1. Who we are
Standcert Global Ltd ("Standcert", "we", "us") is the data controller for personal data processed in connection with our certification services and www.standcertglobal.com.
Registered office and company number: to be confirmed by the company secretary.
2. Data we collect
- Identification and contact details you provide via quote, transfer, verification or contact forms (name, organisation, role, email, phone). Quote submissions are stored in our secure backend with a record of the submitting IP address and browser user-agent for fraud diagnostics.
- Information about your management system that you submit during application, audit and surveillance activities.
- Auditor and personnel records where required for impartiality and competence.
- Technical data from this website (IP address, browser, pages visited) collected by our analytics layer.
3. Why we process it
- To respond to enquiries and prepare certification proposals (legitimate interest, pre-contract).
- To deliver, maintain and renew certification under contract.
- To meet accreditation and standard requirements (ISO/IEC 17021-1) and other legal obligations.
- To operate the public certificate verification registry.
4. Lawful bases
We rely on contract, legitimate interests, legal obligation and — where applicable — your consent. You may withdraw consent at any time without affecting prior processing.
5. Sharing and subprocessors
We share limited personal data with: our accreditation body, ASCB (Accreditation Service for Certifying Bodies), for oversight; auditors and technical experts under confidentiality; and infrastructure providers hosting our website, portal, database and email. We do not sell personal data.
5a. Cookies and analytics
This site uses a small number of strictly necessary cookies required for routing, security and remembering your cookie-consent choice. With your consent, we will additionally set analytics cookies to understand aggregate site usage.
The exact cookie names, providers, purposes and retention periods will be published in the table below once our analytics provider (Google Analytics 4 / Google Tag Manager) is installed and reviewed. Until then, no analytics cookies are set on this site.
You can change or withdraw consent at any time by clearing thestandcert.cookie-consententry in your browser storage; the banner will reappear on the next visit.
6. Retention
Certification records are retained for the period required by our accreditation rules (typically at least one full certification cycle plus statutory retention). Enquiry data not converted to a contract is retained for up to 24 months.
7. International transfers
Where data is transferred outside the UK / EEA, we rely on adequacy decisions or Standard Contractual Clauses with appropriate supplementary safeguards.
8. Your rights
Under UK GDPR you may request access, rectification, erasure, restriction, portability and objection. You may also lodge a complaint with the UK Information Commissioner's Office (ICO).
9. Contact
Privacy enquiries and data-subject requests: admin@standcertglobal.com.
10. Changes
We may update this policy from time to time. The current version is always available at this URL. Material changes will be communicated to certified clients directly.
Last reviewed: pending publication