This policy explains the types of personal data processed through Compamin, why that data is used, and the controls available to users and workspace operators.
Compamin is used to manage company administration tasks such as user accounts, company settings, shareholder records, board meetings, documents, and audit history.
This page is written for the current functionality of the product. It should still be reviewed by legal counsel before you rely on it as final production legal text.
We collect account information such as name, email address, encrypted password credentials, and authentication session data.
We also collect company workspace data entered by users, including company details, shareholder information, transaction records, board meeting information, uploaded document metadata, invitations, and audit log events.
If documents are uploaded, the related metadata may include title, category, file type, file size, upload time, and the user responsible for the upload.
We process data to provide secure access to the service, maintain company records, support governance workflows, protect the platform from misuse, and give authorised users a reliable operational history.
Where optional analytics or marketing tools are introduced later, those should only run if the visitor has given consent through the cookie settings.
For core product functionality, the main legal bases are contract performance, legitimate interests in operating a secure SaaS product, and compliance with legal obligations where relevant to company record-keeping.
For optional analytics or marketing cookies, consent should be the legal basis and those categories should remain off until consent is given.
Account and company workspace data is stored for as long as the customer relationship remains active and for any additional period needed to resolve disputes, meet legal obligations, or protect the service.
Cookie preferences are stored for up to 12 months before they should be refreshed or reviewed again.
Depending on your situation, you may have the right to request access, correction, deletion, restriction, portability, or objection to certain processing of your personal data.
Requests should be handled by the organisation operating the Compamin workspace you use. If you run the service yourself, you are responsible for setting up a contact channel for privacy requests.
Compamin uses authentication, role-based access control, and audit logging to reduce the risk of unauthorised access and to make important changes traceable.
Hosting, database, email, storage, and analytics providers may act as data processors. Those subprocessors should be listed and reviewed before production use.