Effective date: 26 February 2026 · Last updated: 26 February 2026
complit. is a compliance consulting firm operated by COMplit Consulting ("[Registered legal name]", "we", "us", or "our"), specialising in high-risk fintech sectors including Cryptocurrency, iGaming, Payments, and Forex. Our website is available at https://complit.me (the "Site").
For the purposes of EU data protection law — in particular the General Data Protection Regulation (EU) 2016/679 ("GDPR") — COMplit Consulting is the data controller of personal data collected through this Site.
To contact us regarding data protection matters, please use the contact form on the Site or email us at the address indicated in Section 13.
When you submit a contact form or send us an enquiry, we collect:
When you visit the Site, our infrastructure automatically processes certain technical data, including:
We use a minimal server-side session (stored in Cloudflare KV) to maintain the functional state of your visit, such as your language preference. This session does not identify you personally and contains no sensitive data.
Please see Section 5 for our full cookie information.
We process personal data only where we have a lawful basis under Article 6 GDPR:
We do not carry out automated decision-making or profiling that produces legal or similarly significant effects.
We do not sell, rent, or share your personal data with third parties for their own marketing or commercial purposes.
We use a strictly minimal set of cookies required for the Site to function. We do not use advertising cookies, tracking pixels, or analytics services such as Google Analytics or Meta Pixel.
| Cookie | Type | Purpose | Duration |
|---|---|---|---|
| __session | Strictly necessary | Server-side session (language preference, form state) | Session |
| __cf_bm | Strictly necessary | Cloudflare bot management and DDoS protection | 30 minutes |
Because we place only strictly necessary cookies, a consent banner is not required under the ePrivacy Directive. You may configure or block cookies via your browser settings; however, certain Site functionality may be affected.
We engage the following sub-processors who may process personal data on our behalf:
| Provider | Purpose | Safeguards |
|---|---|---|
| Cloudflare, Inc. | Edge hosting, CDN, DDoS protection, KV session storage | EU SCCs + Cloudflare Data Processing Addendum |
| Email provider | Delivery of correspondence arising from contact enquiries | DPA with provider; EU/EEA hosting where possible |
We enter into data processing agreements with all sub-processors and require them to implement appropriate technical and organisational security measures.
Cloudflare, Inc. is headquartered in the United States. Transfers of personal data to Cloudflare are governed by Standard Contractual Clauses (SCCs) approved by the European Commission under Article 46(2)(c) GDPR, supplemented by Cloudflare's technical and organisational security measures.
We do not transfer personal data to third countries beyond those described above. Where any additional transfer becomes necessary, we will ensure an equivalent level of protection is in place prior to transfer. Copies of applicable SCCs are available on request.
We retain personal data only as long as necessary for the purposes for which it was collected or as required by law:
After the applicable retention period, data is securely deleted or irreversibly anonymised.
If you are located in the EU/EEA, you have the following rights under GDPR:
To exercise any of these rights, contact us via the form on the Site or at the address in Section 13. We will respond within one calendar month (extendable by two further months for complex or numerous requests, with prior notice).
You also have the right to lodge a complaint with your national data protection supervisory authority. A list of EU supervisory authorities is available at edpb.europa.eu.
We implement appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, or destruction, including:
No transmission over the internet is 100% secure. In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the competent supervisory authority within 72 hours and, where required by Art. 34 GDPR, notify affected individuals without undue delay.
This Site is not directed at children under 16 years of age. We do not knowingly collect personal data from minors. If you believe we have inadvertently collected data from a child, please contact us and we will delete it promptly.
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. Material changes will be signalled by updating the "Last updated" date at the top of this page. We encourage you to review this page periodically. Continued use of the Site after changes are posted constitutes acceptance of the updated Policy.
Data Controller:
COMplit Consulting
[Registered address]
[Jurisdiction]
For data protection enquiries, to exercise your rights, or to report a concern, please use the contact form on the Site or email: privacy@complit.me