Privacy Policy

Effective date: 30 March 2026 — Last updated: 30 March 2026

Certly ("we", "us", "our") is an electrical certification app designed for UK electricians. This policy explains what personal data we collect, how we use it, and your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Data Controller

The data controller is Certly Ltd. For privacy enquiries, contact us at team@certly.co.uk.

2. Data We Collect

Account information

Certificate and inspection data

Client and property data

Job data

Images and files

Device and technical data

Data we do not collect

3. How We Use Your Data

Purpose Legal basis (UK GDPR)
Providing the Certly service — creating, storing, and generating PDF certificates Performance of a contract (Art. 6(1)(b))
User authentication and account security Performance of a contract
Sending push notifications (QC updates, certificate status) Legitimate interest (Art. 6(1)(f))
Crash reporting and bug fixes Legitimate interest
Quality Control (QC) review workflow — sharing certificate data with a reviewer you designate Performance of a contract

4. Quality Control Data Sharing

When you submit a certificate for Quality Control review, the QC reviewer you designate will have access to the complete certificate data, including client details, property information, test results, observations, and your inspector signature. QC reviewers can add review notes and an approval signature. This sharing is initiated by you and only with the reviewer you specify.

5. Third-Party Services

Service Provider Purpose Data processed
Cloud hosting & database Amazon Web Services (AWS) Application infrastructure, data storage All app data
Authentication AWS Cognito User sign-up, login, password management Credentials, profile attributes
File storage AWS S3 Images, PDFs, attachments Uploaded files
Push notifications Firebase Cloud Messaging Delivering notifications to your device FCM device token, notification content
Crash reporting Firebase Crashlytics Identifying and fixing app errors Crash data (no personal identifiers)

We do not sell your data to any third party. We do not use advertising networks or commercial analytics services.

6. Where Your Data Is Stored

All data is stored in the AWS EU-West-2 (London) region. Firebase services may route data through Google Cloud infrastructure. Where data is transferred outside the UK, it is protected by Standard Contractual Clauses (SCCs) as required by UK GDPR.

7. Data Retention

8. Data Security

9. Your Rights

Under UK GDPR, you have the right to:

To exercise any of these rights, email team@certly.co.uk. We will respond within 30 days.

10. Children

Certly is designed for professional electricians and is not intended for individuals under 16. We do not knowingly collect data from children.

11. Changes to This Policy

We may update this policy to reflect changes in our practices or legal requirements. Material changes will be communicated via in-app notification or email. The "last updated" date at the top of this page will always reflect the most recent revision.

12. Complaints

If you are unsatisfied with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO).

13. Contact Us

For any privacy-related questions or requests:
Email: team@certly.co.uk
Data Controller: Certly Ltd