You are here: / Privacy Policy

Privacy Policy

Updated: 15.01.2026

Introduction

We understand that your privacy is important to you and that you care about how your personal data is used.

We respect and value the privacy of everyone who visits this website and will only collect and use personal data in ways that are described in this Privacy Policy, and in a way that is consistent with our obligations and your rights under the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR).

Please read this Privacy Policy carefully and ensure that you understand it. Your acceptance of this Privacy Policy is deemed to occur upon your first use of our website (the “Site”). If you do not accept and agree with this Privacy Policy, you must stop using our Site immediately.

Definitions and Interpretation

In this Policy, the following terms shall have the following meanings:

  • “Account” means an account required to access and/or use certain areas and features of our Site.
  • “Cookie” means a small text file placed on your computer or device by our Site when you visit certain parts of the Site and/or when you use certain features of the Site.
  • “Cookie Law” means the relevant parts of the Privacy and Electronic Communications (EC Directive) Regulations 2003.
  • “Personal Data” has the meaning given in Article 4 of the UK GDPR.

Information About Us

This Site is owned and operated by Simply Certification, a private limited company registered in England and Wales.

  • Registered office: Quay Corner, Church Bank, Jarrow, Tyne and Wear, NE32 3HH
  • Company number: 12765939
  • Data Controller: Simply Certification
  • Email address: hello@simplycertification.co.uk

What Does This Policy Cover?

This Privacy Policy applies only to your use of our Site.

Our Site may contain links to other websites. Please note that we have no control over how your data is collected, stored, or used by other websites. We advise you to check the privacy policies of any such websites before providing any personal data to them.

What Is Personal Data?

Personal data is defined by the UK GDPR as any information relating to an identifiable individual who can be directly or indirectly identified.

This includes obvious information such as your name and contact details, as well as less obvious information such as identification numbers, online identifiers, IP addresses, and location data.

Your Rights Under Data Protection Law

Under the UK GDPR, you have the following rights:

  • The right to be informed about how we collect and use your personal data.
  • The right of access to the personal data we hold about you.
  • The right to rectification of inaccurate or incomplete personal data.
  • The right to erasure (the “right to be forgotten”).
  • The right to restrict the processing of your personal data.
  • The right to object to the processing of your personal data.
  • The right to data portability.
  • Rights relating to automated decision-making and profiling.

We do not use your personal data for automated decision-making or profiling.

To exercise any of these rights, please contact us using the details provided below.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.

What Personal Data Do We Collect?

Depending on your use of our Site, we may collect the following personal data:

  • Name
  • Postal address
  • Email address
  • Telephone number
  • Business name
  • Job title
  • Information about your preferences and interests
  • IP address
  • Web browser type and version
  • Operating system

How Do We Use Your Personal Data?

Under the UK GDPR, we must have a lawful basis for processing your personal data. We rely on one or more of the following lawful bases:

  • Contract: where processing is necessary to perform a contract with you or to take steps at your request before entering into a contract.
  • Consent: where you have given clear consent for us to process your personal data for a specific purpose.
  • Legitimate interests: where processing is necessary for our legitimate business interests and those interests do not override your fundamental rights and freedoms.
  • Legal obligation: where we are required to process personal data to comply with the law.

We use your personal data for the following purposes:

  • Providing and managing your Account.
  • Providing and managing access to our Site.
  • Supplying our services to you.
  • Communicating with you, including responding to enquiries.
  • Personalising and tailoring your experience on our Site and our services.
  • Sending marketing communications where you have opted in or where permitted by law.
  • Analysing use of our Site to improve performance and user experience.

You may withdraw your consent to marketing at any time by using the unsubscribe links provided or by contacting us directly.

How Long Do We Keep Your Personal Data?

We will retain your personal data only for as long as is necessary to fulfil the purposes for which it was collected, including for legal, regulatory, accounting, or reporting requirements.

Retention periods are reviewed regularly, and data is securely deleted or anonymised when no longer required.

How and Where Do We Store Your Personal Data?

our personal data is primarily stored and processed within the United Kingdom.

However, in order to operate our business and deliver our services, personal data may be transferred to, stored in, or accessed from locations outside the UK, including countries outside the European Economic Area (EEA).

Where personal data is transferred internationally, we ensure that appropriate safeguards are in place to protect your personal data, including one or more of the following, as required by UK data protection law:

  • Transfers to countries that have been deemed to provide an adequate level of protection;
  • The use of approved standard contractual clauses;
  • Binding contractual obligations on recipients to protect personal data to UK GDPR standards; and
  • Other lawful transfer mechanisms permitted under applicable data protection legislation.

We take appropriate technical and organisational measures to protect personal data wherever it is processed against unauthorised access, loss, misuse, alteration, or disclosure.

Do We Share Your Personal Data?

We do not sell your personal data.

We may share your personal data with trusted third parties where this is necessary for the operation of our business, the delivery of our services, or to meet legal and regulatory requirements. This may include:

  • Industry-approved financial protection providers and brokers;
  • Insurance providers and intermediaries;
  • Certification bodies, competent person schemes, consumer codes, and regulatory or oversight bodies;
  • IT service providers, hosting providers, and marketing platforms;
  • Professional advisers such as accountants, auditors, and legal advisers;
  • Fraud prevention, identity verification, and credit reference agencies, where appropriate;
  • Regulatory bodies such as UKAS
  • Scheme providers such as MCS
  • Regulatory authorities, law enforcement agencies, or courts where we are legally obliged to do so.

We have contracts in place with all third parties to whom we provide personal data. These third parties are required to:

  • Process personal data only on our documented instructions;
  • Implement appropriate technical and organisational security measures; and
  • Comply with all applicable data protection legislation.

In the event of a merger, sale, restructuring, or transfer of our business or assets, personal data may be shared with relevant third parties and their professional advisers, subject to confidentiality and data protection safeguards.

Where permitted by law, we will notify you of any legally required disclosure of your personal data.

How Can You Control Your Personal Data?

You may restrict or object to our use of your personal data in certain circumstances, including for direct marketing.

You can opt out of marketing communications at any time by:

  • Using the unsubscribe links in our emails; or
  • Contacting us directly.

Can You Withhold Information?

You may browse our Site without providing personal data. However, certain features or services may require you to provide personal data. You may also restrict the use of Cookies via your browser settings.

How Can You Access Your Personal Data?

You may request access to the personal data we hold about you by making a written subject access request.

There is usually no fee for such requests. However, we may charge a reasonable fee or refuse a request if it is manifestly unfounded or excessive, in accordance with data protection law.

Cookies

Our Site uses first-party and third-party Cookies and similar technologies to ensure it functions correctly, to analyse website traffic, and to support marketing activities.

Types of Cookies We Use

  • Strictly necessary Cookies: These Cookies are essential to enable core website functionality such as security and accessibility. They do not require your consent under Cookie Law.
  • Analytics Cookies: These Cookies help us understand how visitors interact with our Site so we can improve performance and usability. These Cookies will only be placed with your consent.
  • Marketing Cookies: These Cookies may be used to deliver relevant marketing communications and to measure the effectiveness of our campaigns. These Cookies will only be placed with your consent.

When you first visit our Site, you will be presented with a Cookie banner that allows you to:

  • Accept all Cookies;
  • Reject non-essential Cookies; or
  • Manage your Cookie preferences.

You may change or withdraw your Cookie consent at any time via the Cookie settings link on our Site.

You may also manage or delete Cookies through your browser settings. Please note that disabling certain Cookies may affect the functionality of our Site.

Contact Details

If you have any questions about this Privacy Policy, your personal data, or your rights, please contact us:

We are registered with the Information Commissioner’s Office (ICO) under registration number ZB227452.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection matters.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, regulation, or our business practices. Any updates will be published on our Site, and continued use of the Site will be deemed acceptance of the revised Privacy Policy.

Latest news