Compliance & Privacy
Last updated: January 2026
CORPYO operates across multiple jurisdictions and is committed to meeting applicable legal and regulatory requirements for data protection, financial services, and consumer privacy.
GDPR — European Union
CORPYO acts as a data controller and, where applicable, data processor under the General Data Protection Regulation (EU) 2016/679. EU residents may exercise rights of access, rectification, erasure, portability, restriction, and objection by contacting privacy@corpyo.com. We rely on Standard Contractual Clauses for international data transfers.
CCPA — California
Under the California Consumer Privacy Act and its CPRA amendments, California residents have the right to know, delete, correct, and opt out of the sale or sharing of personal information. We do not sell personal data. To submit a verifiable consumer request, email privacy@corpyo.com or use our in-app privacy centre.
PDPL — Saudi Arabia
CORPYO complies with the Saudi Personal Data Protection Law (PDPL) and its implementing regulations issued by the National Data Management Office. Personal data of Saudi residents is processed with a lawful basis and retained only as long as necessary.
LGPD — Brazil
We process personal data of Brazilian residents in accordance with the Lei Geral de Proteção de Dados (LGPD). Brazilian data subjects may exercise their rights under Article 18 of the LGPD by contacting our DPO at privacy@corpyo.com.
PCI-DSS
Payment card data processed through CORPYO is handled by PCI-DSS Level 1 certified payment processors. CORPYO does not store, process, or transmit raw card numbers on its own servers.
Other frameworks
We also monitor and align with UAE Federal Decree-Law No. 45 of 2021 on personal data protection, Qatar's Law No. 13 of 2016, and Kuwait's data protection guidelines. Our compliance programme is reviewed at least annually.
Privacy & compliance contact: privacy@corpyo.com