What we collect Contact details you submit through our forms, account & audit metadata for platform users, and basic usage/analytics data.
Why To answer enquiries, run demos and pilots, deliver and secure the service, meet legal obligations, and — with permission — stay in touch.
Where it lives In the AWS cloud region you select, isolated per tenant. We name our sub-processors and disclose when our India-based team accesses data.
Your control Access, correct, export, or erase your data; withdraw consent; opt out any time. Regulated GxP records held for customers follow retention law (section 8).
This policy is published in good faith and kept current as our practices evolve. It is undergoing external privacy-counsel review; where a section is marked as under confirmation, the substance describes our current practice and will be finalised in wording, not intent.
1. Scope
This policy explains how Complibued Technologies (“Complere”, “we”) collects and processes personal data through complere.tech and our eQMS services. It covers website visitors, demo / pilot / contact enquirers, and authorised users of the platform.
2. Data we collect
| Category | What it includes |
|---|---|
| Information you provide | Name, business email, company, role, phone, and message content submitted via our demo, pilot, and contact forms. |
| Account data for platform users | Identity, authentication, and audit-trail metadata. |
| Usage data | Pages visited, device / browser, and analytics collected via cookies and Google Tag Manager. |
| Cookies | Strictly-necessary and analytics cookies (see section 9). |
3. How we use it and legal bases (GDPR Art. 6)
To respond to enquiries and provide demos / pilots (legitimate interests / steps prior to contract); to deliver and secure the service (contract); to comply with legal and regulatory obligations (legal obligation); and to send service or marketing communications where permitted (consent or legitimate interests, with opt-out).
| Purpose | Legal basis (GDPR Art. 6) |
|---|---|
| Respond to enquiries; provide demos and pilots | Legitimate interests / steps prior to contract |
| Deliver and secure the service | Contract |
| Comply with legal and regulatory obligations | Legal obligation |
| Service or marketing communications where permitted | Consent or legitimate interests, with opt-out |
4. Sharing and sub-processors
We share personal data only with vetted sub-processors under written data-processing terms, and we do not sell personal data. Our current sub-processors include:
- Amazon Web Services (AWS) — cloud hosting and storage of platform and website data, in the cloud region selected for your tenant.
- Google (Google Apps Script / Google Workspace) — processing of website form submissions (demo, pilot, and contact enquiries).
The complete, maintained sub-processor list — including analytics and email providers and their locations — is available on request via our contact form and is provided with our Data Processing Addendum (DPA). Material changes to sub-processors are notified to customers through the contact channel on file.
5. Data residency and international transfers
On eligible plans you can select the cloud region where your tenant data is stored. Where your data is stored and processed entirely within your selected region, no transfer to a third country occurs. A transfer may still arise where:
- our support or engineering personnel access data from India, where our team operates;
- a sub-processor operates outside your region (see the sub-processor list); or
- disaster-recovery backups are replicated to another region.
In those cases we rely on an adequacy decision where one applies, and otherwise on the EU Standard Contractual Clauses (with the UK Addendum and the Swiss equivalent), a transfer impact assessment, and supplementary technical measures (encryption, access controls).
6. Retention
Enquiry and marketing-contact data is retained while you remain a live prospect and have not opted out — measured from your last engagement (not first contact), so an active contact does not age out — and is reviewed every 12 months; after 36 months of no engagement it is suppressed or deleted. Account and audit data is retained for the term of the customer agreement plus any regulatory retention period, then deleted or returned.
7. Security
We apply administrative, technical, and physical safeguards including encryption in transit (TLS 1.2+) and at rest (AES-256), role-based access control, and logging. Customer data is separated by a database-per-tenant architecture — each customer’s records live in a dedicated database with no shared storage paths between tenants. See our Trust Center for detail.
8. Your rights
Subject to law, you may request access, rectification, erasure, restriction, portability, and objection, and may withdraw consent or lodge a complaint with your supervisory authority (for example, the ICO or your relevant Data Protection Authority). Contact privacy@complere.tech.
How erasure applies:
- Marketing and enquiry data collected via this website: we delete it on request.
- Personal data held within the Complere platform on behalf of a customer: the customer is the data controller, so direct the request to them. Because this data may form part of regulated GxP records (audit trails, electronic signatures, quality records), the right to erasure may be limited or refused where retention is required by law (GDPR Art. 17(3)(b)) or by the customer’s records-retention obligations. Where deletion is not permitted, we apply restriction of processing, or anonymisation where feasible, instead.
The platform prevents silent or unauthorised deletion to protect record integrity (ALCOA+); any lawful, controller-instructed deletion or anonymisation is performed under a governed, audit-logged process. On termination, tenant data is returned or deleted per the agreement.
For California residents, CCPA / CPRA rights to know, delete, correct, and opt-out apply, subject to the statutory exceptions (including legal-compliance and record-keeping).
9. Cookies
We use strictly-necessary cookies and, with consent, analytics cookies. You can manage preferences via our cookie banner or your browser.
10. Children
Our services are for business users; we do not knowingly collect data from anyone under 16.
11. Changes and contact
We will post updates here with a revised date. Questions: privacy@complere.tech.
Our privacy point of contact is Jitendra Dhoot, Founder — privacy@complere.tech. This is our privacy point of contact, not a formal Article 37 Data Protection Officer.
Postal contact:
Complibued Technologies
CYB-6, RIICO Cyber Park, Manohar, 1st Floor, near Saras Dairy, HIA, Basni,
Jodhpur, Rajasthan 342004, India
+91 85608 78560

