What ComplyScope accesses
+
- ✓ We read the documents you upload or share from your connected folder
- ✓ We extract compliance-relevant content to generate your gap report or register
- ✓ We store document metadata — file name, upload date, classification, and findings
- ✓ We do not store the full content of your documents beyond what is needed to generate your report
What we never do
+
- 🔒 We never use your documents to train AI models
- 🔒 We never share your documents or findings with any third party
- 🔒 We never access folders, files, or systems outside your designated ComplyScope folder
- 🔒 We never retain documents after your account is closed — all data deleted on request
Where your data is stored
+
- ✓ All data is stored on EU-based servers
- ✓ ComplyScope uses Supabase for data storage — EU region, SOC 2 compliant
- ✓ Document files are stored in encrypted storage buckets — accessible only to your account
- ✓ All data in transit is encrypted via HTTPS/TLS
Your rights
+
- ✓ You can request deletion of all your data at any time by emailing hello@complyscope.co.uk
- ✓ You can disconnect SharePoint or OneDrive access at any time from your Microsoft account settings
- ✓ ComplyScope complies with GDPR as a data processor — your organisation remains the data controller
- ✓ A full Data Processing Agreement is available on request — email hello@complyscope.co.uk
Questions about data security?
If your IT team, legal team, or procurement team has specific questions about how ComplyScope handles data — we will answer them directly. Email hello@complyscope.co.uk and we will respond within one working day.
Email us →
ComplyScope identifies gaps in compliance documentation against current UK legislative requirements. It does not constitute approval, sign-off, or verification of compliance. Responsibility for document review and approval remains with the duty holder. ComplyScope operates in accordance with EU AI Act transparency requirements.