Privacy Policy – Beaty Compliance & Operations, LLC

PRIVACY POLICY

Beaty Compliance & Operations, LLC · beatyco.com

Last updated: [April 2026]

Who we are

Beaty Compliance & Operations, LLC (“BCO,” “we,” “our”) is a remote compliance and operational consulting firm founded by Malcolm Beaty and operating from Portugal, European Union. Our website address is beatyco.com.

What personal data we collect and why

When you submit the contact form on our website, we collect your first and last name, company or business name, and email address, along with any message you choose to include. We collect this information solely to respond to your enquiry and determine whether BCO may be a suitable partner for your needs. We do not use it for any other purpose.

Legal basis for processing (GDPR)

For visitors from the European Economic Area (EEA), our legal basis for processing your contact form data is your consent, given when you voluntarily submit the form. You may withdraw consent at any time by contacting us at [email protected]. For clients under a signed service agreement, processing is additionally based on contractual necessity.

How long we retain your data

Contact form submissions are retained for up to 12 months for the purpose of responding to your inquiry. If an engagement results from your inquiry, data related to that engagement is retained for as long as required by applicable law or the terms of our service agreement, and no longer than seven (7) years following the end of the engagement.

Who we share your data with

We do not sell, rent, or share your personal data with third parties for marketing purposes. Data submitted via our contact form is processed by our website host and email provider. Where we engage subcontractors in the delivery of client services, we ensure those subcontractors are bound by appropriate confidentiality and data protection obligations consistent with our GDPR and HIPAA commitments.

Cookies

Our website may use functional cookies necessary for the operation of the contact form (WPForms). We do not currently use analytics, advertising, or tracking cookies. If this changes, this policy will be updated accordingly.

Your rights

Depending on your location, you may have the right to access the personal data we hold about you, request correction or deletion of that data, object to or restrict our processing of your data, and lodge a complaint with a supervisory authority. To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

Data transfers

BCO operates from Portugal (EU). If you are located outside the EEA — including in the United States — your personal data may be transferred to and processed in the EU. Such transfers are lawful under GDPR. For client engagements involving the transfer of personal data from the EEA to the US, BCO relies on Standard Contractual Clauses as the transfer mechanism where applicable.

Protected health information (PHI)

BCO handles Protected Health Information (PHI) only under a signed Service Agreement and, where required, a Business Associate Agreement (BAA), in accordance with HIPAA. PHI is never collected or processed through this website.

Contact

For any questions about this Privacy Policy or our data practices, contact: Beaty Compliance & Operations, LLC [email protected] beatyco.com