Sign In
Get Started
Certo EMU Beta Launch: Now open for registration. Learn More

Privacy Policy

Certo Systems, Inc.
Last Updated: April 8, 2025

 

1. Introduction

 

Certo Systems, Inc. (“Certo,” “we,” “us,” or “our”) is committed to protecting your personal information. This Privacy Policy explains what information we collect, how we use it, who we share it with, and your rights regarding your data when you use our platform at certos.io (the “Platform”).

 

This policy applies to all users of the Platform globally. Depending on where you are located, additional rights and protections may apply to you – including rights under the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act (CCPA/CPRA), Canada’s PIPEDA, and other applicable privacy laws.

 

 

2. Information We Collect

 

2a. Information You Provide Directly
Account information: Full name, email address, company name, and phone number when you register for an account
Profile and platform data: Any additional information you choose to provide when using the Platform
Communications: Messages or requests you send to our support or sales team

 

2b. Information Collected Automatically
Usage and analytics data: Pages visited, features used, session duration, clicks, and interactions within the Platform
Device and technical data: IP address, browser type, operating system, and referring URLs
Cookies and similar technologies: See Section 6 for details

 

2c. Payment Information
Payment processing is handled by Stripe, Inc. Certo does not collect or store your payment card details directly. Stripe collects and processes payment information on our behalf in accordance with PCI-DSS standards. Please review Stripe’s Privacy Policy at stripe.com/privacy for details.

 

 

3. How We Use Your Information

 

We use the information we collect to:

– Create and manage your account
– Provide, operate, and improve the Platform
– Process payments and manage billing through Stripe
– Send transactional communications (e.g., account confirmations, invoices, and service updates)
– Respond to your support requests and inquiries
– Analyze usage patterns to improve our products and user experience
– Detect, prevent, and address security incidents or fraudulent activity
– Comply with applicable legal obligations

We do not sell your personal information to third parties.

 

 

4. Legal Bases for Processing (GDPR / UK GDPR)

 

If you are located in the European Economic Area (EEA) or the United Kingdom, we process your personal data under the following legal bases:

Contract: Processing necessary to perform our agreement with you (e.g., providing the Platform)
Legitimate interests: Processing for analytics, security, and Platform improvement, where our interests are not overridden by your rights
Legal obligation: Processing required to comply with applicable laws
Consent: Where we have asked for and received your consent (e.g., marketing communications)

 

 

5. How We Share Your Information

 

We share your personal information only in the following circumstances:

 

Service Providers: We share data with trusted third-party providers who assist us in operating the Platform, subject to confidentiality obligations:

Stripe, Inc. – Payment processing – stripe.com/privacy

Google LLC (Analytics / Tag Manager) – Usage analytics and tag management – policies.google.com/privacy

Amazon Web Services, Inc. –  Cloud infrastructure and data hosting – aws.amazon.com/privacy

 

Legal Requirements: We may disclose your information if required by law, regulation, legal process, or governmental request.

 

Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on our website of any such change.

 

With Your Consent: We may share your information for any other purpose with your explicit consent.

 

 

6. Cookies and Tracking Technologies

 

We use cookies and similar tracking technologies to operate the Platform and collect analytics data. This includes:

Essential cookies: Required for the Platform to function (e.g., session management, authentication)
Analytics cookies: Used by Google Analytics to understand how users interact with the Platform

 

You can control cookie preferences through your browser settings. Disabling certain cookies may affect Platform functionality. For users in the EEA and UK, we will request your consent before placing non-essential cookies.

 

 

7. Data Retention

 

We retain your personal information for as long as your account is active or as needed to provide services. If you close your account, we will delete or anonymize your personal data within a reasonable period, unless we are required to retain it for legal, tax, or compliance purposes.

 

Usage and analytics data may be retained in aggregated and anonymized form indefinitely.

 

8. Data Security

 

We implement industry-standard technical and organizational measures to protect your personal information from unauthorized access, disclosure, alteration, and destruction. These include encrypted data transmission (TLS), access controls, and secure cloud infrastructure through AWS.

 

No method of transmission over the internet is 100% secure. If you believe your account has been compromised, please contact us immediately at privacy@certos.io.

 

 

9. International Data Transfers

 

Certo Systems, Inc. is based in the United States, and your data may be stored and processed in the U.S. or other countries where our service providers operate. If you are located outside the U.S., by using the Platform you acknowledge that your data may be transferred to and processed in countries with different data protection standards than your own.

 

For transfers from the EEA or UK to the U.S., we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) as required by applicable law.

 

 

10. Children’s Privacy

 

The Platform is not directed to individuals under the age of 18, and we do not knowingly collect personal information from minors. If we become aware that a user under 18 has provided us with personal data, we will take steps to delete that information and close the account. If you believe we have inadvertently collected data from a minor, please contact us at privacy@certos.io.

 

 

11. Your Privacy Rights

 

Depending on your location, you may have the following rights regarding your personal data:

 

All users:
– Access or correct your personal information through your account settings or by contacting us
– Request deletion of your account and associated personal data
– Opt out of marketing communications at any time

 

EEA / UK users (GDPR / UK GDPR):
– Right to access, rectification, erasure, restriction of processing, and data portability
– Right to object to processing based on legitimate interests
– Right to withdraw consent at any time (without affecting prior processing)
– Right to lodge a complaint with your local supervisory authority

 

California residents (CCPA/CPRA):
– Right to know what personal information we collect, use, and share
– Right to delete your personal information
– Right to correct inaccurate personal information
– Right to opt out of the sale or sharing of personal information (we do not sell personal information)
– Right to non-discrimination for exercising your privacy rights

 

To exercise any of these rights, please contact us at privacy@certos.io. We will respond within the timeframe required by applicable law (generally 30–45 days).

 

 

12. Third-Party Links

The Platform may contain links to third-party websites or services. This Privacy Policy does not apply to those third-party services, and we encourage you to review their privacy policies before providing them with your information.

 

 

13. Changes to This Policy

 

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the “Last Updated” date above. For significant changes, we may also send notice via email. Your continued use of the Platform after changes take effect constitutes your acceptance of the revised policy.

 

 

14. Contact Us

 

For questions, concerns, or to exercise your privacy rights, please contact:

 

Certo Systems, Inc. — Privacy
215 N Payne St STE 33031
Alexandria, Virginia 22314
privacy@certos.io
certos.io