(+‪44) 01332 922160‬

iComply365’s Privacy Policy

About Compliant Systems Limited trading as iComply365

Our mission is to simplify compliance by driving out needless cost and complexity.

Our Approach:

  • Help organisations, deploy compliance management platforms capable of managing any number or type of compliance activities. Deliver the platform on Microsoft Office 365 and SharePoint to radically reduce to administrative and user training and on-boarding.
  • Pre-embed compliance-specific content: forms, policies, instructions, examples, training material, standards and controls in the platform – so you don’t have to.
  • Pre-vet off-the-shelf third-party solutions – so you don’t have to.
  • Provide packaged services to do all or part of the compliance work – so you don’t have to.

Your Personal Data (PD) and iComply365

1.    What PD do we collect?

iComply365 collects, uses, discloses, transfers and stores personal data when needed to support various operational and business purposes as described in this Statement.  We will always make sure that any personal data is protected and treated securely. Any information that we process will be held in accordance with the General Data Protection Regulation (GDPR), the Data Protection Act 2018 and other UK or EU data protection legislation.

However, we may collect the categories of data listed below when you:

  • Fill in forms on various iComply365 websites. This includes data provided at the time of registering with us, requesting information about our services, subscribing to our website services, email notifications, making an enquiry through our enquiry form.
  • Carry out a transaction or place an order we us relating to the various events, products or services we offer.
  • Contact our customer support or helplines
  • Interact with iComply365 in your capacity as a business customer, a partner, a supplier, a contractor or any other person with a business relationship with us.
  • Public facing data services like LinkedIn, Facebook and Companies House

Data held


What we hold

Why we need it


Name, email, phone and your enquiry via our ‘Contact Us Form’

IP address/ MAC address when you use the website

your email when you sign up to subscribe for content.

We need your name and contact details in order to answer your enquiry and we process this data with your consent.

We need your IP address and MAC address for security reasons.

We will send subscriber content when you consent for us to do so. You have the right to unsubscribe marketing at any time. If you do choose to unsubscribe, we will keep your name and email address on a suppression list so that we don’t email you again by accident.


In order to provide our services, we collect and process your personal data. We process information about you when you begin using our services and we process it on an on-going basis, should you become a client.

We will process the following:

name, address, phone number, email;

a record of the information that you provide to us;

the date on which you started using our services;

the date on which you ceased to use our services;

a record of any complaints/ compliments made by you and the action taken in respect of any such complain/ compliments.

We need to process PD about our clients in order to provide an effective and high-quality service and to fulfil our legal obligations. We will process your data to:

provide you with the services or information that you have asked for;

keep a record of your relationship with us

send you correspondence and communicate with you;

meet our legal obligations;

respond to or fulfil any requests, complaints or queries that you may have; and

understand how we can improve our services or information;

2.    Our legal basis for processing PD

By law, we need a legal basis for processing the PD of a website user or client. We will process your data using the legal basis of consent, contract, legal obligation and legitimate interests.

  • Contract – Contract is where we either have a contract with you or you wish to enter into a contract with us. For example, we have a contract for our services.
  • Consent – Consent is given where we ask you for permission to use your information in a specific way and you agree to this. Where we use your information for a purpose based on consent, you have the right to withdraw consent for this purpose at any time. For example, you consent to receive subscribed for content by email.
  • Legal obligation – We have a basis to use your personal information where we need to do so to comply with one of our legal obligations. For example, we need to hold your data for seven years due to HMRC requirements.
  • Legitimate interests – We have a basis to use your personal information if it is reasonably necessary for us to do so and in our “legitimate interests” (provided that what the information is used for is fair and does not unduly impact your rights). For example, Sapphire Consulting Group has a legitimate interest to keep your personal data on our systems in order to keep it secure, process it and to provide you with a service. We only rely on legitimate interests where we have considered any potential impact on you, whether or not our processing is excessive and that our processing does not override your rights.

Legal Basis

What we hold


name, address, phone number, email;

a record of the information that you provide to us;

the date on which you started using our services; and

the date on which you ceased to use our services.


your email when you consent to receive subscriber content

 your name, phone, email and message when you submit an enquiry via our ‘Contact Us’ form

Legal obligation

store your records for 7 years after you cease to be a client for HMRC requirements

Legitimate interests

the IP address and the MAC address when you visit our website enables us to keep our website secure

keeping your data in our system in order to keep it secure

your email in a suppression list so that we don’t email you again by accident

the date on which you started using our services;

the date on which you ceased to use our services;

a record of any complaints/ compliments made by you and the action taken in respect of any such complain/ compliments.

3.    How we share and transfer your PD?

iComply365 does not share your personal data to others for the purposes of direct marketing unless you give us your express consent to do so. iComply365 only shares and transfers your personal data as stated below and in accordance with current privacy legislation and best practices. We may share occasionally none personal, anonymised and statistical data with third parties for our own business purposes.

Below are the parties with whom we may share personal information and why:

  • To our third-party contractors and providers which perform certain functions on behalf of iComply365, such as Microsoft our cloud hosting services. These parties only have access to such information as necessary to perform their functions and may not use it for any purpose other than to provide services to us.
  • For any reason if, iComply365 believes it is reasonable to do so, including: to satisfy any laws, regulations, or governmental or legal requests for such information; in the event of a merger, sale, restructure, acquisition, joint venture or assignment to disclose information that is necessary to identify, contact or bring legal action against someone who may be violating our business principles values or other terms and conditions; or to otherwise protect the iComply365 business.

4.    How long do we keep your PD?

iComply365 will retain your personal data for the period of time that is necessary to fulfil the original purposes for which it has been collected. In certain cases, a longer retention period may be required or permitted by law or to allow iComply365 to pursue its business interests, conducting audits, comply with our legal obligations, enforce our agreements or resolve any dispute.

The criteria used to determine our retention periods include:

  • How long is the data needed to provide you with our products or services or to operate our business?
  • If you have an account with us, we will keep your data while your account is active or for as long as needed to provide the services to you.
  • Sometimes we are subject to legal, contractual, or other obligation to retain your data. Examples can include mandatory data retention laws, government regulations to preserve data relevant to an investigation, or data that must be retained for contract or legal reasons.

Examples of retention periods:

  • enquires – 6 months
  • marketing – until you withdraw consent or until we see that you are no longer opening the emails. We review our consents every year.
  • security – 1 year
  • ceasing to be a client – 7 years

5.    Cookies

Cookies are small files of information which save and retrieve information about your visit to this site – for example, how you entered it, how you navigated through it, and what information was of interest to you.

The cookies we use identify you merely as a number.

If you are uncomfortable regarding cookies use, please keep in mind you can disable cookies on your computer by changing the settings in the preferences or options menu in your browser.

Update your preferences

6.    How do we protect and secure your PD?

We follow strict security procedures in the storage and disclosure of information which you have given us to prevent unauthorised access, loss or destruction of your personal data. Most of the PD we hold is with our strategic partner Microsoft (See their Trust-Center info on GDPR protection which we utilise). 

We continually initiate modernisation programmes for our IT infrastructure to further improve our security and adopt privacy by design principles into our business processes.

7.    Other websites

The iComply365 site contains links to other websites. We do not control and is not responsible for the privacy practices or the content of these other websites.

8.    How can you access and control your PD

We are committed to ensuring that you can exercise your right of access and you can control your data.  You have rights in respect of our processing of your personal data which are:

  • To access to your personal data and information about our processing of it. You also have the right to request a copy of your personal data (but we will need to remove information about other people).
  • To rectify incorrect personal data that we are processing.
  • To request that we erase your personal data if:
  • we no longer need it;
  • if we are processing your personal data by consent and you withdraw that consent;
  • if we no longer have a legitimate ground to process your personal data; or
  • we are processing your personal data unlawfully
  • To object to our processing if it is by legitimate interest.
  • To restrict our processing if it was by legitimate interest.
  • To request that your personal data be transferred from us to another company if we were processing your data under a contract or with your consent and the processing is carried out automated means.

If you want to exercise any of these rights, please contact us. If you wish to contact the iComply365 regarding anything relating to your personal data please contact via:

  • customer support on +44 1332 497499
  • or email privacy@iComply365.com
  • our office address: iComply365, The Mansion, Aston Hall Drive, Aston on Trent, Derby. DE72 2DE.

You the right to lodge a formal complaint with a data protection authority which in the UK is the ICO, whose contact link is here.

9.    How do we use your data in marketing?

  • iComply365 may send you regular marketing communications about our products, services and events if you subscribe to them in accordance with relevant marketing laws.
  • You can exercise your right to prevent marketing communications to you by opting-out of them.
  • You can also exercise the right to discontinue marketing communications to you, at any time by using the Privacy request form or via unsubscribe link the mentioned above.

10. Changes to our Privacy Policy

We keep our privacy policy under regular review and we will place any updates on this web page. This privacy policy was last updated on 1st November 2018.

Share on facebook
Share on linkedin