ComplianceOSComplianceOS

Privacy Policy

Last updated: March 21, 2026

1. Introduction

ComplianceOS ("we", "our", or "the Platform"), operated by K2S Consulting, provides a cloud-based multi-country compliance management platform for company secretaries, tax consultants, and finance teams. This Privacy Policy explains how we collect, use, store, and protect your information when you use our services.

2. Information We Collect

We collect the following types of information:

  • Account Information: Name, email address, phone number, and organization name provided during registration or demo requests.
  • Business Data: Company records, compliance filings, tax returns, invoices, documents, and regulatory data that you enter into the platform.
  • Financial Information: Tax identifiers (GST, VAT, TIN, ABN), billing information, and ERP integration credentials you configure.
  • Usage Data: Log data, device information, browser type, and pages visited to improve our services.

3. Data Isolation & Security

Each organization's data is stored in a completely segregated, encrypted database. No other organization using ComplianceOS can view, access, or interact with your data. K2S Consulting is ISO 27001 and ISO 9001:2015 certified. We implement industry-leading security measures including:

  • Encrypted data transmission (TLS/SSL)
  • Database-level isolation per organization
  • Encryption at rest for all stored data
  • Role-based access controls within your organization
  • Full audit trail on every action
  • Automated backups with point-in-time recovery

4. How We Use Your Information

  • To provide and maintain the Platform services
  • To process demo requests and communicate with you
  • To generate compliance documents, filings, and reports on your behalf
  • To send deadline reminders, alerts, and transactional emails
  • To facilitate ERP integrations and data imports you configure
  • To improve and optimize the Platform

5. Data Sharing

We do not sell, trade, or rent your personal or business data to third parties. We may share information only in the following circumstances:

  • With your explicit consent
  • To comply with legal obligations or court orders
  • With service providers who assist in operating the Platform (e.g., cloud hosting, email delivery), under strict confidentiality agreements
  • With ERP providers only when you explicitly connect an integration

6. Data Residency & Compliance

We comply with applicable data protection regulations including GDPR, and support data residency requirements. Your data is hosted on secure cloud infrastructure and is not transferred across jurisdictions without your knowledge.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide services. If you request account deletion, we will remove your data within 30 days, except where retention is required by law or regulatory obligations.

8. Your Rights

You have the right to:

  • Access and download your data
  • Request correction of inaccurate information
  • Request deletion of your account and data
  • Withdraw consent for non-essential communications
  • Request a copy of your data in a portable format

9. Cookies

We use essential cookies for authentication and session management. We do not use third-party tracking or advertising cookies.

10. Contact

For privacy-related inquiries, contact us at hello@k2s.co.