Privacy Policy

Last updated: 20 February 2026

ComplianceLayer provides regulatory intelligence for informational purposes only. Nothing on this site constitutes legal advice. This privacy policy explains how we collect and handle personal data when you use compliancelayer.eu.

1. Who we are

ComplianceLayer operates compliancelayer.eu — an EU regulatory intelligence hub that monitors the legislative pipeline and translates it into plain language for compliance teams and businesses. We can be reached at hello@compliancelayer.eu.

2. What data we collect and why

We collect personal data only when you actively provide it through one of the following:

Weekly briefing sign-up: Email address — to send you our weekly EU regulatory intelligence digest.
Tracker download: Email address — to deliver the EU Compliance Deadline Tracker PDF and follow up with relevant updates.
Any other form on compliancelayer.eu: Email address — for the stated purpose of that form.

We collect only what is necessary. We do not ask for names, company details, or any information beyond email unless a specific form requires it for a stated purpose.

We never sell or share your data with third parties for marketing purposes.

3. Legal basis (GDPR Article 6)

We process your personal data on the following legal bases:

Consent (Art. 6(1)(a)): By submitting a form, you consent to us processing your email address for the stated purpose.
Legitimate interest (Art. 6(1)(f)): To deliver the content or resource you requested and to send related regulatory updates that are directly relevant to why you signed up.

4. How we store your data

Location: EU servers — we use Netlify with EU datacenter configuration. Form submissions are stored within Netlify's EU infrastructure.
Retention period: 24 months from your last interaction with us. You may request deletion at any time.
Security: HTTPS encryption on all pages, access controls on form data, and regular backups.

5. Your rights under GDPR

You have the following rights regarding your personal data:

Right of access: Request a copy of the data we hold about you.
Right to rectification: Ask us to correct inaccurate data.
Right to erasure: Request deletion of your data at any time.
Right to restriction: Ask us to limit how we process your data.
Right to object: Object to processing based on legitimate interest.
Right to data portability: Receive your data in a structured, machine-readable format.
Right to withdraw consent: Unsubscribe or withdraw consent at any time — every email includes an unsubscribe link.

To exercise any of these rights, email us at: hello@compliancelayer.eu

6. Cookies

compliancelayer.eu does not use tracking cookies or third-party analytics cookies. We use only technically necessary session behaviour to make forms function. No cookie consent banner is required because we do not set non-essential cookies.

7. Third parties with access to your data

We share data only with the following processors, each under a Data Processing Agreement:

Netlify, Inc.: Hosting and form submission storage. GDPR-compliant, EU server configuration. Netlify GDPR policy →
Email delivery provider: Used to send confirmation emails and weekly briefings. EU-based processing.

8. International data transfers

Your data is processed exclusively within the European Economic Area (EEA). We do not use services outside the EU that have access to your personal data.

9. Changes to this policy

We may update this policy as our services evolve. The most recent version is always at this URL, with the date of last update at the top.

10. Contact and complaints

Privacy questions:
Email: hello@compliancelayer.eu
Website: compliancelayer.eu

To file a complaint:
If you believe we have not handled your data correctly, you have the right to lodge a complaint with your national data protection authority. In the Netherlands: Autoriteit Persoonsgegevens. You can also contact the supervisory authority in your country of residence.