This policy explains what data Reveal Compliance collects, why we collect it, and how we protect it. We are an independent buyer-side advisory firm — your information stays with us and is never sold or shared with software vendors.
Effective date: January 1, 2026. Last updated: January 1, 2026.
Reveal Compliance is an independent software license compliance and negotiation advisory firm with offices in New York, London, and Stockholm. We represent enterprise software buyers and have no commercial relationship with software vendors. References to "we," "us," or "Reveal Compliance" in this policy refer to the legal entities operating under the Reveal Compliance brand.
We collect information you provide directly to us when you complete a contact form, request a white paper, subscribe to The Compliance Brief, or engage us as a client. This typically includes:
We do not knowingly collect information from individuals under 18. White paper downloads require a verified company email — we automatically block submissions from common personal email domains.
We use the information you provide to respond to your enquiry, fulfil white paper requests, deliver advisory services we are engaged to perform, send the weekly Compliance Brief newsletter (only if you have subscribed), and improve our website and research. We do not use your information for behavioural advertising, and we do not build profiles for resale.
Where the GDPR or UK GDPR applies, we rely on the following lawful bases: consent (newsletter subscription), legitimate interest (responding to business enquiries and conducting our independent research), and contract performance (delivering engagements we are retained to perform).
We share information only with: form-processing infrastructure (Formspree, used to deliver contact and newsletter submissions to our team inbox), our hosting and analytics providers (operating under data-processing agreements), and our professional advisors when strictly necessary. We never share, sell, license, or otherwise disclose your information to software vendors — including any vendors we advise you about — or to vendor resellers, channel partners, or affiliates.
Because we operate across the United States, the United Kingdom, and the European Union, your information may be transferred between these jurisdictions. Where we transfer personal data out of the UK or EEA, we rely on the European Commission's standard contractual clauses or an equivalent safeguard.
We retain enquiry and engagement data for as long as necessary to provide the services requested and comply with legal, accounting, and audit-defence record-keeping obligations. Newsletter subscribers can unsubscribe at any time via the link in every email; we delete subscriber records on request.
Depending on your jurisdiction, you may have rights to access, correct, delete, restrict, or port the personal data we hold about you, and to object to certain processing. To exercise these rights, email Contact form. We respond within 30 days.
We use a small number of strictly necessary cookies and privacy-preserving analytics to understand how visitors use our website. We do not use third-party advertising cookies or cross-site tracking. You can disable cookies in your browser without losing site functionality.
We apply industry-standard organisational and technical safeguards to protect personal data, including TLS encryption in transit, access controls on our internal systems, and routine review of vendor sub-processors. No method of transmission over the internet is 100% secure, but our exposure surface is intentionally small — we do not run public-facing portals containing client data.
We may update this policy periodically to reflect changes in our practices or legal obligations. We will post the updated policy at this URL with a revised "Last updated" date. Material changes will be noted prominently for 30 days.
For questions about this policy or our privacy practices, contact: Contact form or write to Reveal Compliance, New York · London · Stockholm. UK and EU enquiries are handled out of our London office.
Weekly compliance intelligence for IT leaders.