STATUTA
Last updated: 17 March 2026
Statuta is operated by Statuta Ltd, registered in England and Wales. Contact: hello@statuta.uk
Account data — name, email, password via Supabase Auth.
Business profile data — company name, sector, employee count, jurisdiction, risk flags, readiness assessment answers.
Usage data — audit trail entries, actions taken, IP address.
Payment data — processed by Stripe. We do not store card details.
To provide the compliance platform and obligation mapping.
To generate AI-powered compliance documents.
To send compliance alerts and notifications.
To maintain your audit trail.
To improve the platform via anonymised usage data and Sentry error monitoring.
To process payments via Stripe.
Contract performance, legitimate interests, legal obligation, consent.
Supabase — database and authentication (EU region).
Vercel — hosting (EU/UK).
Anthropic — AI document generation via Claude API.
Resend — email delivery.
Stripe — payments.
Sentry — error monitoring.
Data retained while account is active. Deleted within 30 days of account closure. Audit trail records may be retained up to 7 years for legal compliance. Payment records retained per financial regulations.
Access, rectification, erasure, portability, objection, restriction. Contact hello@statuta.uk. Response within 30 days. Complaints to ICO at ico.org.uk.
TLS/HTTPS encryption, encrypted Supabase storage, row-level security, access controls.
We will notify you of material changes by email or platform notice.
hello@statuta.uk
Statuta Ltd (Company No. 17118897). Registered in England and Wales.