PRIVACY POLICY

1.Information We Collect

2.How We Use Your Information

We use collected information to:

• Provide, operate, and maintain the Service
• Authenticate users and manage accounts, subscriptions, and billing
• Generate suggested auto-populated fields, suggested inspection schedules, suggested deadlines, suggested notifications, and other automated outputs that users are required to independently verify before relying upon them
• Retrieve site-relevant weather and precipitation data from third-party providers
• Process payments through third-party payment processors
• Improve performance and functionality
• Communicate service-related notices, security alerts, and customer support
• Send marketing communications (you may opt out at any time)
• Detect, investigate, and prevent fraudulent, unauthorized, or illegal activity
• Comply with legal obligations and protect our rights

3.How We Share Information

We do not sell personal information and we do not share personal information for cross-context behavioral advertising. We share information only in the following circumstances:

A current list of our principal subprocessors is available upon request at support@complystorm.com.

4.Data Security

We implement reasonable administrative, technical, and physical safeguards designed to protect your information against unauthorized access, disclosure, alteration, and destruction. These include encryption in transit, access controls, and routine monitoring. However, no system or method of transmission is completely secure, and we cannot and do not guarantee absolute security.

You are solely responsible for:

• Safeguarding your account credentials
• Keeping your devices and software up to date
• Notifying us promptly of any unauthorized use or suspected breach
• Maintaining your own backups of Customer Data

ComplyStorm is not responsible for unauthorized access resulting from compromised email accounts, forwarding of report emails or download links, or improper handling of downloaded files by recipients. ComplyStorm is not liable for any unauthorized access to, alteration of, or loss of information except to the extent caused by our gross negligence or willful misconduct, and only to the maximum extent permitted by applicable law.

5.Data Retention

We retain personal information and Customer Data for as long as your account is active, as needed to provide the Service, and as required to comply with legal, regulatory, tax, accounting, audit, and reporting obligations. Inspection records and reports may be retained for the period required by applicable environmental laws and the customer's recordkeeping policies.

Generated reports may remain accessible via secure download links for a limited period (e.g., up to 18 months) as determined by ComplyStorm. ComplyStorm reserves the right to modify retention periods at its discretion. After this period, ComplyStorm may delete data in accordance with its data retention policies, unless otherwise required by law.

ComplyStorm is not obligated to retain data indefinitely following account termination.

6.Your Rights

Subject to applicable U.S. law, you may request:

• Access to your personal information
• Correction of inaccurate or incomplete information
• Deletion of your personal information, subject to legal retention requirements and our right to retain information necessary to defend legal claims, comply with law, or maintain an audit trail of inspection activities
• To opt out of marketing communications (you may unsubscribe using the link in any marketing email; transactional communications will continue)

To submit a request, email support@complystorm.com. We will respond within the timeframe required by applicable law. We may require verification of your identity before processing your request. If you use the Service through an organizational account, you may need to direct your request to that organization.

7.Third-Party Links and Services

The Site and Service may contain links to third-party websites or integrate with third-party services (such as weather providers, mapping services, payment processors, and email clients). ComplyStorm is not responsible for the privacy practices, content, accuracy, or availability of any third-party service. Your use of third-party services is subject to those providers' privacy policies and terms.

8.Children's Privacy

The Site and Service are intended for business use by adults and are not directed to children under the age of 13. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will take appropriate steps to delete it.

9.Changes to This Policy

We may update this Privacy Policy periodically. When we make material changes, we will post the updated policy on the Site with a revised effective date and, where appropriate, notify you by email or in-Service notice. Your continued use of the Site or Service after the effective date constitutes your acceptance of the updated Policy. If you do not agree to a change, your sole remedy is to stop using the Service.