, results may contain errors, including but not limited to: false positives (a violation reported where none exists), false negatives (a violation missed), incorrect categorisation, misidentified pages or elements, stale data, or failures caused by changes to the target website, network conditions, third-party services, anti-bot defences, or other factors outside our control. We take significant steps to improve accuracy and reliability over time, but we do not warrant that any report or result is complete, accurate, error-free, current, or admissible in any particular legal proceeding.

You are solely responsible for verifying any finding before relying on it or acting on it. You should consult a qualified attorney before taking legal action based on information from a Complyy report or result.

No liability for errors in results.

To the maximum extent permitted by applicable law, Complyy shall not be liable for any loss, damage, claim, or consequence arising out of or related to errors, inaccuracies, omissions, false positives, false negatives, or other defects in any scan result, score, finding, or report. Errors in results are not grounds for a refund, credit, or chargeback of any subscription fee or one-time purchase, and are not grounds for cancelling, suspending, or reversing any payment obligation.

If you see a result you believe is incorrect, please contact [email protected]. We review every report in good faith and use it to improve our testing methodology, but submitting a report does not entitle you to a refund or any other monetary remedy.

All compliance data, scan results, scores, evidence artefacts, regulatory mappings, and other information generated, collected, or derived by the Complyy platform about any company or website (collectively, "Platform Data") is owned exclusively by Complyy.

Your subscription grants you a non-exclusive, non-transferable, revocable licence to access and use Platform Data through the Complyy interface for the duration of your subscription and within the limits of your plan. It does not grant you any ownership of, or perpetual rights in, the Platform Data itself.

Specifically, you acknowledge and agree that:

• Cancellation, downgrade, non-payment, or termination of your account ends your access licence. We are not obligated to export, deliver, or otherwise transfer Platform Data to you upon termination.
• Scan evidence artifacts (screenshots, session recordings, and DOM snapshots) are retained for 30 days from the date of capture and permanently deleted thereafter. Scores, findings, and scan metadata are not subject to this 30-day limit.
• Platform Data may continue to be retained, processed, used by us, and exposed through our public Compliance Directory or other products, regardless of your subscription status.
• We may anonymise, aggregate, or otherwise transform Platform Data for any lawful purpose, including improving the service, research, and marketing.
• You may not extract, scrape, copy in bulk, or systematically retain Platform Data outside of the normal use of the Complyy interface, except as expressly permitted in writing.

This Section does not apply to information that constitutes your personal data under applicable privacy law (such as your account profile, payment data, or other personal identifiers you provide). Your rights regarding such personal data are described in our Privacy Policy.

Our platform creates fictitious user identities solely for the purpose of automated compliance testing. By using this Site, you acknowledge and agree that:

• Synthetic identities used in testing are not real persons.
• Our testing activities are conducted for lawful compliance research purposes.
• We comply with applicable anti-spam and computer fraud laws in our testing methodology.
• We do not use synthetic identities to engage in fraudulent transactions, unauthorised access, or any other unlawful activity.

The Compliance Directory displays aggregate compliance information about third-party websites. This information is derived from our automated testing and is provided without warranty. We reserve the right to add, remove, or update any entry at our sole discretion.

If you represent a company listed in the directory and believe data is inaccurate, contact us at [email protected]. We will review the matter in good faith but are not obligated to remove accurate information.

You agree not to:

• Use the Site for any unlawful purpose or in violation of any applicable regulations.
• Attempt to scrape, crawl, or systematically extract data from the Site without prior written consent.
• Interfere with or disrupt the security, integrity, or performance of the Site.
• Reverse-engineer, decompile, or disassemble any part of the Site.
• Use the Site to harass, defame, or harm any individual or entity.
• Impersonate any person or entity, or misrepresent your affiliation with any person or entity.
• Use Complyy reports, scan results, or other Platform Data to make false or misleading public statements about any company.

All content on the Site - including text, graphics, logos, software, and the methodologies underlying our compliance tests - is the property of Complyy or its licensors and is protected by applicable intellectual property laws.

Nothing in these Terms grants you any rights to our intellectual property other than the limited, revocable licence to access and use Platform Data through your active subscription, as described in Section 7.

Disclaimer of warranties

The Site and all content, reports, and services are provided "AS IS" and "AS AVAILABLE" without any warranty of any kind, express or implied, including but not limited to warranties of merchantability, fitness for a particular purpose, and non-infringement.

Limitation of liability

To the maximum extent permitted by applicable law, Complyy and its officers, directors, employees, and agents shall not be liable for any indirect, incidental, special, consequential, or punitive damages - including loss of profits, data, or goodwill - arising out of or in connection with your use of the Site or any report, even if advised of the possibility of such damages.

Our total aggregate liability to you for any claims arising under these Terms shall not exceed the amount you paid to us in the 12 months preceding the claim, or USD $100, whichever is greater.

You agree to indemnify, defend, and hold harmless Complyy and its affiliates, officers, employees, and agents from any claims, liabilities, damages, losses, and expenses (including reasonable attorneys' fees) arising from your use of the Site, your violation of these Terms, or your infringement of any third-party rights.

The Site may contain links to third-party websites. We have no control over the content or practices of those sites and accept no responsibility for them. Links do not constitute endorsement.

These Terms are governed by the laws of the State of Delaware, United States, without regard to conflict of law principles. Any dispute arising from these Terms or your use of the Site shall first be subject to good-faith negotiation. If unresolved, disputes shall be submitted to binding arbitration under the rules of the American Arbitration Association, conducted in English.

You waive the right to participate in class action lawsuits or class-wide arbitration.

We may suspend or terminate your access to the Site at any time, with or without cause, and with or without notice. Upon termination, your right to use the Site ceases immediately. Sections that by their nature should survive termination (including Sections 7, 11, 12, 13, and 15) will survive.

If any provision of these Terms is found to be unenforceable, the remaining provisions will continue in full force. Our failure to enforce any right or provision does not constitute a waiver of that right.

For questions about these Terms, contact us at:

Complyy allows a business to assert ownership of a website domain that is being monitored on the platform. This Section governs the ownership verification feature ("Claim").

How verification works

To claim ownership, an account administrator must demonstrate control of the domain by one of two methods:

• DNS TXT record - adding a platform-issued verification token as a TXT record at _complyy-verify.<domain>; or
• HTML meta tag - inserting a platform-issued meta tag into the homepage of the domain.

Verification is performed automatically by the platform upon your request. DNS propagation delays are outside our control; we recommend waiting up to 24 hours before retrying a DNS-based verification.

Exclusivity

A domain may only be claimed by one account at a time. The first account to successfully verify ownership of a domain locks the claim. Subsequent accounts monitoring the same domain may not claim or edit that domain's shared company record while an active claim exists.

Rights granted upon verification

Once verification is confirmed, account administrators and owners of the claiming account may:

• Edit the company name, description, and industry classification displayed in the Compliance Directory.
• Add, update, or remove regulatory links (privacy policy, cookie policy, DSAR form, etc.).
• Add or update contact email addresses (privacy, security, and support emails).

Edits made by a claiming account affect the shared company record that is visible to all other accounts monitoring the same domain, as well as to the public through the Compliance Directory. You are responsible for ensuring that any information you submit is accurate and does not violate any third-party rights.

Ownership verification does not transfer data ownership

Verifying ownership of a domain does not transfer ownership of any Platform Data, scan results, compliance scores, or evidence artefacts generated by Complyy. All such data remains owned by Complyy as described in Section 7. Claim verification grants you editing rights over the company profile, not rights over compliance data.

Revocation

Complyy reserves the right to revoke or invalidate a claim at any time in cases of dispute, abuse, misrepresentation, or where we have reason to believe the claim does not accurately reflect domain ownership. Revocation of a claim removes editing rights immediately but does not otherwise affect your subscription or access to compliance monitoring for that domain.

Account and access requirements

Only users with the owner or admin role in a Complyy workspace may initiate or use verification-gated editing features. Member-role users in a workspace may view claim status but cannot edit company details.