Privacy Policy

At Core Compliance & Legal Services, Inc.SM (“Core Compliance”, “we”, “us,” “our”) are committed to protecting your privacy. Our privacy policy discloses the privacy practices for Within the policy we explain our use of data collection, processes and usage practices. It will also detail your right to choose regarding use, access and storage of your personal information. If you do not agree with our data practices, you should not use this website, or our content subscription services.

We periodically update the terms within our Privacy Policy and regularly notify our users and subscribers of significant changes. While we may notify you and other users of changes, we strongly encourage all to review this policy periodically.

This privacy policy applies solely to information collected by this website. It will notify you of the following:

  1. What personally identifiable information is collected from you through the website, how it is used and with whom it may be shared.
  2. What choices are available to you regarding the use of your data.
  3. The security procedures in place to protect the misuse of your information.
  4. How you can correct any inaccuracies in the information.

Core Compliance complies with and is committed to the EU-U.S. Data Privacy Framework (EU-U.S. DPF), UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), and to the rights of EU and UK individuals and Swiss individuals.

If you have any questions about the CORE COMPLIANCE Privacy Policy or the information you have provided us, please write us via the following methods:

  • By email: at
  • By post/mail: Core Compliance & Legal Services, Inc., 1350 Columbia Street, Suite 300, San Diego, CA 92101 USA, Attn: Privacy


Information Collection, Use, and Storage

Upon Visiting

All visitors of our website are free to explore the Website without providing any Personal Information. When you visit the Website or register for any of our Subscription Services or Events, we request that you provide Personal Information about yourself, and we collect Navigational Information.

What is “Personal Information”

The term refers to any information that you voluntarily submit within our website that may identify you personally, which may include (but not limited to) contact information, such as your name, email address, company, job title, phone number, and any other information about you or your business. Personal Information can also include transaction history that was entered into the Website, as well as information that may be available on the internet (Facebook, LinkedIn, Twitter, Google, etc.) as well as information that may be acquired through numerous service providers.

Navigational Information is also included under the umbrella of Personal Information, due to its ability to directly or indirectly identify the user. Navigational Information references the information about your computer and your visits to this Website. For example, IP address, browser type, referral source, page visited and length of visit.

Log Files and Visit Information

When using our services or viewing content provided by CORE COMPLIANCE, we will automatically collect information about your computer and software. This includes, but not limited to, browser, domain names, IP address, Internet Service Provider (ISP), the files viewed, operating system, clickstream, etc. This information is applied to the Subscription Service provided by CORE COMPLIANCE, to not only maintain quality, but to also provide general usage statistics. For these purposes only, we link the automatically collected data to Personal Information records.

Information Usage

We use all collected information in compliance to this Privacy Policy. Customers who subscribe to our Subscription Services are obligated through our agreements with then to comply with this Privacy Policy.

We Will Never Sell Your Personal Information

We will not sell or rent this information to have access to/collect information that you voluntarily give us via email or other direct contact from you. We will not sell or rent this information to anyone.

Use of Personal Information

Aside from uses disclosed in this Privacy Policy, we may use your Personal Information to:

  • to respond to you regarding the reason you contacted us;
  • improve your browsing experience by improving the Website and Subscription Services;
  • send information or CORE COMPLIANCE content to you that we this may be of interest to you by email or other means, as well as marketing communications that relate to CORE COMPLIANCE Services;
  • promote the use of our services to you and share content with you in, referencing your communication preferences;
  • communicate updates or information regarding changes to Customer Terms of Service, Privacy Policy (including our Cookie Policy), or other legal agreements; and
  • to meet legal requirements.

We may, on occasion, contact you on behalf of our external business partners about offerings that may be of interest. In those instances, we do not transfer your Personal Information to the third-party.

Information gathered through our Subscription Service by our customers are for the following purposes:

  • to provide the Subscription Service (which may include the detection, prevention and resolution of security and technical issues);
  • to respond to customer support requests; and
  • otherwise, to fulfill the obligations under our Terms of Service.

Legal basis processing of Personal Information (EEA only)

If you are a visitor located in the European Economic Area (“EEA”), our legal basis for collecting Personal Information described within this Privacy Policy, will depend on the Personal Information concerned and the specific context and method it was collected. We will normally collect personal information for you only when consent is given, where obvious need to perform a contract with you is necessary, or where the means of processing is in our legitimate interests and does not override your data protection interests or fundamental rights and freedoms. In rare instances, we may also have a legal obligation to collect personal data from you.

If we do request you provide Personal Information to comply with legal requirements or to preform contract, we will make this clear at the appropriate time and advise you is your Personal Information is mandatory (as well as consequences is you fail to comply). Alike the situation, if we collect and use your Person Information outside of legal requirement or contract performance (such as legitimate third-party interest), we will clearly disclose the legitimate interest for the communication.

Use of Navigational Information

Our use of Navigational Information is mainly used to operate and improve the Website’s functionality and Subscription Service. On occasion we may collect your Navigational Information in combination with Personal Information to best provide you with personalized information, contracts/agreements, or service.

Security of your Personal Information

We have implemented numerous security technologies, measures and procedures to protect your Personal Information from unauthorized access, use or disclosure. We secure the Personal Information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure. All Personal Information is protected using appropriate physical, technical and organizational measures.

Social Media Features

Our website includes Social Media Features, such as the Facebook Like button and other Widgets, such as the Share This button and multi-platform social engagement features. These tools may collect your IP address, page visits, and may set a cookie to enable the feature to function properly. Social Media Features and Widgets are either hosted by a third party or hosted directly on our website. This Privacy Policy does not apply to these features.  Your interactions with these features are governed by the privacy policy and other policies of the companies providing them.

External Websites

On our website, we often provide links to outside websites. We do not control and are not liable for the content and practices of other websites/companies. Our linking to various websites does not constitute endorsement of their content, their owners, beliefs, or business practices. This Privacy Policy does not apply to other websites, which are only subject to any Privacy Policy they may have and enforce.

Public Forums

We offer our visitors an accessible forum for commenting through message boards and/or blog comments. We urge users to keep in mind that sharing or directly disclosing any Personal Information on public messaging boards may be collected and used by others. CORE COMPLIANCE will attempt to correct and or delete any information posted to the Website as requested. This also applies within the “Opting Out/Unsubscribing” portion below.

Retention of Personal Information

We reserve the right to retain the information we collect, depending on the type of information recorded. At a certain point (upon CORE COMPLIANCE discretion), we will attempt a regular review of data, where we will either delete or anonymize your information. If this is not possible, then we will securely store your information and isolate it from any further use until deletion is possible.

We retain Personal Information that you provide to us where we have an ongoing legitimate business need to do so (for example, if it is required to contact you about the Subscription Service or our other services, or as needed to comply with our legal obligations, resolve disputes and enforce our agreements).

We will delete this information from the servers at an earlier date if you so request.

By participating in the EU-U.S. Data Privacy Framework (EU-U.S. DPF), UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF), Core Compliance is committed to these frameworks and to the rights of EU, UK, and Swiss individuals.


Sharing Information that We Collect

Who we Share the Information With

In the rare occasion that Core Compliance does share the information gathered it would only be with a limited third-party and you would be notified via email and/or a prominent notice on our Website upon a completion of any form. In this event, the third parties that receive this information would be as follows:

  • A co-sponsor of any online or in-person Core Compliance event you may attend, wish to attend, and/or register; and/or
  • A panelist or speaker for an online or in-person Core Compliance event you may attend, wish to attend, and/or register.

Corporate Events

If Core Compliance (or our assets) is acquired by another company, whether by merger, acquisition, bankruptcy or otherwise, that company would receive all information gathered by Core Compliance on the Websites and the Subscription Service. In this event, you will be notified via email and/or a prominent notice on our website, of any change in ownership, uses of your Personal Information, and choices you may have regarding your Personal Information.

Compelled Disclosure

We reserve the right to use or disclose your Personal Information if required by law or if we reasonably believe that use or disclosure is necessary to protect our rights; protect your safety or the safety of others; investigate fraud; the possibility -under certain conditions, for the individual to invoke binding arbitration; or comply with a law, court order, or legal process.


Subscription Services

Core Compliance uses the Subscription Service to build webpages, content deliverables, and best analyze the Website, usage, and services. We control and are responsible for correcting, deleting, or updating information we have collected from you using the Subscription Service. If requested to remove data, we will respond within a reasonable timeframe. We may work with our service partners to help provide notice to visitors about data collection, processing, and usage. We are prohibited from using our Subscription Service to collect, manage, or process Sensitive Information.

If you request to no longer be contacted within our Subscription Service, please contact Core Compliance directly.


EU-US Data Privacy Framework, UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework Notice

Core Compliance complies with the EU-U.S. Data Privacy Framework, (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries, the United Kingdom (including Gibraltar), and Switzerland transferred to the United States pursuant to Data Privacy Framework. Core Compliance has certified that it adheres to the Data Privacy Framework Principles with respect to such data. If there is any conflict between the policies in this privacy policy and data subject rights under the DPF Principles, the DPF Principles shall govern. To learn more about the Data Privacy Framework program, and to view our certification page, please visit

With respect to personal data received or transferred pursuant to the Data Privacy Framework Program, Core Compliance is subject to the regulatory and enforcement powers of the U.S. Federal Trade Commission.

Pursuant to the DPF Frameworks, EU, UK, and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under the DPF Principles, should direct their query to If requested to remove data, we will respond within a reasonable timeframe.

We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to

This policy states how Core Compliance collects, uses, shares, and secures the personal information it obtains and subsequently transfers to our third-party suppliers under the Data Privacy Framework Principles including personal data from the EU, UK, and Switzerland as well as the onward transfer liability provisions.

In certain situations, Core Compliance may be required to disclose personal data in response to lawful requests by public authorities, including meeting national security or law enforcement requirements.

Core Compliance’s accountability for personal data that it receives in the United States under the Data Privacy Framework and subsequently transfers to a third party is described in the DPF Principles. In particular, Core Compliance remains responsible and liable under the DPF Principles if third-party agents that it engages to process personal data on its behalf do so in a manner inconsistent with the principles, unless Core Compliance proves that it is not responsible for the event giving rise to the damage.

In compliance with the Data Privacy Principles, Core Compliance commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the DPF. European Union, UK, and Swiss individuals with DPF inquiries or complaints should first contact Core Compliance by email at or via post at:

Core Compliance & Legal Services, Inc.,
1350 Columbia Street, Suite 300,
San Diego, CA 92101 USA,
Attn: Privacy Complaint

Core Compliance has further committed to refer unresolved privacy complaints under the Data Privacy Framework Principles to an independent dispute resolution mechanism, Data Privacy Framework Services, operated in the United States by BBB National Programs. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed, please visit for more information and to file a complaint. This service is provided free of charge to you.

If your Data Privacy Framework complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See

Also, Core Compliance is committed to cooperate with EU data protection authorities (DPAs) and comply with the advice given by such authorities regarding human resources data transferred from the EU in the context of the employment relationship.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF, Core Compliance commits to cooperate and comply respectively with the advice of the panel established by the EU data protection authorities (DPAs) and the UK Information Commissioner’s Office (ICO) and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of human resources data received in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF and the Swiss-U.S. DPF in the context of the employment relationship.


Cookies & Other Technology

If you have elected to receive marketing communications from us, we retain data regarding your marketing preferences for a reasonable period from the date you last expressed interest in our content, or services, such as when you last opened an email from us or opted out of our communications.  We retain information derived from cookies and other tracking technologies for a reasonable period from the date such information was created.

The Core Compliance website utilizes cookies and related technologies. Cookies are small data files that are served by our platform and stored on your computer’s hard drive through your web browser. Our site uses cookies dropped by us or third parties for a variety of purposes including to operate and personalize the website. Also, cookies may be used to track how you use the site to target ads to you on other websites. The types of data collected may include IP addresses, cookies identifiers, or website activity. You can opt out of receiving targeted ads served by us or on our behalf by clicking on the blue icon in the corner of the ads we serve.

Core Compliance also use cookies or similar technologies to analyze trends, administer the website, track users’ movements around the website, and to gather demographic information about our user base as a whole. You, the user, can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our website or service. To manage Flash cookies, please click here:

We partner with third parties to manage our advertising on other websites. Our third-party partners may use cookies or similar technologies to provide you advertising based upon your browsing activities and interests. If you wish to opt out of interest-based advertising, most web browsers allow you to control cookies through their settings.

Your Access to and Control Over Information

You may opt out of any future contacts from us at any time. You can do the following at any time by contacting us via the email address or phone number given on our website:

  • See what data we have about you, if any.
  • Change/correct any data we have about you.
  • Have us delete any data we have about you.
  • Express any concern you have about our use of your data.


We take precautions to protect your information. When you submit sensitive information via the website, your information is protected both online and offline.

While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment.

If you feel that we are not abiding by this privacy policy, you should contact us immediately via telephone at (619) 278-0020 or email us at This e-mail address is being protected from spambots. You need JavaScript enabled to view it. Thank you.


Effective Date: November 2019

Recertified: October 2023