Last updated: 26 November 2025
This Privacy Notice explains how Complyr collects, uses, and protects your personal data.
By using our website, platform, app, or services, you accept and agree to the terms outlined below and trust us with your information.
This Privacy Notice applies to all platforms and services operated by Complyr, including our website, the Complyr app (web and mobile), and official linked social media accounts (e.g. LinkedIn, X (Twitter), Facebook).
Ozoomi Ltd T/A Complyr (“Complyr”, “we”, “us”, or “our”) is the data controller responsible for the personal data you share with us when interacting with our website, services, and communications.
Ozoomi Ltd is a company registered in England and Wales with company registration number 15343430. We are also registered with the Information Commissioner’s Office (ICO) as a data controller under registration number ZC039457.
Where we process personal data on behalf of our Clients within the Complyr platform (Platform), we act as a processor. The Client is the controller and determines the purposes and means of processing Client Data. The Client is responsible for providing privacy information to the End Customers and establishing a lawful basis.
This notice is governed by the Data Protection Act 2018 and the UK General Data Protection Regulation (UK GDPR), and it is subject to the laws of England and Wales.
We respect your privacy and are committed to handling your data transparently and lawfully. We do not sell personal data to third parties.
Our Contact Details
Email: dpo@complyr.co.uk
If you require this notice in an alternative format, please contact us.
Your use of the Complyr website and application (the app) is also governed by the following documents. These policies work together to explain how you may access and interact with our services and how we handle your personal data.
Explains how you may use our website and the app and outlines our legal responsibilities to you.
Sets out the rules for acceptable behaviour when using our website and the app.
Explains how we use cookies and similar technologies and how you can manage your preferences.
By continuing to use the website or the app, you confirm that you have read and understood these documents in addition to this Privacy Notice.
Client: means a person or entity that contracts with Complyr for the Service.
Authorised Users: are the Client’s personnel permitted to use the Service.
End Customer: are the Client’s own customers and other individuals to whom the Client provides services
Client Data: means data submitted to, stored in, or processed by the Service on behalf of a Client, including personal data to Authorised Users and End Customers.
Service: means Complyr’s hosted case management software platform and related features selected by the Client, together with any support services.
Platform: means the web application and related interfaces through which the Service is accessed.
Under the UK General Data Protection Regulation (UK GDPR), we rely on one or more of the following lawful basis to process your personal data:
We may collect the following types of personal data:
Complyr does not intentionally collect special category data (e.g. health, ethnicity, political views), but our Clients may upload sensitive data as part of their use of the platform. Whilst we apply strict safeguards to all client-uploaded data, it is the sole responsibility of the client (data controller) to keep information collected by them safe and secure.
We may also collect anonymised or aggregated data for statistical and product development purposes.
We collect data through various channels, including but not limited to:
We process your personal data for the following purposes:
We may monitor or record communications (such as phone calls and emails) for training, fraud prevention, quality assurance, and compliance purposes.
We use cookies and similar technologies to improve your experience on our website and to understand how the website is being used.
For full details and to manage preferences, please see our Cookie Policy linked in the footer. Where required by law, we will request your consent before placing non-essential cookies.
We share personal data with service providers who help us deliver the Services, with professional advisers, and where the law requires it. These may include:
All third parties must fully comply with data protection laws. Data can only be processed on written instructions from Complyr.
We apply administrative, technical and organisational measures appropriate to the risk. These include encryption in transit and at rest, layered access controls, anonymisation where appropriate, and secure storage systems to safeguard data, including sensitive data and client uploaded data. We operate continuous backups with full point-in-time recovery, and data is kept in sync across three data centres to provide a hot standby in case of failure. We run regular vulnerability management and maintain logging and monitoring to detect and investigate security-relevant events. We use a leading cloud provider that holds widely recognised certifications, including ISO 27001 and SOC 2 Type II.
If you are provided with a password or generate one to access parts of our Service, it is your responsibility to keep this password confidential. Please use a strong, unique password, do not share it with anyone, and tell us promptly if you think your account has been compromised.
There may be occasions when your data is transferred to and stored in countries outside the United Kingdom or the European Economic Area, including countries where our third-party providers are based. Where this happens, we use appropriate safeguards such as the UK International Data Transfer Addendum together with the EU Standard Contractual Clauses, or we rely on an adequacy decision where available.
While transmission of information over the internet is not completely secure, we apply strict procedures and security features once data is received to protect against unauthorised access. Access to personal data is subject to confidentiality obligations and regular security training and is limited to people who require it to fulfil their job role.
We retain personal data only as long as needed:
We regularly review our retention schedules and security protocols to ensure compliance with legal and regulatory obligations.
To comply with anti-fraud and anti-money laundering laws, your data may be shared with fraud prevention agencies. If deemed a risk, we may refuse or withdraw services. Records may be retained for up to 7 years or as stipulated by law. This may affect your ability to access services or employment with Complyr or other regulated providers.
We may use your data to:
We rely on consent where required and legitimate interests where appropriate. You can opt out at any time using any of the following methods:
Under the UK GDPR, you have the right to:
To exercise these rights, email dpo@complyr.co.uk with proof of identity. We will respond within one month unless legally extended.
We do not charge a fee unless the request is excessive or unfounded.
If you are dissatisfied, please contact our Data Protection Officer at dpo@complyr.co.uk.
You can also contact the Information Commissioner’s Office (ICO):
Website: https://ico.org.uk/make-a-complaint
Phone: 0303 123 1113
This notice and any dispute or claim arising out of or in connection with it are governed by the laws of England and Wales. The courts of England and Wales have exclusive jurisdiction.
We will update this Notice from time to time and will post the latest version on this page with an updated date.