Get Started

Privacy Policy

ISO Certified
Effective Date: 09/10/2025
Last Updated: 09/10/2025

Introduction

ISO Certified (“we,” “us,” “our,” or “Company”) is committed to protecting the privacy and security of personal information. This Privacy Policy explains how we collect, use, store, and protect information when you visit our website (www.isocertified.in) or engage our ISO certification consulting services.

This policy applies to all personal information we collect through our website, email communications, phone interactions, and during service delivery.

By using our website or services, you consent to the collection and use of information as described in this Privacy Policy. If you do not agree with this policy, please do not use our website or services.

1. Information We Collect

1.1 Information You Provide Directly

We collect information that you voluntarily provide when you:

Contact Forms and Inquiries:

  • Full name
  • Organization name
  • Job title and position
  • Email address
  • Phone number
  • Country and location
  • Industry sector
  • Nature of inquiry or service interest

Service Engagement:

  • Business registration information
  • Financial information for billing
  • Technical and operational information about your organization
  • Documentation and records related to certification projects
  • Employee contact information for project coordination

Newsletter Subscription:

  • Email address
  • Name (optional)
  • Organization (optional)
  • Areas of interest

Account Registration (if applicable):

  • Username and password
  • Profile information
  • Communication preferences

1.2 Information Collected Automatically

When you visit our website, we automatically collect:

Technical Information:

  • IP address
  • Browser type and version
  • Operating system
  • Device information
  • Referring website
  • Pages visited and time spent
  • Click patterns and navigation paths

Cookies and Tracking Technologies: We use cookies and similar technologies to enhance website functionality and user experience. See Section 7 for detailed information about cookies.

1.3 Information from Third Parties

We may receive information from:

  • Business partners and referral sources
  • Public databases and registries
  • Professional networks and industry associations
  • Certification bodies (with your consent)

2. How We Use Your Information

2.1 Service Delivery

We use your information to:

  • Respond to inquiries about our services
  • Provide ISO certification consulting services
  • Develop and implement management systems
  • Coordinate with certification bodies
  • Communicate project updates and deliverables
  • Provide technical support and guidance
  • Schedule meetings and consultations

2.2 Business Operations

We use information for:

  • Processing payments and invoicing
  • Managing client relationships
  • Improving service quality
  • Conducting market research and analysis
  • Developing new services and offerings
  • Internal record keeping and reporting

2.3 Marketing and Communications

With your consent, we use information to:

  • Send newsletters and updates about ISO standards
  • Provide information about our services
  • Share industry insights and best practices
  • Announce new offerings or promotions
  • Invite you to webinars or events

You can opt-out of marketing communications at any time using unsubscribe links or by contacting us directly.

2.4 Legal and Compliance

We process information to:

  • Comply with legal obligations
  • Enforce our Terms and Conditions
  • Protect our rights and property
  • Prevent fraud and security threats
  • Respond to legal requests and court orders

3. Legal Basis for Processing (GDPR Compliance)

For users in the European Union, we process personal information based on:

Consent: When you provide explicit consent for specific processing activities (e.g., newsletter subscription, marketing communications)

Contract Performance: When processing is necessary to deliver services you have engaged us to provide

Legitimate Interests: When we have legitimate business interests (e.g., improving services, fraud prevention) that do not override your privacy rights

Legal Obligation: When we must process information to comply with legal requirements

4. Information Sharing and Disclosure

4.1 Service Providers

We share information with trusted third-party service providers who assist with:

  • Website hosting and maintenance
  • Email delivery and marketing platforms
  • Payment processing
  • Cloud storage and data management
  • Analytics and performance monitoring

Service providers are contractually obligated to protect your information and use it only for specified purposes.

4.2 Certification Bodies

With your consent, we share relevant information with accredited certification bodies for:

  • Certification audit coordination
  • Certificate issuance and maintenance
  • Compliance verification

4.3 Business Transfers

If we undergo merger, acquisition, reorganization, or sale of assets, your information may be transferred to the acquiring entity. We will notify you of such changes and any impact on your privacy rights.

4.4 Legal Requirements

We may disclose information when required by law or when we believe disclosure is necessary to:

  • Comply with legal process or government requests
  • Enforce our Terms and Conditions
  • Protect rights, property, or safety of our company, clients, or others
  • Investigate fraud or security issues

4.5 With Your Consent

We may share information with other parties when you provide explicit consent for such sharing.

5. International Data Transfers

ISO Certified operates internationally and may transfer personal information to countries outside your residence country, including countries that may have different data protection standards.

When we transfer information internationally, we implement appropriate safeguards including:

  • Standard contractual clauses approved by regulatory authorities
  • Adequacy decisions by relevant data protection authorities
  • Your explicit consent where required
  • Other legally approved transfer mechanisms

For European Union users, we ensure that international transfers comply with GDPR requirements and provide adequate protection for your personal information.

6. Data Security

6.1 Security Measures

We implement reasonable technical and organizational security measures to protect personal information, including:

Technical Safeguards:

  • Encryption of data in transit and at rest
  • Secure socket layer (SSL) technology for website
  • Firewall protection
  • Regular security assessments
  • Secure backup systems

Organizational Safeguards:

  • Access controls and authentication
  • Employee training on data protection
  • Confidentiality agreements with staff
  • Regular security policy reviews
  • Incident response procedures

6.2 Security Limitations

While we implement strong security measures, no electronic transmission or storage is completely secure. We cannot guarantee absolute security of information transmitted to or stored by us. You share information at your own risk.

6.3 Data Breach Notification

In the event of a data breach that poses risk to your rights and freedoms, we will notify you and relevant authorities as required by applicable law, typically within 72 hours of becoming aware of the breach.

7. Cookies and Tracking Technologies

7.1 What Are Cookies

Cookies are small text files stored on your device when you visit websites. We use cookies to enhance website functionality and improve user experience.

7.2 Types of Cookies We Use

Essential Cookies: Required for website functionality including security features and access to secure areas. These cannot be disabled.

Performance Cookies: Collect anonymous information about website usage, helping us understand how visitors interact with our site and identify areas for improvement.

Functionality Cookies: Remember your preferences and choices (e.g., language settings) to provide enhanced, personalized features.

Marketing Cookies: Track your browsing behavior to deliver relevant advertisements and marketing messages. These require your consent.

7.3 Third-Party Cookies

We may use third-party analytics services (e.g., Google Analytics) that set cookies to help us understand website traffic and usage patterns. These services have their own privacy policies.

7.4 Cookie Management

You can control cookies through your browser settings. Most browsers allow you to:

  • View cookies stored on your device
  • Delete cookies
  • Block cookies from specific websites
  • Block all cookies

Note that blocking essential cookies may affect website functionality.

8. Your Privacy Rights

8.1 Rights for All Users

You have the right to:

  • Access information we hold about you
  • Request corrections to inaccurate information
  • Request deletion of your information (subject to legal obligations)
  • Opt-out of marketing communications
  • Withdraw consent for specific processing activities

8.2 Additional Rights for EU Users (GDPR)

If you are in the European Union, you have additional rights:

Right to Access: Obtain confirmation of whether we process your personal data and receive a copy

Right to Rectification: Request correction of inaccurate or incomplete personal data

Right to Erasure (“Right to be Forgotten”): Request deletion of personal data in certain circumstances

Right to Restrict Processing: Request limitation of processing in specific situations

Right to Data Portability: Receive your personal data in structured, machine-readable format

Right to Object: Object to processing based on legitimate interests or for direct marketing

Right to Withdraw Consent: Withdraw consent at any time (without affecting prior processing)

Right to Lodge Complaint: File complaint with supervisory authority if you believe your rights have been violated

We will respond to requests within 30 days (or as required by applicable law). We may require verification of your identity before fulfilling requests.

9. Data Retention

9.1 Retention Periods

We retain personal information for as long as necessary to:

  • Provide services you have requested
  • Comply with legal obligations
  • Resolve disputes and enforce agreements
  • Maintain business records

Client Information: Retained for duration of service engagement plus 7 years for legal and tax purposes

Marketing Information: Retained until you unsubscribe or request deletion

Website Analytics: Typically retained for 26 months

Financial Records: Retained for 7 years or as required by law

9.2 Deletion

When retention periods expire, we securely delete or anonymize personal information. You may request earlier deletion by contacting us, subject to legal obligations requiring retention.

10. Children’s Privacy

Our services are designed for business-to-business purposes and not intended for individuals under 18 years of age. We do not knowingly collect information from children. If we become aware of information collected from children, we will delete it promptly.

11. Third-Party Websites

Our website may contain links to third-party websites. We are not responsible for privacy practices of external websites. We encourage you to review privacy policies of any third-party sites you visit.

12. Newsletter and Email Communications

12.1 Subscription

When you subscribe to our newsletter, we collect your email address and any optional information you provide. We use this information solely to send newsletters and updates about ISO standards and certification.

12.2 Unsubscribe

Every marketing email includes an unsubscribe link. You may also unsubscribe by:

  • Clicking unsubscribe links in emails
  • Contacting us at [Your Email]
  • Updating preferences in your account (if applicable)

We will process unsubscribe requests within 10 business days. Note that transactional emails related to services you have engaged remain unaffected by marketing unsubscriptions.

13. Updates to Privacy Policy

We may update this Privacy Policy periodically to reflect:

  • Changes in our practices
  • Legal or regulatory requirements
  • New services or features
  • Feedback from users

13.1 Notification of Changes

Material changes will be communicated through:

  • Prominent notice on our website
  • Email notification to registered users
  • Updated “Last Updated” date at the top of this policy

13.2 Continued Use

Continued use of our website or services after changes constitutes acceptance of the updated Privacy Policy. If you do not agree with changes, please discontinue use and contact us about deleting your information.

14. Contact Information

14.1 Privacy Questions

For questions about this Privacy Policy or our privacy practices, contact:

+91 70207 58471

14.2 Data Protection Officer (if applicable)

If required by law, our designated Data Protection Officer can be reached at:
Email: %%content%%

14.3 Supervisory Authority (EU Users)

EU residents may contact their local data protection authority with privacy concerns. A list of EU data protection authorities is available at: https://edpb.europa.eu/about-edpb/board/members_en

15. Specific Processing Activities

15.1 Client Portal (if applicable)

If we provide a client portal:

  • Login credentials are encrypted
  • Sessions timeout after inactivity
  • Access logs are maintained
  • Multi-factor authentication may be available

15.2 Payment Processing

We use secure third-party payment processors. We do not store complete credit card information on our servers. Payment processors have their own privacy policies and security measures.

15.3 Video Conferencing

When we use video conferencing for consultations:

  • Sessions may be recorded with your consent
  • Recordings are stored securely
  • Access is limited to authorized personnel
  • Recordings are deleted per retention schedule

15.4 Document Sharing

When sharing documents:

  • Secure file transfer systems are used
  • Access is password-protected when appropriate
  • Shared documents are tracked
  • Access can be revoked when necessary

16. Your Responsibilities

To protect your information:

  • Keep login credentials confidential
  • Use strong, unique passwords
  • Log out of secure areas after use
  • Report suspected security breaches promptly
  • Keep contact information current
  • Review account activity regularly

17. Consent

17.1 Express Consent

We obtain express consent for:

  • Marketing communications
  • Newsletter subscriptions
  • Non-essential cookies
  • Sharing information with third parties (beyond service delivery)
  • Processing sensitive personal information

17.2 Withdrawing Consent

You may withdraw consent at any time by:

  • Using opt-out links in communications
  • Adjusting cookie settings
  • Contacting us directly
  • Updating account preferences

Withdrawal does not affect the lawfulness of processing based on consent before withdrawal.

18. Automated Decision-Making

We do not use automated decision-making or profiling that produces legal effects or similarly significantly affects you. Any automated processing is used only for operational efficiency and does not replace human judgment in important decisions.

19. California Privacy Rights (CCPA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act:

Right to Know: What personal information we collect, use, disclose, and sell

Right to Delete: Request deletion of personal information we have collected

Right to Opt-Out: Opt-out of sale of personal information (Note: We do not sell personal information)

Right to Non-Discrimination: Not be discriminated against for exercising CCPA rights

To exercise these rights, contact us at [Your Email]. We will verify your identity before fulfilling requests.

20. Acknowledgment

By using our website or services, you acknowledge that:

  • You have read and understood this Privacy Policy
  • You consent to collection and processing of information as described
  • You understand your rights regarding personal information
  • You agree to our use of cookies and tracking technologies

Last Updated: 09/10/2025

Effective Date: 09/10/2025

Important Notes for Implementation:

Required Actions:

  1. Insert your effective date and last updated date
  2. Add your contact information (email, phone, address)
  3. Specify your Data Protection Officer if required
  4. Review with legal counsel before publishing
  5. Ensure GDPR compliance if serving EU clients
  6. Implement cookie consent banner on website
  7. Set up systems for handling data subject requests

Legal Compliance: This privacy policy template addresses:

  • GDPR (European Union)
  • CCPA (California)
  • General international privacy standards

Important: This template provides general privacy policy framework. It must be reviewed and customized by qualified legal counsel to ensure compliance with applicable laws in all jurisdictions where you operate and serve clients.

Request A Free Quote

ISO Lead Form