Privacy Policy

Last updated: 6 May 2026 · Version 2.0

1. Who we are

Kompense (“Kompense”, “we”, “us”, “our”) is a competitive intelligence platform operated by Techno Believe Solutions Ltd, a company registered in England and Wales (company number 10866509) with its registered office at 128 City Road, London, United Kingdom, EC1V 2NX.

We are the data controller for personal data we process about our customers and website visitors. This Privacy Policy is governed by the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. If you are based in the EEA, the EU GDPR also applies.

Privacy questions: privacy@kompense.com

2. What data we collect

Account data: name, email address, password (stored as a one-way hash), company name, role, and your chosen plan tier.

Usage data: pages viewed, features used, AI queries you submit, timestamps, IP address, browser type, and device identifiers.

Billing data: billing address, VAT ID (if provided), and payment method tokens. Card numbers are never stored on our servers — they are tokenised by our payment processor (Stripe).

Content you create: the competitors you choose to track, watch lists, custom prompts, alert preferences, and any team members you invite.

Communications: any messages you send to us via support, sales, or the contact form.

Public data we collect about competitors you choose to track: when you add a competitor to your workspace, Kompense (as data controller, on our own initiative) ingests publicly available information about that business — its website, pricing pages, public ad creatives via the official Meta Ad Library API, public job postings via supported ATS APIs (Greenhouse, Lever, Ashby, Workable, Personio, Recruitee), public RSS / news feeds, and public posts on Reddit and Hacker News. We do not scrape platforms whose terms of service forbid it (e.g. LinkedIn, G2, Trustpilot, Capterra). Lawful basis: legitimate interests (UK GDPR Art. 6(1)(f)) — providing competitive intelligence is the service you signed up for, and competitor businesses have a reduced expectation of privacy for information they themselves publish to the world. See our sub-processors page for the exact list of vendors involved in this collection.

Customer-relationship data you upload (e.g. win/loss notes, prospect identifiers): if you supply such data, you are the data controller for it and Kompense acts as your processor under UK GDPR Article 28. A standard Data Processing Agreement is available on request.

3. Why we use it (lawful bases)

PurposeLawful basis (UK GDPR Art. 6)
Provide the service you signed up forContract (Art. 6(1)(b))
Process your payment via StripeContract (Art. 6(1)(b))
Send service alerts & security noticesContract / legitimate interests (Art. 6(1)(f))
Improve product & analyticsLegitimate interests (Art. 6(1)(f))
Marketing emailsConsent (Art. 6(1)(a)) — opt-in only, opt-out anytime
Comply with legal & tax obligationsLegal obligation (Art. 6(1)(c))
Detect & prevent fraud or abuseLegitimate interests (Art. 6(1)(f))

4. Who we share data with

We do not sell your personal data. We share it only with vetted sub-processors who help us run the service. A complete list (with their roles, locations, and Data Processing Agreements) is at kompense.com/sub-processors.

We may also disclose data when required by law (court order, regulator request) or to protect rights, safety, or property.

In a corporate transaction (sale, merger), data may transfer to a successor entity. We'll notify affected customers in advance and the new entity will be bound by this Privacy Policy.

5. International data transfers

Some of our sub-processors are based outside the UK (notably in the United States and the European Economic Area). When we transfer personal data internationally, we rely on UK GDPR-compliant safeguards:

  • The UK's adequacy decision for the EEA (no extra safeguard needed)
  • The UK International Data Transfer Agreement (IDTA) for transfers to the US and other non-adequate countries
  • The UK Addendum to the EU Standard Contractual Clauses where applicable
  • The EU-US Data Privacy Framework where the recipient is certified

You can request a copy of the relevant safeguard by emailing privacy@kompense.com.

6. How long we keep data

Data categoryRetention period
Account data (active customer)Until account deletion + 30 days
Account data (after deletion)Anonymised; backups purged within 90 days
Billing & invoice records7 years (HMRC tax requirement)
Usage logs & analytics12 months
Support emails3 years
Marketing opt-in recordsUntil you opt out + 2 years (proof of consent)

You can request earlier deletion at any time using the rights described in section 8.

7. Cookies & tracking

We use cookies in two categories:

  • Strictly necessary: session cookies that keep you logged in and remember theme preference. These cannot be disabled — without them the service does not work. Lawful basis: contract.
  • Analytics (optional): first-party cookies that count anonymous page views to help us improve the product. Disabled by default; only enabled if you click “Accept” on the cookie banner. Lawful basis: consent.

We do not use third-party advertising or behavioural tracking cookies. You can withdraw cookie consent any time by clearing your browser's site data for kompense.com.

8. Your rights

Under UK GDPR you have the right to:

  • Access your personal data and receive a copy
  • Rectify inaccurate or incomplete data
  • Erase your data (“right to be forgotten”) where possible
  • Restrict processing in certain circumstances
  • Port your data to another service in machine-readable format
  • Object to processing based on legitimate interests
  • Withdraw consent for any processing based on consent
  • Not be subject to fully automated decisions with significant effects (see section 9)

To exercise any right, email privacy@kompense.com or use the in-app data deletion tool at /data-deletion. We respond within 30 days.

If you're unhappy with our response, you have the right to complain to the UK Information Commissioner's Office (ICO): ico.org.uk/make-a-complaint.

9. AI & automated processing

Kompense uses large language models (currently Google Gemini) to summarise public competitor data, generate insights, and answer questions you ask in the AI chat. These outputs are suggestions— they are not legal, financial, or strategic advice and should not be the sole basis for material business decisions.

We do not use your inputs to train third-party AI models. Your prompts are sent to the model provider for inference only and are subject to their data-protection terms (see sub-processors list). We do not make legally significant or contractual decisions about you based solely on automated processing (UK GDPR Article 22).

10. Security

We protect your data with industry-standard measures including: encryption in transit (TLS 1.2+) and at rest, scoped database access via row-level security, secrets stored in encrypted environment variables (never in source code), regular dependency patching, and least-privilege access for staff.

No system is perfectly secure. If we discover a personal-data breach affecting you, we'll notify you and the ICO within 72 hours where required by law.

11. Children

Kompense is for business use only. We do not knowingly collect data from anyone under 16. If you believe we have, contact privacy@kompense.com and we will delete it.

12. Data Protection Officer

Techno Believe Solutions Ltd is below the threshold requiring a formal DPO under UK GDPR Article 37. All privacy queries are handled by our Privacy Contact at privacy@kompense.com.

13. Changes to this policy

We'll update this page when our practices change. The “Last updated” date at the top reflects the most recent version. For material changes affecting how we use your data, we'll notify you by email or in-app banner at least 30 days before they take effect.

14. Contact us

Techno Believe Solutions Ltd (trading as Kompense)
128 City Road, London, EC1V 2NX, United Kingdom
Company Number: 10866509

Privacy: privacy@kompense.com
General: hello@kompense.com