top of page

CERTIFY – ISO certification body for companies in the EU

Privacy Policy

Privacy Policy - Certify

CERTIFY respects the confidentiality of your personal data and is committed to protecting the information you provide to us. This Privacy Policy explains how we collect, use, store and protect personal data, in accordance with applicable data protection legislation, including Regulation (EU) 2016/679 (GDPR).

1. Who we are
CERTIFY is a company that provides accredited ISO certification services, in partnership with BQC.

For any questions regarding personal data protection, you can contact us.

2. What personal data we collect
We collect the following categories of data, depending on how you use our website or services:

2.1. Data provided directly by you
First and last name

Telephone number

Email address

Company information

Messages sent via contact forms

Data necessary for the certification process

2.2. Automatically collected data
IP address
Cookies and online identifiers
Information about your device, browser and behavior on the site
Cookie consent preferences
2.3. Data collected from third-party sources
Analysis platforms (Google Analytics, etc.)
Social networks, if you interact with our page

3. Purposes of data collection
Your data is used for:

Taking requests for quotations and contacts

Providing ISO certification services

Commercial and operational communications

Improving the experience on the site

Compliance with legal obligations

We do not sell or provide personal data to third parties for commercial purposes.

4. Legal basis for processing
We process your data based on one of the legal grounds provided for by the GDPR:

Consent (e.g. marketing, cookies)

Contract (e.g. request, offer, services)

Legitimate interest (e.g. platform security)

Legal obligation (e.g. billing, accounting)

5. To whom we may disclose the data
The data may be transmitted to:

Partner certification bodies (e.g. BQC)

IT, hosting and security service providers

Analysis and marketing providers (only with consent)

Authorities, in situations provided for by law

All our partners are required to comply with the GDPR rules.

6. Duration of data storage
We store data only for as long as necessary for the purpose for which it was collected:

Contact data: up to 24 months

Contractual data: minimum 5 years (according to tax legislation)

Cookies: according to the cookie policy

Marketing data: until withdrawal of consent

7. Your rights
In accordance with the GDPR, you have the following rights:

Right of access

Right to rectification

Right to erasure ("right to be forgotten")

Right to restriction of processing

Right to data portability

Right to object

Right to withdraw consent

Right to file a complaint with the ANSPDCP

To exercise your rights, you can contact us at the details mentioned in section 1.

8. Data security
We implement appropriate technical and organizational measures to protect your data, including:

encryption

control access

regular audits

anti-fraud and anti-abuse measures

9. International data transfers

If data is transferred outside the EU (e.g. to service providers), we use GDPR-compliant mechanisms, such as Standard Contractual Clauses (SCC).

10. Minors Policy

We do not intentionally collect personal data from persons under 18 years of age. If we discover such data, we will delete it immediately.

11. Changes to the Privacy Policy
We reserve the right to update this policy at any time. The updated version will be published on the website, with the date of the change.

12. Contact

For any questions regarding data protection, please contact us.

bottom of page