Privacy Policy

Home / Privacy Policy

How CertDesk collects, uses and protects your personal data.

Introduction

CertDesk ("we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our services.

1. Information we collect

We collect personal and non-personal information in several ways:

  • Information you provide: Name, email, phone number, company name, documents (for certification / attestation), billing and payment details, and any other information you submit in forms or emails.
  • Transactional data: Payment records, invoices, transaction IDs and payment method details (we do not store full card numbers).
  • Automatically collected information: IP address, device details, browser type, pages visited, referral URL, cookies and analytics data.
  • Third-party sources: We may receive information from payment processors, verification agencies or public registries as required for service delivery.

2. How we use your information

We use personal data to:

  • Provide, operate and maintain our services.
  • Process transactions and send invoices.
  • Communicate about your application, updates and support queries.
  • Perform identity and document verification required for compliance.
  • Improve our website, marketing, and service offerings using analytics.
  • Comply with legal and regulatory obligations.

3. Legal bases for processing

Where applicable (e.g., GDPR regions), we rely on the following legal bases to process personal data:

  • Contractual necessity — to perform the services you requested.
  • Legal obligation — to comply with laws and regulators.
  • Legitimate interests — for fraud prevention, improving services, and ensuring secure operations.
  • Consent — where you have explicitly given permission (e.g., marketing newsletters).

4. Sharing and disclosure

We may share data with:

  • Service providers and partners (payment processors, auditors, government portals) to deliver services.
  • Regulatory and law enforcement authorities when required by law.
  • Third parties in connection with a corporate transaction (sale, merger, acquisition).

We do not sell your personal information to third parties for marketing purposes.

5. Cookies & tracking

We use cookies and similar technologies to collect information about your activity on our website. Cookies help us:

  • Remember your preferences and settings.
  • Analyze site usage to improve performance and content.
  • Provide targeted content where you consent to marketing cookies.

You can control cookies via your browser settings. Blocking all cookies may affect site functionality.

6. Data retention

We retain personal information for as long as necessary to provide services, comply with legal obligations, resolve disputes, and enforce our agreements. Document retention periods (for certification, audits and legal compliance) may extend beyond normal retention for business records.

7. Security measures

We implement organizational, technical and administrative measures to protect personal data (e.g., access controls, encryption in transit, secure servers). However, no internet transmission is 100% secure — we cannot guarantee absolute security.

8. Your rights

Depending on your jurisdiction, you may have rights including:

  • Access: Request a copy of personal data we hold about you.
  • Rectification: Correct inaccurate or incomplete data.
  • Erasure: Request deletion of personal data (subject to legal retention obligations).
  • Restriction: Ask to limit processing in certain circumstances.
  • Object: Object to processing based on legitimate interests or direct marketing.
  • Data portability: Receive data in a commonly used, machine-readable format.

To exercise your rights, contact us at: support@certdesk.org. We will respond as required by applicable law.

9. Children

Our services are not intended for children under 18. We do not knowingly collect personal data from minors. If you believe we have such data, contact us to request removal.

10. Third-party links & external services

Our website may link to third-party services. We are not responsible for their privacy practices. Review third-party privacy policies before sharing your information.

11. Cross-border transfers

Personal data may be transferred and processed in India and other countries where our service providers operate. We will ensure appropriate safeguards for international transfers as required by law.

12. Data breach notification

In the event of a data breach that materially affects personal data, we will notify affected individuals and authorities as required by applicable law and take reasonable steps to mitigate harm.

13. Changes to this policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with a revised effective date. Continued use of the Services after changes indicates acceptance.

14. Contact

For privacy inquiries, data requests or to exercise your rights, contact:
Email: support@certdesk.org

Last updated: February 3, 2026.