NextComply Logo
Back to Home
Legal

Privacy Policy

Learn how NextComply collects, uses, and protects your data

Last Updated: November 22, 2025

In Short

We take your privacy seriously. This policy explains what data we collect, how we use it, and your rights regarding your information.

At NextComply, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website and services at nextcomply.ai (the "Service"). Please read this privacy policy carefully. If you do not agree with the terms of this privacy policy, please do not access the Service.

1. Information We Collect

In Short

We collect personal information you provide, device data, and usage analytics to deliver and improve our service.

1.1 Personal Information

We may collect personal information that you voluntarily provide to us when you:

  • Register for an account
  • Use our SOC 2 policy generator tool
  • Subscribe to our newsletter or marketing communications
  • Contact us for support

The personal information we collect may include:

Contact Information

Email address, name

Company Information

Company name, industry, size, tech stack

Account Credentials

Username, encrypted password

User Preferences

Settings, configurations, customizations

1.2 Automatically Collected Information

When you access our Service, we automatically collect:

  • Device Information: IP address, browser type, operating system, device identifiers
  • Usage Data: Pages viewed, time spent, clicks, navigation paths
  • Location Data: General geographic location based on IP address

2. How We Use Your Information

In Short

We use your information to provide our service, improve user experience, send communications, and conduct marketing activities.

We use the information we collect for the following purposes:

  • Service Delivery: To provide, operate, and maintain our policy generation tools
  • Account Management: To create and manage your user account
  • Product Improvement: To understand usage patterns and improve UX
  • Communication: To send service updates, security alerts, and support messages
  • Marketing: To send promotional materials and targeted marketing (you can opt-out)
  • Analytics: To analyze performance and generate business insights
  • Legal Compliance: To comply with legal obligations
  • Security: To detect, prevent, and address security issues

3. Cookies and Tracking Technologies

In Short

We use essential cookies for authentication, preference cookies for settings, and analytics cookies to track usage.

Essential Cookies

  • • Authentication cookies to keep you logged in
  • • Security cookies to protect against fraud

Functional Cookies

  • • Preference cookies to remember your settings

Analytics Cookies

  • • Google Analytics for website traffic analysis
  • • PostHog for product usage tracking

You can manage cookie preferences through your browser settings. Disabling certain cookies may affect functionality.

4. Third-Party Services

In Short

We use trusted third-party services for authentication, analytics, and email delivery.

Google OAuth

For secure account authentication. We receive basic profile info (email, name, profile picture). We don't access your Google password.

Privacy Policy →

Microsoft OAuth

For secure account authentication. We receive basic profile info (email, name, profile picture). We don't access your Microsoft password.

Privacy Policy →

Google Analytics

For website analytics and usage tracking.

Privacy Policy →

PostHog

For product analytics and user behavior tracking.

Privacy Policy →

SendGrid

For email delivery and communications.

Privacy Policy →

5. Data Sharing and Disclosure

In Short

We do not sell your data. We only share with service providers and as required by law.

We may share your information in the following circumstances:

  • Service Providers: With trusted vendors who assist in operating our Service
  • Legal Requirements: When required by law or court order
  • Business Transfers: In connection with a merger or acquisition
  • Protection of Rights: To protect our rights or those of our users
  • With Your Consent: When you explicitly consent

6. Data Security

We implement industry-standard security measures including encryption, access controls, and regular security assessments. However, no method is 100% secure.

7. Data Retention

We retain your data as needed to provide services and comply with legal obligations. Data from free policy generators is retained indefinitely for UX improvements unless you request deletion.

8. Your Privacy Rights

Access

Request your personal data

Deletion

Request data deletion

Opt-Out

Unsubscribe from marketing

Portability

Export your data

Contact us at support@nextcomply.ai to exercise these rights.

9. Children's Privacy

Our Service is not directed to children under 13. We don't knowingly collect information from children under 13.

10. International Users

NextComply is based in the European Union. We comply with EU data protection laws including GDPR.

For users outside the EU, by using our Service, you consent to data transfer and processing in accordance with EU privacy standards.

11. Changes to This Policy

We may update this policy periodically. We'll notify you of material changes via email or through the Service.

12. Contact Us

Get in Touch

If you have questions about this Privacy Policy or our data practices:

Email: support@nextcomply.ai

Company: NextComply

Website: https://nextcomply.ai