Audit-IQ RegTech

Privacy Policy

Version 1.2 • Effective: March 2026 • See Legal Changelog

Audit-IQ ("Audit-IQ", "we", "our") is committed to protecting your personal information and maintaining transparency in how we process data. This Privacy Policy explains what data we collect, how we use it, and your rights in relation to that data.

1. Scope & Roles

This Privacy Policy applies to personal data collected through the Audit-IQ website and platform.

Where you create an account directly with Audit-IQ, we act as a data controller for your account and billing information.

Where you upload documents containing personal data on behalf of your organisation, you act as the data controller and Audit-IQ acts as a data processor, processing such data solely to provide the Service.

2. Information We Collect

a. Information you provide

  • Name, email address, company name, and account details
  • Billing and subscription information (processed via Stripe)
  • Documents and materials uploaded for analysis
  • Communications submitted through forms or support requests

b. Usage and technical data

  • IP address and device information
  • Browser type and operating system
  • Platform usage activity and feature interactions
  • Log files for performance monitoring and troubleshooting

c. Cookies

We use essential cookies to maintain secure sessions and enable platform functionality. We do not use advertising or third-party tracking cookies.

3. Legal Basis for Processing

We process personal data based on one or more of the following grounds:

  • Performance of a contract (providing access to the Service)
  • Legitimate interests (improving security, reliability, and product performance)
  • Compliance with legal obligations
  • Your consent (where required)

4. How We Use Your Information

We process data to:

  • Provide, operate, and maintain the platform
  • Process uploaded documents using AI systems
  • Respond to demo, sales, or support requests
  • Improve service accuracy, security, and performance
  • Communicate product updates and administrative notices
  • Prevent fraud, misuse, and unauthorised access

We do not sell personal data and do not use your content for advertising purposes.

5. Document & AI Processing

Documents uploaded to Audit-IQ are processed securely to generate regulatory insights, obligation extraction, and workflow outputs.

  • Customer content is processed only to provide the Service.
  • Customer content is not used to train external AI models.
  • Access to content is restricted to authorised systems and personnel.
  • We apply technical safeguards to protect data in transit and at rest.

6. Data Sharing & Subprocessors

We may share limited data with trusted service providers strictly for operating the Service, including:

  • Cloud hosting and infrastructure providers
  • AI infrastructure providers
  • Payment processors (Stripe)
  • Email delivery services
  • Security and monitoring tools

All subprocessors are bound by contractual confidentiality and security obligations. A current list of subprocessors is available on our Subprocessors page.

7. International Data Transfers

Depending on your location and our infrastructure providers, personal data may be processed in countries outside your jurisdiction. Where required, we implement appropriate safeguards to ensure lawful and secure cross-border data transfers.

8. Data Retention

We retain personal data only as long as necessary to:

  • Provide the Service
  • Comply with legal obligations
  • Resolve disputes and enforce agreements

Account information is retained while your account remains active. Uploaded documents may be deleted after account termination or upon verified request, subject to legal requirements.

9. Your Rights

Subject to applicable law, you may:

  • Request access to your personal data
  • Request correction of inaccurate data
  • Request deletion of personal data
  • Object to or restrict certain processing
  • Withdraw consent where processing is based on consent

Requests may be submitted to founder@audit-iq.com.

10. Security

We implement reasonable technical and organisational measures to protect personal data, including:

  • Encrypted transmission (HTTPS)
  • Access controls and authentication safeguards
  • Infrastructure-level security controls
  • Monitoring and logging

Additional details are available on our Security page.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect regulatory changes or product updates. Where changes are material, we will provide notice through the platform or by email.

12. Contact

Audit-IQ is the data controller for personal data collected directly through the platform.

For privacy-related questions or requests:
📧 founder@audit-iq.com