Back

Privacy Policy

Last updated: 2026-05-31

Introduction

Senveco ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your personal data when you use our audit confirmation platform.

Data We Collect

We collect the following types of personal data:

  • Engagement data
  • Operational data

Purpose of Processing

We process your data for the following purposes:

  • To provide and maintain the audit confirmation service
  • To authenticate users and ensure security
  • To support audit confirmation workflows, including support for ISA 505 external confirmation procedures for obtaining relevant and reliable audit evidence
  • To communicate important service updates

Legal Basis for Processing

We process personal data based on the purpose involved, including performance of a contract to provide the service, legal obligations connected with audit work, and legitimate interests for security, logging, abuse prevention, and service integrity. The login checkbox is an acknowledgement of the Privacy Policy and Terms of Service. It is not treated as consent for all processing.

Data Retention

Operational data is retained only as needed for access control, security, and operation of the service, and may be removed where applicable. You may request erasure of your personal data, but this right is not automatic or absolute. You can review GDPR Article 17 for the right to erasure and its limits; in particular, Article 17(3)(b) and Article 17(3)(e) allow continued processing where needed for legal obligations or legal claims. Engagement data may therefore be retained as audit engagement evidence where needed for legal obligations, professional standards, dispute handling, legal claims, and service integrity. Backup copies, where they exist, may persist until the relevant backup cycle expires.

Cookies and Browser Storage

We use strictly necessary cookies and browser storage to keep you signed in, protect the session, and remember your language preference. We do not claim to use analytics or tracking cookies in this policy.

Your Rights (GDPR)

Depending on the circumstances, GDPR may give you rights to request access, rectification, erasure, restriction of processing, data portability, and objection to processing. These rights are not automatic or unlimited. Requests are assessed under GDPR and applicable legal, professional, audit-evidence, and legal-claim retention requirements. In particular, erasure is subject to GDPR Article 17 and may be refused or fulfilled only in part where continued retention is required or permitted by law.

Language

This legal content is maintained in English. If another interface language is selected, the English legal content is shown.

Data Security

We implement appropriate technical and organizational measures to protect your data, including encryption in transit (TLS), access controls, audit logging, and regular security review of the platform.

Contact Us

For privacy-related inquiries or to exercise your rights, please contact us at: