Sign In

Privacy Policy

Your privacy is our priority

Last Updated: September 17, 2025

Table of Contents

Pace Comply (referred to as "Pace Comply," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains what information we collect through our website and SaaS platform, how we use and share that information, and the choices you have. We adhere to applicable privacy laws and regulations that require transparency in how we handle personal data. By using Pace Comply, you agree to the practices described in this Privacy Policy.

Information We Collect

We collect personal information and other data to provide and improve our services. This includes information you provide directly, data collected automatically through your use of our service, and information from third parties as described below. We strive to be transparent about all types of personal information we collect.

Information You Provide

When you register or use Pace Comply, you may provide personal details such as your name, work email address, phone number, job title, and organization or agency name. If you are an administrator, you might also provide information about your team or colleagues (e.g., their name and email) to invite them to the platform. We collect any content you voluntarily upload or submit to the service, such as your IT policy documents, compliance materials, or feedback. This can include sensitive organizational information (which we treat as confidential as described below).

Account and Billing Information

If you subscribe to a paid plan, we (or our payment processor) collect billing details. This may include your billing address and payment information. Payment card information is handled through a trusted third-party payment processor (e.g., Stripe) and is not stored on our systems for security. We keep records of your transactions, subscription plan, and account history.

Automatically Collected Data

Like many online services, Pace Comply automatically collects certain data about your device and usage of our service. This may include your IP address, browser type, device type, operating system, pages or features you access, the dates/times of access, and other technical information. We also log user activity such as login times, actions taken within the application (e.g., uploading a document, generating a report), and errors or crashes for troubleshooting. Some of this information is collected via cookies and similar tracking technologies (see the Cookies section below).

Cookies and Tracking Technologies

We use cookies and similar technologies to provide, personalize, and improve our service. Cookies are small text files placed on your device that help the website function and gather information about usage. For example, we use essential cookies to enable your log-in sessions and remember preferences, and analytics cookies to understand how users navigate our site. We may in the future use cookies or pixels for marketing or advertising purposes (for instance, to remember if you visited our site and show you Pace Comply content on other platforms). You can control or delete cookies through your browser settings; however, note that disabling certain cookies may affect the functionality of our service.

Information from Third Parties

At this time, we generally collect information directly from you or your use of the service. If we integrate with third-party identity providers or receive information from your organization's directory (for example, if your employer provides us a list of authorized users), we will treat that information in accordance with this Policy. If you use a single sign-on service or log in via a third-party account, that service may share basic profile information with us as authorized by you. Additionally, if an administrator invites you to Pace Comply, they will provide your name and email; we assume they have obtained any necessary permission to share your information with us.

Note: Pace Comply is designed for use by U.S.-based government agencies and their personnel. We do not target or knowingly offer our services to individuals outside the United States. If you are using Pace Comply on behalf of an organization, you are responsible for ensuring you have the authority to provide any personal data about other individuals (such as colleagues) to our service.

How We Use Your Information

We use the collected information for the following purposes:

To Provide and Improve the Service

We process your personal information and uploaded content to operate the Pace Comply platform and deliver its features. This includes using automated analysis (including AI-powered tools) on your policy documents to map them against compliance frameworks and generate reports. The content you upload is used strictly to provide you with results and recommendations, and to improve our algorithms and services in a manner that preserves confidentiality. We also use your data to maintain and improve the functionality, security, and user experience of Pace Comply.

Account Management

Your information is used to create and manage your user account, authenticate you upon login, and remember your settings. We use your contact details to provide account-related support and notices. For example, we may send onboarding materials, inform you about policy analysis results, or alert you to important changes in the platform.

Communication

We may use your email or other contact information to send you necessary service communications (such as important updates, security alerts, subscription confirmations, and support messages). We may also send optional communications like newsletters, product announcements, or event information related to Pace Comply. You can opt out of marketing or promotional emails at any time by using the unsubscribe link in those emails or contacting us. We will not send you promotional communications if you have opted out.

Analytics and Development

Information about how you and other users interact with our service (e.g., which features are used most, where users encounter errors) is analyzed to understand usage trends and to improve Pace Comply. This helps us identify what new features to develop, how to make the platform more user-friendly, and to fix issues. We may use third-party analytics services to assist with this, which are described in the next section.

Security and Compliance

We use information (especially technical data like IP addresses and activity logs) to monitor for suspicious or fraudulent activity, to maintain the security of our platform, and to enforce compliance with our Terms of Service. This includes using automated tools to detect unauthorized access or policy violations. We may also use personal data to meet any applicable legal and regulatory requirements related to security or data protection.

Legal and Regulatory Purposes

Where necessary, we will use or disclose information to comply with legal obligations, such as responding to lawful requests by public authorities or court orders, or to exercise or defend legal claims. We may also use your information to enforce our agreements or to investigate potential violations, fraud, or security issues.

Other Purposes (with Notice/Consent)

If we intend to use your information for any purpose that is not covered by the above, we will describe it at the time of collection or obtain your consent. We do not sell your personal information to third parties, and we will not use your data for purposes incompatible with this Privacy Policy without your permission.

Cookies and Similar Technologies

As noted above, Pace Comply uses cookies and similar tracking technologies on our website and platform. We believe in transparency about how and why cookies are used. Cookies serve several functions on Pace Comply:

Essential Cookies

These are necessary for the website and service to function properly. For example, when you sign in, we use a session cookie to keep you logged in as you navigate through different pages. Essential cookies may also help us remember your preferences (such as your chosen language or other settings) so that you have a smoother experience.

Analytics Cookies

We may use analytics tools (such as Google Analytics or similar services) that set cookies to collect information about how visitors use our website. This information includes details like which pages are visited, how long users stay, and how they found our site. The data collected via analytics cookies helps us understand user engagement and improve our content and layout. The information is aggregated and does not directly identify individual users, but it may be linked to a pseudonymous identifier associated with your device. We use this information internally for performance monitoring and research. As our service grows, we might test new features or interfaces, and analytics cookies could help gauge user reactions to these changes.

Functional Cookies

In the future, we might implement cookies to enable additional functionality, such as support chat features or remembering additional user preferences. If we do so, these cookies will enhance your experience but are not strictly required for basic operation.

Advertising/Marketing Cookies

Pace Comply does not currently use advertising cookies or third-party ads on our site. However, we reserve the option to use cookies in the future to assist with targeted outreach. For instance, we might use cookies or pixels provided by platforms like Google, LinkedIn, or other advertising networks to measure the effectiveness of our marketing or to reach people who have shown interest in Pace Comply. If we introduce such cookies, we will update this policy and, where required by law, provide notice or obtain consent.

Cookie Choices

Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies or alert you when a cookie is being placed. Please note that if you disable or delete cookies, some features of our service (especially login and authentication) may not function properly. For further details on cookies we use and your choices, you can refer to this Privacy Policy section (and any Cookies Policy or banner we may provide). We explain our use of cookies — including those from any third-party service providers — and the purposes they serve to maintain transparency with our users.

How We Share and Disclose Information

We understand the importance of your data and only share personal information with third parties in certain circumstances. We do not sell your personal data. When we do share information, we ensure appropriate safeguards are in place and limit the information to what is necessary. Here are the situations and categories of recipients with whom we may share data:

Service Providers

We use trusted third-party companies to support and enhance the Pace Comply service. These service providers act on our behalf and are contractually obligated to only use personal information as needed to perform their functions and to protect it. Categories of service providers include:

Service Type Purpose Data Shared
Cloud Hosting High availability and security for application and data All platform data (encrypted)
AI Analysis Process policy documents and generate compliance insights Document content for analysis
Payment Processing Handle subscription payments securely Name, email, billing address, transaction amount
Analytics Services Understand website and service usage IP address, browser type, usage patterns
Email Services Send notifications and communications Email address, communication content

We ensure that all third-party service providers who might handle personal information sign appropriate agreements (such as Data Processing Addendums) and commit to protecting your data. While these providers may have their own privacy policies, we inform our users about their involvement to maintain transparency.

Your Organization or Agency

If you are using Pace Comply as part of an organization (for example, your employer or a government agency that has subscribed to our service), the administrators of that organization will have access to information within the account. This can include your name, email, and usage (such as whether you have completed required policy acknowledgments). For instance, if you are an employee using Pace Comply to read and acknowledge policies, your completion status is visible to your organization. Similarly, any content you upload or create within a team or organization space may be accessible to other authorized users in that same organization according to the permissions set. Pace Comply is not responsible for how your organization uses the personal data that they collect or access through our service, and their use may be subject to their own policies.

Legal Compliance and Protection

We may disclose your information if required to do so by law or in the good-faith belief that such action is necessary to: (i) comply with a legal obligation, subpoena, or regulatory request; (ii) protect and defend the rights or property of Pace Comply or Pace Systems; (iii) prevent or investigate possible wrongdoing in connection with the Services; (iv) protect the personal safety of users of the Services or the public; or (v) protect against legal liability. In all cases, we will only disclose the minimum information necessary and will object to requests for access to information that we deem improper.

Business Transfers

If Pace Comply or Pace Systems is involved in a merger, acquisition, sale of assets, bankruptcy, or other business transaction, user information (including personal data) may be transferred to or acquired by a third party as part of that deal. We would ensure that any successor entity honors the commitments in this Privacy Policy or provides you notice and opportunity to opt-out of the transfer of your personal information. This Privacy Policy would also continue to apply to your data unless/until it is updated or replaced by an equivalent policy from the new entity.

With Your Consent

In situations not covered above, if we need to share your personal information with third parties, we will do so only with your consent. For example, if we ever want to use a customer's story or testimonial publicly, we would ask for permission. Or if you request that we integrate Pace Comply with a third-party service where sharing of data is required (like an API integration), we will do so only with your approval and on terms described at that time.

Data Retention

We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. In practice, this means we keep your information while your account is active or as needed to provide you services. We may also retain certain data after you deactivate or delete your account, if needed for legitimate business interests such as record-keeping, resolving disputes, or complying with legal obligations.

When you or your organization choose to close your account, or upon your request, we will initiate the process of deleting or anonymizing your personal information. Our policy is to complete such deletions within approximately 90 days after account cancellation. This allows us to ensure that we can fulfill any final services, address billing issues, or handle requests for data export before removal. After 90 days, personal data associated with your account will be removed from our active databases.

Exceptions

Please note that we might retain certain limited information beyond account deletion in the following cases:

  • Backups and Archival: Your data may persist temporarily in routine backups that are maintained for disaster recovery and business continuity purposes. These backups are securely stored and are only accessed if necessary for those purposes. All backups are periodically overwritten or deleted, and we will not restore personal data back into our active systems except as needed for data recovery following an incident.
  • Legal or Regulatory Requirements: If we are required by law to keep certain data for a specified period (for example, financial transaction records for tax or auditing purposes), we will retain that information in accordance with the law. Similarly, if we receive a legal hold or preservation order related to data in your account, we will retain the data as necessary to comply with that obligation.
  • Security and Fraud Prevention: We may retain information needed to detect, prevent, or investigate security incidents or fraud. For instance, we might keep logs of access to systems for a longer period to analyze any potential malicious activity.
  • Aggregated or Anonymized Data: In some cases, we may transform your data into an aggregated or anonymized format (so it can no longer be linked to you) and retain that for analytical or statistical purposes. For example, we might keep aggregate metrics about how many policies on average are in compliance across all customers. This data will not identify you or your organization personally.

Even though we aim to honor deletion requests and remove data promptly, please understand that complete removal of all references to data (especially in backups or historical logs) may not be immediately possible in all systems. However, after you delete your account, your personal data will no longer be accessible or used in the live Pace Comply environment. We maintain data retention practices designed to ensure we only keep personal data for as long as we have a valid reason to hold it, and we outline users' rights to deletion and our need to retain certain information for legitimate purposes.

Data Security

We take data security seriously and implement industry-standard security measures to protect your information. This includes technical, administrative, and physical safeguards:

Encryption

All data transmitted between your device and our servers is protected using encryption (HTTPS/TLS). For particularly sensitive data, we also employ encryption at rest on our servers. This means that your uploaded documents and personal details are stored in encrypted form in our databases or storage systems.

Access Controls

We apply strict access controls to personal data. Only authorized personnel with a legitimate need (such as support or engineering staff for troubleshooting) can access customer data, and even then, such access is limited and logged. Within the Pace Comply platform, we also provide role-based access controls so that you can manage who in your organization can view or edit certain information.

Secure Infrastructure

Pace Comply is hosted in secure, U.S.-based data centers that meet high security standards. For our government agency customers, our infrastructure is designed to comply with relevant security requirements (for example, FBI CJIS Security Policy requirements and other frameworks). We conduct regular security audits, vulnerability assessments, and penetration testing to identify and address potential weaknesses. Our network and application are monitored for security events, and we utilize firewalls and intrusion detection systems to guard against unauthorized access.

Isolation and Backups

Each customer's data is logically separated to prevent any data leakage between organizations (multi-tenant data isolation). We also maintain regular backups of critical data to prevent data loss in case of unexpected events. These backups are stored securely and are encrypted.

While we strive to protect your information with robust measures, no method of transmission over the internet or electronic storage is 100% secure. Therefore, we cannot guarantee absolute security of your information. You should also take steps to keep your account secure, such as choosing a strong password and keeping your login credentials confidential. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that your account has been compromised), please contact us immediately.

Your Rights and Choices

Depending on your jurisdiction and the nature of your relationship with Pace Comply, you may have certain rights regarding your personal information. We are committed to honoring applicable data protection rights, which may include:

Access and Correction

You have the right to access personal information we hold about you and to request correction of any inaccuracies. Most of your basic account information can be viewed and updated directly by logging into your account (for example, you can edit your profile details). If you need assistance or wish to request a copy of the broader set of personal data we have about you, you can contact us using the information in the Contact Us section. We will provide this information as required by law.

Account Deletion

You can request to deactivate or delete your Pace Comply account at any time. This can typically be done through your account settings or by contacting your organization's administrator (if your account is managed by an employer/agency). Once deletion is confirmed, we will remove your personal data as described in the Data Retention section above. Please note that if you are using Pace Comply through an organization, deleting your account may require coordination with that organization.

Opt-Out of Marketing

If we send you promotional emails or newsletters, you can opt out at any time by clicking the unsubscribe link included in those emails. You can also contact us to be removed from our marketing distribution. Please note that even if you opt out of marketing messages, we may still send you important transactional or service-related communications (such as billing notices or security alerts).

Cookie Preferences

As discussed in the Cookies section, you can control cookies through your browser settings. You may also be able to use browser extensions or settings to send "Do Not Track" signals. Our site currently does not respond to Do Not Track signals, but we only use cookies as described in this policy. If in the future we implement a cookie consent mechanism (for instance, if required by law for certain users), you will be able to manage your preferences through that as well.

California Privacy Rights

While Pace Comply is a B2B service intended for organizations, if you are a California resident, you may have rights under the California Consumer Privacy Act (CCPA) or other state laws. These rights may include the right to know what categories of personal information we have collected about you, the right to request deletion of your personal information, the right to opt out of any "sale" of personal information (note: Pace Comply does not sell personal data), and the right not to receive discriminatory treatment for exercising your privacy rights. If you are a California resident and wish to exercise any applicable rights, please contact us. We will verify your identity and process valid requests as required by law.

GDPR and International Data

Pace Comply is not primarily offered to individuals in the European Economic Area (EEA), United Kingdom, or other regions with GDPR-style laws. However, if you believe the General Data Protection Regulation (GDPR) or similar laws apply to your personal data with us, you may have additional rights such as the right to restrict processing, the right to data portability, or the right to object to processing. We will honor such rights to the extent they apply. For example, if you are an EU resident using Pace Comply and wish to exercise GDPR rights, you can reach out to us with your request. Additionally, we want to inform any non-U.S. users that your data will be transferred to and stored in the United States. By using our service or providing us with information, you consent to this transfer, processing, and storage of your information in the U.S., which may have data protection laws different from those in your country.

If you wish to exercise any rights that apply to you, or have questions about your rights, you can contact us (see Contact Us below). We will respond to your request within a reasonable timeframe and in accordance with applicable law. In some cases, we may ask you for additional information to verify your identity before fulfilling the request. If we cannot fulfill your request (for example, due to legal requirements or if we cannot verify your identity), we will provide an explanation.

Children's Privacy

Pace Comply is not intended for use by children under 13 years of age, and we do not knowingly collect personal information from children. Our service is designed for professional use by adults in organizational settings. In the unlikely event that we discover we have collected personal information from someone under 13 without parental consent (for instance, if a minor attempted to register misrepresenting their age), we will delete that information promptly. If you are a parent or guardian and believe that a child under 13 may have provided personal information to us, please contact us so we can take appropriate action.

Users under the age of 18 (or the age of majority in your jurisdiction) should only use Pace Comply with the involvement and consent of a parent or legal guardian. By using our service, you represent that you are at least 18 years old or that you are using the service under supervision of a guardian or organization responsible for you.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or for other operational reasons. If we make material changes to this policy, we will notify you by means appropriate to the significance of the changes. For example, we might post a notice on our website or within the application, or send an email notification to the account owner. We will also update the "Last Updated" date at the top of this Privacy Policy when changes occur.

Your continued use of Pace Comply after any updated Privacy Policy has become effective indicates your agreement to the revised terms. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting the information we collect. According to standard regulations, we are allowed to make changes to our Privacy Policy at any time, but we are required to inform users of those changes. If you do not agree with any changes to this Privacy Policy, you should stop using the service and, if applicable, delete your account or reach out to us for further assistance.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us. We value your feedback and will address your inquiry as promptly as possible.

Contact Information for Privacy Inquiries

Email: [email protected]

Mailing Address: 2040 Corporate Lane, Naperville, IL 60563

Telephone: 630-395-2260

We are here to help and to ensure that your experience with Pace Comply is safe and secure. Feel free to reach out to us at any time regarding any privacy-related questions or issues.