Policies – FComply

PRIVACY AND DATA SECURITY STATEMENT

This Privacy Statement was amended as of May 20, 2026 and is effective as of that date.

Thank you for visiting FComply, Inc.‘s Online and Mobile Resources (defined below), and for viewing this Privacy Statement. This Privacy Statement applies to any online and mobile resource that links to this Statement, including FComply.com and related websites, applications, and services operated by FComply, Inc. Our full Privacy Statement, contained in the pages that follow, serves to give notice to data subjects, other than our Workforce and Job Applicants (defined below), about the types of Personal Data (defined below) we collect as a controller, how we use it, who we disclose it with and why, your rights with respect to your Personal Data, and what we do to try to protect it. In addition, the Cross-Border Data Transfer section addresses certain Personal Data we receive from our business customers to process in connection with providing them services that is imported to the United States from certain European territories. We encourage you to read our full Statement carefully. Workforce and Job Applicants can obtain a copy of a notice of the data practices that apply to them by contacting us directly. This Statement also outlines privacy rights and options that you may have, and how to exercise them, including for our Workforce and Job Applicants, as more fully set forth in Your California Privacy Rights, Your GDPR Privacy Rights and our DPF Policy.

SOME IMPORTANT VOCABULARY

Although not itself a contract, this Privacy Statement is an important document that explains how we address some of our legal obligations, and your related legal rights, involving Personal Data. Clarity is, therefore, important. We will use this section to let you know about some words that have special meanings whenever you see them in this Statement.

Let’s start with the word “Statement” itself: when we reference “this Statement”, “this Privacy Statement” and “our Statement”, we mean the Privacy Statement you are reading now. Wherever we say “Company”, “we”, “us”, “our”, or “FComply”, we mean FComply, Inc. or its affiliates, as applicable.

When we talk about our “Online and Mobile Resources”, we mean all websites, portals, applications, software platforms, or other features FComply operates that link to this Statement. FComply also offers certain business-to-business compliance, risk management, verification, marketing, and technology services. When we refer to “Lead Ads and Content” we mean the special types of advertisements and other content, such as whitepapers, forms, email campaigns, downloadable materials, and related resources containing forms or other means for users to provide information showing their interest in the applicable product or service. The term “Affinity Action” means when you “follow” us, “like” us or take a similar or analogous action on our external social media presence.

Finally, and perhaps most importantly, when we refer to “Personal Data” we mean information that identifies or can be used to reasonably identify you, or that is otherwise treated as personal information or Personal Data under applicable laws (for example, IP address, cookie IDs, device IDs). Where information does not qualify as Personal Data under applicable law (e.g., information that has been anonymized, or aggregated), we will not treat it as such.

WHO DOES THIS STATEMENT APPLY TO?

This Statement describes our Personal Data practices regarding the following groups of data subjects:

individuals that visit, use, access, or interact with our Online and Mobile Resources and/or Lead Ads and Content (“Visitors and Users”);
contact persons and representatives of customers of our compliance, verification, technology, advertising, marketing, and lead generation services (“Customer Personnel”); and
contact persons and representatives of our third-party vendors and business partners (“Vendor and Business Partner Personnel”).

The categories of data we collect from each of these groups, and the ways in which we use it, differs.

While our data practices regarding our current and former personnel and job applicants (“Workforce and Job Applicants”) are described in a separate notice and not this Statement, this Statement does explain how those data subjects can exercise their privacy rights under applicable law. With the exception of our DPF Policy and the Cross-Border Data Transfer section, this Statement does not include Personal Data we do not control but may process for our business customers to provide them services.

Our Visitors and Users

This Privacy Statement applies to Visitors and Users of our Online and Mobile Resources and those that interact with our lead generation ads and content including content we may send as part of email campaigns.

Our Customers and Customer Personnel

Our business customers enter into contracts with us. That contract is separate from this Statement and has its own terms and conditions for processing of Personal Data on their behalf and governing our overall confidentiality, data privacy and data security obligations. As a result, those terms, and not this Statement, apply to the Personal Data of business customers that we process for them. However, we independently collect and process for ourselves Personal Data of Customer Personnel, and this Statement covers that. In addition, our DPF Notice and the Cross-Border Data Transfer section covers certain Personal Data of our business customers that we import to the U.S. to process in connection with providing them services.