Effective date: 30 March 2026 — Last updated: 30 March 2026
Certly ("we", "us", "our") is an electrical certification app designed for UK electricians. This policy explains what personal data we collect, how we use it, and your rights under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
The data controller is Certly Ltd. For privacy enquiries, contact us at team@certly.co.uk.
| Purpose | Legal basis (UK GDPR) |
|---|---|
| Providing the Certly service — creating, storing, and generating PDF certificates | Performance of a contract (Art. 6(1)(b)) |
| User authentication and account security | Performance of a contract |
| Sending push notifications (QC updates, certificate status) | Legitimate interest (Art. 6(1)(f)) |
| Crash reporting and bug fixes | Legitimate interest |
| Quality Control (QC) review workflow — sharing certificate data with a reviewer you designate | Performance of a contract |
When you submit a certificate for Quality Control review, the QC reviewer you designate will have access to the complete certificate data, including client details, property information, test results, observations, and your inspector signature. QC reviewers can add review notes and an approval signature. This sharing is initiated by you and only with the reviewer you specify.
| Service | Provider | Purpose | Data processed |
|---|---|---|---|
| Cloud hosting & database | Amazon Web Services (AWS) | Application infrastructure, data storage | All app data |
| Authentication | AWS Cognito | User sign-up, login, password management | Credentials, profile attributes |
| File storage | AWS S3 | Images, PDFs, attachments | Uploaded files |
| Push notifications | Firebase Cloud Messaging | Delivering notifications to your device | FCM device token, notification content |
| Crash reporting | Firebase Crashlytics | Identifying and fixing app errors | Crash data (no personal identifiers) |
We do not sell your data to any third party. We do not use advertising networks or commercial analytics services.
All data is stored in the AWS EU-West-2 (London) region. Firebase services may route data through Google Cloud infrastructure. Where data is transferred outside the UK, it is protected by Standard Contractual Clauses (SCCs) as required by UK GDPR.
Under UK GDPR, you have the right to:
To exercise any of these rights, email team@certly.co.uk. We will respond within 30 days.
Certly is designed for professional electricians and is not intended for individuals under 16. We do not knowingly collect data from children.
We may update this policy to reflect changes in our practices or legal requirements. Material changes will be communicated via in-app notification or email. The "last updated" date at the top of this page will always reflect the most recent revision.
If you are unsatisfied with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO).
For any privacy-related questions or requests:
Email:
team@certly.co.uk
Data Controller: Certly Ltd