1. Controller information
Data Compass Collective ("we", "us", "our") operates the CBDataComplHub. We provide this privacy notice to explain how we collect, use, and safeguard your personal data when you interact with our digital properties or collaborate with our teams.
2. Data we collect
Account & communication data
Name, work email, company, role, and communication preferences when you subscribe or request access to protected resources.
Usage analytics
Device, browser, region, and on-site actions captured via privacy-centric analytics to improve experience without profiling.
We do not intentionally collect special category data. If you submit such data, you are responsible for ensuring lawful disclosure and minimization.
3. How we use personal data
- Deliver newsletters, regulatory updates, and content you request.
- Respond to inquiries, arrange consultations, and manage client engagements.
- Analyze platform performance, maintain security, and prevent misuse.
- Comply with legal obligations and enforce our agreements.
4. Lawful bases for processing
Depending on your jurisdiction, we rely on consent (for newsletters), legitimate interests (to operate and secure the service), and contractual necessity (for client projects). Where required, we will obtain explicit consent or enter into data processing agreements.
5. Data sharing & transfers
We may share personal data with trusted service providers, analytics partners, and legal advisors bound by confidentiality. When data leaves the origin jurisdiction, we implement safeguards such as Standard Contractual Clauses, Transfer Impact Assessments, and technical controls aligned with regulatory expectations.
6. Retention
We retain personal data only for as long as necessary to fulfill the purposes outlined above or meet legal requirements. Subscription data is removed upon opt-out, and inquiry data is retained for up to 24 months unless a client relationship is established.
7. Your rights
You may request access, rectification, deletion, restriction, or portability of your personal data, and you may object to processing or withdraw consent at any time. We respond to verified requests within 30 days (or the statutory timeframe applicable to your jurisdiction).
8. Security
We implement encryption in transit, role-based access controls, continuous monitoring, and vendor due diligence to protect personal data. Incident response plans align with global breach notification requirements.
9. Updates to this notice
We may revise this privacy policy to reflect regulatory updates or service enhancements. We will post the updated date and, where material, provide advance notice through our newsletter or in-app messages.
Contact
Privacy inquiries can be directed to masontanisharenee@gmail.com. EU/UK representatives and DPO contact information is available upon request.