ComplianceMetrix (CMX) Privacy Policy

Last Updated: June 8th, 2021

Your privacy is very important to us. This privacy policy (this “Privacy Policy”) discloses how Compliancemetrix Inc. (“ComplianceMetrix”, "CMX", “we”, and “us”) collects, protects, uses and shares information gathered about you. ComplianceMetrix respects the privacy of our customers and other visitors to our websites who may choose to provide personal information. We recognize the need for appropriate protections and management of personal information that you provide to us. This Privacy Policy will assist you to understand what types of information we may collect, how that information may be used, and with whom the information may be shared.

This Privacy Policy explains ComplianceMetrix’s practices regarding the information collected online from users of the ComplianceMetrix public website located at and any website or service controlled by ComplianceMetrix.

In an effort to comply with the law, and our commitment to protect your personal information, we provide the following, which discloses our policies.


Collection and Use of Customer Information

Personal Information is defined as any information concerning the personal or material circumstances of an identified or identifiable individual. Personal Information shall include but is not limited to: name, home address, home telephone number, email address, Social Security Number and/or Identification Number, financial information and employment related information such as may be found on resumes, applications, background verification information, or in employment references.

ComplianceMetrix collects Personal Information when a customer or user provides it to us. In order to adequately address a customer’s concern, their Personal Information may be shared with our employees as far as necessary to enable the customer’s concerns to be addressed. We may also collect Personal Information that is necessary for our legitimate interests, which will be disclosed to you at the time of collection. ComplianceMetrix will use this information for the purposes of which it was collected.

ComplianceMetrix will collect Personal Information when you contact ComplianceMetrix. In the future, one of our employees or current or future affiliates may use this information to contact you regarding products or promotions, as well as other products and services, which may be of interest to you. If you do provide us with Personal Information we may use the information to contact you, via e-mail, regular mail, telephone or other means, to provide you with information that you requested about specific products or services, provide additional future information about products or services that may be of interest to you, and to learn about and develop products and services. If you do not want this information disclosed you may “opt out” of future contacts at any time by contacting the Privacy Officer, in writing, as described below in the section titled “Contact Information.”


Technology – Internet Users

In addition to Personal Information, we use data collection devices such as “cookies” on certain web pages to help analyze our web page flow and measure promotional effectiveness. Cookies are pieces of information a website sends to an individual’s hard drive while they are viewing the website. Cookies allow the website to remember important information that will make your visit to the site more useful. We use cookies to help improve your future visits. If you do not wish to receive a cookie or if you wish to set your browser to warn you each time a cookie is being sent, or if you wish to turn off all cookies, use the options on your browser to assist you. The “Help” option on your browser may assist you in changing your cookie preferences. Please note that by turning cookies off, you will not have access to many features available on our website.

We do not respond to browser-based “do not track” signals. Currently, we do not have any third party sites who push content to our site. We use Google Analytics on our site. Google Analytics is a web analytics service provided by Google. Google Analytics uses cookies to collect anonymous traffic data to help us analyze how users use the website. The information generated by a cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the site, compiling reports on site activity for us and providing other services relating to site activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. By using the website, you consent to the processing of data about you by Google in the manner and for the purposes described in this policy. If you have concerns relating to the usage of Google Analytics, it is possible to block Google Analytics by installing a plug-in to your browser. A plug-in for the most common browsers can be found here:


Children and Data Collection

ComplianceMetrix adheres to the federal privacy protection standards as stated in the Children’s Online Privacy Protection Act (“COPPA”). We care about the safety of children. You should not use our website or Service it you are under 13. We will not knowingly allow anyone under 13 to provide us any personally identifying information. Children under 13 years of age are required to obtain the express permission of a parent or guardian before submitting any Personal Information about themselves (such as their names, e-mail address, and phone number) over the Internet. If a child has provided us with personally-identifiable information without the consent of a parent or guardian, the parent or guardian of that child should contact the Privacy Officer immediately at We will promptly delete the child’s information from our servers.


Our Use of Your Personal Information

We primarily use your Personal Information to facilitate the services you request. We also use your Personal Information as described in this Privacy Policy or as otherwise disclosed to you on our website. For example, we may use your Personal Information:

  • To operate and improve our site or services;
  • To fulfill your requests for certain products or services;
  • To better understand your needs and provide you with more customized service;
  • To communicate with you about the site or our products and services;
  • To respond to any questions or concerns that you may have;
  • For market research or project planning;
  • For troubleshooting problems or detecting and protecting against errors;
  • To prevent fraud or other criminal activity; or
  • To fulfill other legitimate purposes permitted by applicable law.

Sharing of Personal Information

We may share Personal Information with our service providers, consultants and current or future affiliates for our internal business purposes and in order to provide you the services (i.e., providing hosting services, marketing assistance, analyzing user data, processing payment card information, and for other legitimate purposes permitted by applicable law). Except as described in this Privacy Policy, ComplianceMetrix will not share Personal Information with a third party, unless a customer requests, consents to such disclosure, or disclosure is required or authorized by law. ComplianceMetrix reserves the right to disclose Personal Information to a third party if a law, regulation, search warrant, subpoena, or court order legally requires or authorizes us to do so. ComplianceMetrix also reserves the right to disclose and/or transfer Personal Information to a third party in the event of a proposed or actual purchase, sale, lease, merger, amalgamation or any other type of acquisition, disposal, or financing of all or any portion of ComplianceMetrix or of any of the business or assets or shares of ComplianceMetrix or a division thereof in order for a customer to continue to receive the same products and services from the third party.

Personal Information may be provided to a courier or freight forwarder to fulfill an order, which may have been requested from us.

ComplianceMetrix collects information and data on how the website and services are used by visitors and customers (such as, but not limited to, demographic information,  search terms used or how customer perform searches and information about the platform and workflow) (the “Usage Data”) and reserves the right to disclose to use, modify, and share such Usage Data in its discretion. CMX owns all Usage Data.  In the event any personally identifiable information, data, or content is anonymized, ComplianceMetrix and its agents, subcontractors and licensors may use and share such anonymized information without restriction in accordance with local laws.



We endeavor to protect your Personal Information using reasonable measures appropriate to the sensitivity of the information in our control. These measures include safeguards to protect Personal Information against loss or theft, as well as unauthorized access, disclosure, copying, use and modification.

We safeguard your Personal Information on the Internet by using industry-standard practices. Although “guaranteed security” does not exist either on or off the Internet, we make reasonable efforts to make the collection and security of such information consistent with our Privacy Policy and all applicable laws and regulations.

You may report security incidents & concerns by contacting


Storage, Retention, and Accuracy of Personal Information

ComplianceMetrix retains your Personal Information:

  • For so long as your account is active or as needed to provide you with services or to fulfill our contractual obligations;
  • As necessary to comply with our legal obligations, resolve disputes, and enforce our agreements; and
  • For so long as is necessary for the purposes for which we collected such Personal Information.

Contact Information

You may contact the Privacy Officer to access, correct or delete your Personal Information. If necessary, the Privacy Officer will contact another individual to assist in completing your requested task.

If you have any questions or complaints, please contact the Privacy Officer. The Privacy Officer can be reached by telephone at: 888-866-8888 by email at: or by mail at ComplianceMetrix Inc., 4180 La Jolla Village Drive, Suite 570, San Diego CA 92037. We will address your concern and attempt to resolve any problem.


Links to Non-FWH Web Sites and Third Parties

Please note that websites may contain links to other websites for your convenience and information. ComplianceMetrix does not control those sites or their privacy practices, which may differ from ComplianceMetrix’s privacy policy cannot and does not apply to external websites. We do not endorse or make any representations about third party websites. The personal data you choose to give to unrelated third parties is not covered by the ComplianceMetrix privacy policy. We encourage you to review the privacy policy of any company or website before submitting your Personal Information. Some third parties may choose to share their personal data with ComplianceMetrix; that sharing is governed by that third party company’s privacy policy.


European Economic Area Visitors

In accordance with applicable laws, you may have the right to request access to, rectification, and erasure of your Personal Information; restriction of processing of Personal Information; objecting to certain processing of Personal Information; and the right to data portability. Where any processing of Personal Information is solely dependent upon your consent, you have the right to withdraw such consent at any time (For example, we suggest by using the unsubscribe link contained in an applicable marketing message or emailing us at Where you believe that we have not processed your Personal Information in accordance with applicable laws, you may lodge a complaint with the respective supervisory authority or data protection regulator. The provision of Personal Information by you will be for contractual, marketing, analytical purposes, or other purposes as referred to in this Privacy Policy. We may withhold information where the search for that information would require disproportionate effort or have a disproportionate effect to, for example, the cost of providing the information, the time it would take to retrieve the data, or how difficult it may be to obtain the information requested. To exercise your rights under these provisions, please contact us at the “Contact” details below.  When we receive your requests, we may ask you to verify your identity before we can act on your request.


International Users

By using the website and service, you will transfer data to the United States.

If you are visiting from the European Union or other regions with laws governing data collection and use, please note that you are agreeing to the transfer of your information to the United States and processing globally. By providing your information you consent to any transfer and processing in accordance with this Privacy Policy.


Privacy Shield

ComplianceMetrix complies with the US-EU Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information from individual customers in the European Union member countries. ComplianceMetrix’s participation in the Privacy Shield applies to all personal data that is subject to this policy and is received from the European Union, European Economic Area, and Switzerland. ComplianceMetrix is responsible for the processing of such personal data it receives under the Privacy Shield Framework and subsequent transfers to a third party acting as an agent on its behalf.  In particular, ComplianceMetrix remains responsible and liable under the Privacy Shield Principles if third-party agents that it engages to process the personal data on its behalf do so in a manner inconsistent with the Principles, unless ComplianceMetrix proves that it is not responsible for the event giving rise to the damage. ComplianceMetrix has certified that it adheres to the Privacy Shield Principles of notice, choice, and accountability for onward transfer, security, data integrity and purpose limitation, access, recourse, enforcement and liability.  If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification page, please visit  The Federal Trade Commission (FTC) has jurisdiction over ComplianceMetrix’s compliance with the Privacy Shield.  In compliance with the US-EU Privacy Shield Principles, ComplianceMetrix commits to resolve complaints about your privacy and our collection or use of your personal information. EU individuals with questions or concerns about the use of their Personal Data should contact us at  For any complaints that cannot be resolved with ComplianceMetrix directly, ComplianceMetrix has chosen to cooperate with EU data protection authorities (DPAs) and comply with the information and advice provided to it by an informal panel of DPAs in relation to such unresolved complaints (as further described in the Privacy Shield Principles). Please contact us to be directed to the relevant DPA contacts. As further explained in the Privacy Shield Principles, a binding arbitration option will also be made available to you in order to address residual complaints not resolved by any other means. ComplianceMetrix commits to cooperate with EU data protection authorities (DPAs) and comply with the advice given by such authorities.


Changes to Our Privacy Policy

ComplianceMetrix will update this Privacy Policy occasionally. When ComplianceMetrix posts changes to this Privacy Policy, we will also revise the “Last Updated” date on ComplianceMetrix’s Privacy Policy. If there are material changes to this Privacy Policy, ComplianceMetrix will notify you by email, or by means of a notice on our home page. ComplianceMetrix encourages you to review this Privacy Policy periodically to be informed of how ComplianceMetrix is protecting your information and to be aware of any changes to the Privacy Policy. Your continued use of the site after the posting of any amended Privacy Policy shall constitute your agreement to be bound by any such changes. This Privacy Policy is incorporated into any Terms and Conditions governing the various websites and any programs or services operated or managed on or behalf of ComplianceMetrix. Any changes to this Privacy Policy are effective immediately after being posted by ComplianceMetrix.