Privacy Policy
Last updated: February 27, 2026
1. Who We Are
PayComply ("we", "us", "our") operates the paycomply.eu website and provides EU Pay Transparency Directive compliance tools. This policy explains how we collect, use, and protect your data.
2. Data We Collect
2.1 Account Data
When you create an account, we collect your email address and company name.
2.2 Uploaded Employee Data
When you upload compensation data for analysis, files are processed in memory on our servers. We do not permanently store uploaded employee data. Files are deleted immediately after analysis is complete and results are returned to your browser.
2.3 Analysis Results
Aggregated, anonymized analysis results (compliance scores, category-level pay gap statistics) may be stored in your account for your reference. No individual employee data is retained.
2.4 Usage Data
We collect standard web analytics data (page views, device type, browser) to improve our service. We do not use third-party tracking cookies.
3. How We Use Your Data
- To provide compliance analysis and generate reports
- To send you service-related communications
- To improve our platform and user experience
- To process payments (via Stripe — we never see your full card number)
4. Data Processing — AI Classification
Job titles from your uploaded data may be sent to OpenAI's API for classification into standardized categories. Only job title strings are transmitted — no salary data, employee names, or other personal information. OpenAI does not use API inputs for training. See OpenAI's data usage policy.
5. Legal Basis (GDPR Art. 6)
- Contract performance — processing your data to deliver the service you requested
- Legitimate interest — improving our platform and preventing abuse
- Consent — for marketing communications (opt-in only)
6. Data Retention
- Account data: retained while your account is active, deleted within 30 days of account closure
- Uploaded files: deleted immediately after processing (not stored)
- Analysis results: retained for your reference, deletable on request
- Payment records: retained for 7 years per Swedish accounting law
7. Your Rights
Under GDPR, you have the right to:
- Access your personal data
- Rectify inaccurate data
- Request erasure ("right to be forgotten")
- Restrict processing
- Data portability
- Object to processing
To exercise these rights, email us at privacy@paycomply.eu.
8. Sub-Processors
| Provider | Purpose | Location |
|---|---|---|
| Vercel | Hosting | EU / US |
| Stripe | Payments | EU / US |
| OpenAI | Job title classification | US |
9. Security
All data is transmitted over HTTPS/TLS. We follow industry-standard security practices. Employee compensation data is processed in-memory only and never written to disk on our servers.
10. Contact
PayComply
Email: privacy@paycomply.eu
Stockholm, Sweden