COMPLIANCEWORXS
Defensible decisions, before inspection.
 Return to home
🔒 Legal

Privacy Policy

How ComplianceWorxs collects, processes, and protects information on the inspection intelligence and decision authorization platform.

Effective Date: March 14, 2026

✓ No Data Selling ✓ No AI Training on Customer Data ✓ International Transfer Safeguards ✓ User Rights

1. Information We Collect

ComplianceWorxs collects information necessary to operate the platform and provide the Services.

Account Information

When users create an account we may collect:

  • name
  • email address
  • organization name
  • account credentials

Compliance-Related Information

Users may submit compliance-related descriptions through the platform, including:

  • descriptions of compliance decisions
  • inspection preparation information
  • deviation or investigation summaries
  • compliance documentation context

Users should avoid submitting confidential regulatory documentation unless authorized by their organization.

Usage Information

We collect operational information including access timestamps, platform feature usage, session activity, and system interaction logs.

Technical Information

We collect limited technical data for security and performance purposes including IP address, browser type, device type, and operating system.

2. AI-Assisted Processing

Certain features of the ComplianceWorxs platform use artificial intelligence to analyze user inputs and generate documentation outputs.

AI-assisted processing may include:

  • compliance scenario analysis
  • inspection intelligence explanations
  • documentation generation
  • structured decision authorization outputs

User inputs may be processed by AI service providers solely for the purpose of delivering platform functionality.

AI Training Restriction

ComplianceWorxs does not permit customer data to be used to train public AI models. Customer-submitted compliance information is not used for model training.

3. How We Use Information

Information collected through the platform may be used to:

  • provide and maintain the Services
  • generate platform outputs and analysis
  • improve platform functionality
  • monitor security and prevent misuse
  • respond to support requests

We do not sell customer data.

4. Compliance Data and Regulatory Documentation

ComplianceWorxs is designed to assist organizations with understanding inspection expectations and documenting compliance decisions.

Organizations remain responsible for determining what information may be uploaded to the system and ensuring compliance with internal data governance policies.

The platform is not intended to store regulated records requiring validated system controls unless validated by the customer organization.

5. Support for Regulated Environments

ComplianceWorxs is designed to support documentation practices aligned with electronic records principles described in FDA 21 CFR Part 11 and similar regulatory frameworks.

However, each organization remains responsible for determining whether the platform must be validated within its own regulatory environment.

ComplianceWorxs does not represent that the system is automatically validated for any specific organization's regulatory requirements.

6. Healthcare Data

ComplianceWorxs is not designed to store or process Protected Health Information (PHI).

Users should not submit PHI unless a separate Business Associate Agreement (BAA) has been executed.

7. Data Security

ComplianceWorxs implements commercially reasonable technical safeguards designed to protect user information.

Security measures may include:

  • encryption in transit using TLS
  • encryption of stored data where appropriate
  • controlled system access
  • infrastructure monitoring
  • security incident response procedures

No system can guarantee absolute security.

8. Data Retention

ComplianceWorxs retains information only as long as necessary to provide the Services.

Retention practices include:

  • account data retained while accounts remain active
  • usage logs retained for security and system integrity
  • compliance descriptions retained for platform functionality

Users may request deletion of their account data where permitted by law.

ComplianceWorxs may retain anonymized platform analytics data for service improvement.

9. Third-Party Service Providers

ComplianceWorxs uses trusted third-party service providers to deliver the Services. These may include:

  • cloud infrastructure providers
  • payment processing services
  • email delivery providers
  • analytics services
  • artificial intelligence service providers

Third-party providers process data only to deliver platform functionality. Where required, these providers operate under contractual data protection obligations.

A list of subprocessors may be provided upon request.

10. International Data Transfers

ComplianceWorxs may process data using infrastructure located in multiple jurisdictions.

When personal data is transferred internationally, we implement appropriate safeguards designed to protect that information in accordance with applicable law.

11. User Rights

Depending on jurisdiction, users may have rights regarding their personal data, including:

  • the right to access data
  • the right to request correction
  • the right to request deletion
  • the right to object to certain processing

Requests may be submitted using the contact information below.

12. Cookies and Analytics

The ComplianceWorxs website may use cookies or similar technologies to improve site functionality, understand site usage patterns, and measure performance of platform features.

Users may manage cookie preferences through browser settings.

13. Security Incidents

If a security incident affecting personal data is identified, ComplianceWorxs will respond in accordance with applicable legal requirements and internal incident response procedures.

14. Children's Privacy

The Services are intended for professional use by adults.

ComplianceWorxs does not knowingly collect information from individuals under 18 years of age.

15. Changes to This Policy

We may update this Privacy Policy periodically.

Updates will be posted on this page and reflected by an updated effective date.

Continued use of the Services after changes indicates acceptance of the updated policy.

16. Contact Information

Privacy inquiries and data subject requests may be directed to:

We respond to all privacy inquiries within 30 days, or sooner as required by applicable law.

Questions About Your Data?
If you have questions about how we handle your data, or need information about subprocessors or data processing agreements, contact us at privacy@complianceworxs.com.