ComplianceOSUK Landlord Platform

Privacy Policy

Last updated: March 2026

1. Who we are

ComplianceOS Ltd ("we", "us", "our") is a company registered in England and Wales. We operate the website www.complianceops.co.uk and the application at app.complianceops.co.uk.

For questions about this policy, contact us at hello@complianceops.co.uk.

2. What data we collect

  • Account data: name, email address, password (hashed)
  • Property data: addresses, UPRN, certificate details (dates, reference numbers, engineer names)
  • Uploaded documents: scanned or photographed certificates (Gas Safety CP12, EICR, EPC)
  • Usage data: pages visited, features used, device and browser type (only with your consent)
  • Payment data: processed by Stripe — we never store your full card details

3. How we use your data

  • To provide the ComplianceOS service — certificate tracking, dashboard, reminders, and compliance packs
  • To extract data from uploaded certificates using AI (Claude API)
  • To send renewal reminders via email and push notifications
  • To process payments via Stripe
  • To improve the service using anonymised, aggregated analytics (only with consent)

4. Cookies and analytics

We use Google Analytics (GA4) and Microsoft Clarity to understand how the site is used. These tools are only loaded after you give consent via the cookie banner. You can withdraw consent at any time by clearing your browser's local storage for this site.

5. Legal basis for processing

  • Contract: processing necessary to provide the service you signed up for
  • Consent: analytics cookies and marketing communications
  • Legitimate interest: service improvement, security, and fraud prevention

6. Data sharing

We do not sell your personal data. We share data only with:

  • Stripe — payment processing
  • Supabase — database hosting and authentication
  • Anthropic (Claude API) — AI certificate extraction (document content only, not linked to your identity)
  • Google / Microsoft — analytics (only with consent)

7. Data retention

We retain your data for as long as your account is active. If you delete your account, we remove your personal data within 30 days. Anonymised analytics data may be retained indefinitely.

8. Your rights

Under UK GDPR, you have the right to:

  • Access the personal data we hold about you
  • Rectify inaccurate data
  • Request erasure of your data
  • Object to or restrict processing
  • Data portability
  • Withdraw consent at any time

To exercise any of these rights, email hello@complianceops.co.uk.

9. Complaints

If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO).