Privacy Policy
Last updated: 30/04/2026
This Privacy Policy describes how Certin ("Certin", "we", "us", or "our") collects, uses, stores, and protects personal data and customer data when you use our website, platform, and related services (the "Services").
This includes when you visit our website, create an account, communicate with us, or use Certin as part of your organisation's operations.
If you have questions about this Policy or our data practices, contact us at privacy@getcertin.ai.
Summary of key points
- Certin does not sell, rent, or trade personal data or Customer Data.
- We process data to provide and improve the Services, support customers, and meet legal obligations.
- Where we act as a processor, we follow our customers' instructions and applicable agreements.
- We use trusted infrastructure providers and require appropriate safeguards for transfers where applicable.
- You may have rights to access, correct, delete, or object to certain processing, subject to applicable law.
1. What data we collect
1.1 Personal data you provide
We may collect personal data that you provide directly, such as your name, email address, job title, company name, and account credentials, as well as content you submit when you contact us or use the Services.
1.2 Customer and operational data
Depending on how your organisation uses Certin, we may process operational and logistics-related data that your organisation connects to the Services, which may include:
- shipment and logistics data
- identifiers and references used in your workflows
- integration metadata needed to connect systems you authorise
- technical and usage data associated with service performance and reliability
2. How we process data
We process data to operate, secure, and improve the Services; provide customer support; communicate about your account and product updates; troubleshoot issues; and comply with applicable laws. Processing may include storage, organisation, analysis in aggregated or de-identified form where appropriate, and secure transmission between systems you connect.
3. Role in data processing
Depending on the context, Certin acts as:
- a data processor when we process personal data on behalf of our customers and in accordance with their instructions and our agreements; and
- a data controller for certain activities that relate to our own business, such as account administration for our direct relationship with users, marketing communications where permitted, website analytics in line with this Policy, and security and compliance activities that we determine independently.
4. Legal bases for processing
Where GDPR applies, Certin relies on:
- performance of a contract with you or your organisation
- legitimate interests that are not overridden by your interests or fundamental rights (for example, securing the Services and preventing abuse)
- consent, where required for specific processing
- legal obligations
5. Data sharing
Certin does not sell, rent, or trade personal data or Customer Data.
We may share data only:
- with trusted service providers who assist us in operating the Services (for example, hosting, infrastructure, and security tooling), subject to contractual safeguards
- where required by law, regulation, or a valid legal process
- in connection with a business transaction such as a merger or acquisition, subject to appropriate protections
All third parties are contractually required to meet strict data protection standards.
6. Third-party integrations
The Services may integrate with systems such as TMS, WMS, ERP platforms, and other tools your organisation chooses to connect. Those systems are operated by third parties under their own terms and privacy notices.
Where your organisation controls the integration and the data flows, your organisation's instructions and agreements typically govern that processing when Certin acts as a processor.
Certin is not responsible for third-party systems' independent processing, but we design integrations to support secure, permissioned data exchange consistent with the Services' purpose.
7. Data retention
Customer Data is retained for the duration of the service relationship and handled in accordance with applicable agreements.
Personal data is retained only as long as necessary for the purposes described in this Policy, unless a longer retention period is required by law.
When data is no longer required, it is securely deleted or anonymised.
8. Data security
Certin implements appropriate technical and organisational measures, including:
- encryption of data in transit and at rest
- access control mechanisms
- monitoring, logging, and security audits
- secure infrastructure environments
Despite these measures, no system can guarantee absolute security.
9. International data transfers
Where data is transferred outside the European Economic Area (EEA), Certin ensures appropriate safeguards are in place, including Standard Contractual Clauses or equivalent protections.
10. Your rights
Under applicable data protection laws, you have the right to:
- access your personal data
- correct inaccurate data
- request deletion of your data
- restrict or object to processing
- request data portability
- withdraw consent where applicable
Requests can be made at: privacy@getcertin.ai
You also have the right to lodge a complaint with a supervisory authority.
11. Data relating to minors
Certin is designed for business use and does not knowingly collect personal data from individuals under the age of 18.
12. Updates to this policy
We may update this Privacy Policy from time to time. Updates will be published on this page.
Continued use of the Services constitutes acceptance of the updated policy.
13. Contact
For any questions regarding this Privacy Policy: