Privacy policy

Data protection 
Certiff is delighted that you are interested in our website. On the outset, protecting your privacy is very important to us. We are committed to protecting your data and ensuring compliance with applicable data protection laws such as the General Data Protection Regulation (GDPR), and this Privacy Policy. Below we inform you in detail about the handling of your data. This Privacy Policy provides an overview of the data collected by Certiff B.V. and how your personal information is handled when you visit our website.  

When you browse our website, certain data may be collected and analysed, primarily through cookies, analytics tools, and third-party services. This analysis is conducted anonymously, meaning it cannot be traced back to you. However, you have the option to opt out of this analysis or prevent it by adjusting your settings to disable specific tools. For more details, please refer to the guidelines outlined in this Privacy Policy. 

 

  1. About the Collection of Personal Data
    As mentioned above, you can visit our website without providing any personal information. Each time a website is called up, the web server automatically saves a so-called server log file, which may contain the name of the requested file, your IP address, date and time of the call, the amount of data transferred and the requesting provider (access data) and documents the call. This access data is evaluated exclusively for the purpose of ensuring trouble-free operation of the site and improving our offer. This serves to protect our overriding legitimate interests in a correct presentation of our offer in accordance with Article 6 of the GDPR. Certiff B.V. processes and stores your personal data as long as this is necessary for its contractual or legal obligations, or as long as we have your consent. 

 

1.1 Special and sensitive personal data 

Our website and services are not intended to collect personal data from visitors under the age of 16 unless they have parental or guardian consent. However, we are unable to verify the age of our visitors. Therefore, we encourage parents to actively monitor their children’s online activities to prevent the collection of personal data without proper consent. 

If you believe that we have inadvertently collected data from a minor without parental approval, please contact us at info@certiff.com, and we will promptly remove the information. 

1.2 As a controller and processor of personal data 

As the data controller, we process personal data only for our Users—this includes clients who create an Account and individuals who visit our website, such as those who use our chat or other contact forms. 

Additionally, within Certiff. B.V., we handle other personal data processing activities, particularly involving the personal data of Recipients. In these cases, we act as a data processor, while the respective User serves as the data controller. This means the User is responsible for collecting and processing the data in compliance with applicable laws, including fulfilling any disclosure obligations toward the Recipients. 

 

 1.3.  Hosting 
The services for hosting and displaying the website are partly provided by our service providers as part of processing on our behalf. Unless otherwise stated in the present data protection declaration, all access data and all data collected in the forms provided on this website are processed on their servers. If you have any questions about our service providers and the basis of our cooperation with them, please use the contact option described in this data protection declaration. Our service providers are located in Germany and are governed by state and European law, including the GDPR. 

 

 1.2. Content Delivery Network 
For the purpose of a shorter loading time, we use a so-called Content Delivery Network (CDN) for some offers. With this service, content, such as large media files, is delivered via regionally distributed servers from external CDN service providers. Access data is therefore processed on the servers of the service providers. Our service providers work for us within the framework of order processing. If you have any questions about our service providers and the basis of our cooperation with you, please use the contact option described in this data protection declaration. Our service providers are located in Germany and The Netherlands and are subject to state and European law, including the GDPR.  

 

  1. Data processing for contact and customer communication contact
    We collect personal data when you contact us for example via our contact form or e-mail. Mandatory fields are marked as such, since in these cases we need the data to process your inquiry, and in order to contact you back. Which data is collected can be seen from the respective input forms. We use the data you provide to process your inquiries in accordance with the GDPR.  

After your customer request has been fully processed, your data will be restricted for further processing and deleted after the tax and commercial retention periods in accordance with Article 6 of the GDPR, unless you expressly consent to further process your data beyond its initial purpose in accordance with Article 7 of the GDPR. If you have given your consent for the processing of your personal data, you may revoke it at any time.  

 

  1. 3.  Cookies and Other Technologies

 3.1. General Information 
In order to make visiting our website attractive and to enable the use of certain functions, we use technologies including so-called cookies on various pages. Cookies are small text files that are automatically saved on your end device. Some of the cookies we use are deleted after the end of the browser session, i.e. after closing your browser (so-called session cookies). Other cookies remain on your end device and enable us to recognize your browser on your next visit (persistent cookies). 

Protection of privacy on end devices 
When you use our online services, we may employ certain technologies that are essential for delivering the service you have explicitly requested. These technologies may involve storing or accessing information on your device (such as cookies or other data storage methods). 

For functions that are not necessary, the storage of information on your device or the access to information that is already stored on your device requires your consent. We would like to point out that if you do not give your consent, parts of the website may not be fully usable. Any consent you may have given will remain in effect until you adjust or reset the respective settings in your device.  

 

3.2.  Any downstream data processing using cookies and other technologies 
We use technologies that are essential for the use of certain functions of our website (e.g. preference settings of the website). These technologies collect and process the IP address, time of visit, device and browser information, and information about your use of our website (e.g. information about your preferences). Within the framework of a weighing of interests, this serves overriding interest in an optimized presentation of our offer. 

In addition, we use technologies to fulfil the legal obligations to which we are subject as for instance to be able to prove consent to the processing of your personal data, as well as for web analysis and online marketing. Further information on this, including the respective legal basis for data processing, can be found in the following sections of this data protection declaration. 

 

3.3.  Use of the “Cookie Notice & Compliance for GDPR / CCPA” Consent Manager tool to manage consents 
We use a Consent Manager Tool on our website to provide you with detailed information about the cookies and other technologies we use. This tool allows us to obtain, manage, and process your consent when required for the processing of your personal data. 

Under Article 6 of the GDPR, this is necessary to fulfil our legal obligation, and under Article 7(1) GDPR, which requires us to document and prove that we have obtained your consent for processing personal data. 

The Consent Manager Tool we use, “Cookie Notice & Compliance for GDPR / CCPA”, is provided by Hu-manity.co. When you submit your cookie preferences on our website, our web server stores the following information: 

  • Your IP address 
  • Date and time of your consent 
  • Browser details and language settings 
  • The URL from which the consent was given 
  • Your consent choices 

In addition, we use technologies to fulfil the legal obligations to which we are subject (e.g. to be able to prove consent to the processing of your personal data) as well as for web analysis and online marketing. For further information on this subject, please contact us on the provided contact information by the end of this Privacy Policy. 

 

  1. Use of cookies and other technologies for web analysis and advertising purposes
    If you have given your consent to this in accordance with the GDPR, we use the following cookies and other third-party technologies on our website. After the end of the use of the respective technology by us, the data collected in this context will be deleted. You can revoke your consent at any time. You can find more information about your revocation options in the “Cookies and other technologies” section. See each technology for more information, including how we work with each vendor. If you have any questions about the providers and the basis of our cooperation with them, please contact us on the provided contact information by the end of this Privacy Policy. 

4.1. Use of Google services for web analysis and advertising purposes 
We use technologies from Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland (Google). The information automatically collected by Google technologies about your use of our website is usually transferred to a server of Google LLC, 1600 Amphitheatre Parkway Mountain View, CA 94043, USA and stored there. The European Commission has not issued an adequacy decision for the USA. Our cooperation with them is based on standard data protection clauses of the European Commission. If your IP address is collected via Google technologies, it will be shortened before it is stored on Google’s servers by activating IP anonymization. Only in exceptional cases will the full IP address be sent to a Google server and shortened there. Unless otherwise specified for the individual technologies, data processing takes place on the basis of an agreement concluded between the parties and in accordance with Art. 26 of the GDPR. Further information about data processing by Google can be found in the Google privacy notices. 

 4.2. Google Maps 
For the visual representation of geographic information, Google Maps collects data about your use of the Maps functions, in particular the IP address and location data, transmits it to Google and then processes it. We have no influence on this subsequent data processing. 

4.3. Other providers of web analytic and online marketing services 
We use the tracking and analysis tool from RankMath . In accordance with Article 6 Paragraph 1 Clause 1 Letter f GDPR, this serves to protect our legitimate interests within the framework of a balancing of interests, namely the purposes of a statistical evaluation of your user behavior on our website and to ensure a needs-based, user-friendly design and continuous optimization of our Offers. 

 

  1. Your rights as a data subject

Under the General Data Protection Regulation (GDPR), individuals referred to as data subjects are granted several rights concerning the processing of their personal data. Certain restrictions apply to these rights varying to the circumstances, for instance due to legal obligations, we may be obliged to keep your data, subsequently you would not be able to exercise your right to erasure. We are committed to protecting your privacy and if necessary, you can file a complaint with us. You can also file a complaint with the supervisory authority of your usual place of residence or work or our company headquarters.   

5.1 Your rights as a data subject are the following: 

  • The right to access (Article 15 GDPR) 

The right to request information about your personal data processed by us. 

  • The right to be forgotten (Article 17 GDPR) 

You may have the right to request erasure of your personal data. 

  • The right to rectification (Article 16, GDPR) 

you have the right to request the correction or rectification of your personal data stored by us. 

  • Right to restriction of processing (Article 18 GDPR) 

You have the right to request the temporary limitation of the processing of your personal data in certain circumstances 

  • Right of objection to the processing (Article 21 GDPR) 

You have the right to oppose the processing of your personal data in certain situations 

  • Right to portability (Article 20 GDPR) 

You have the right to receive your personal data in a structured, commonly used, and machine-readable format and transfer it to another controller. 

 

5.2 Contact Options 
If you have any questions about the collection, processing or use of your personal data, information, correction, restriction or deletion of data, as well as revocation of consent given or objection to a specific use of data, please contact us directly using the contact details below. 

 

  1. Changes 

This Privacy Statement may be updated to reflect relevant developments. In the event of significant changes, we will notify you through email, or on our website. The most current version of the Privacy Statement will always be available on this page, along with the date of the latest update. 

Imprint

Certiff B.V.

Mail: info@certiff.com

The European Commission provides a platform for online dispute resolution (OS), which you can find here https://ec.europa.eu/consumers/odr/

We are neither obliged nor willing to participate in a dispute settlement procedure before a consumer arbitration board.

en_GBEnglish (UK)
nl_NLNederlands en_GBEnglish (UK)