top of page

Privacy Policy

Certi

PRIVACY POLICY

Revised 16 December 2025

Thank you for using Certi!

​

Any participation in our Services or Products will constitute acceptance of this policy. If you do not agree to this policy, do not use the Certi website or our Services and Products.

​

Thank you for using Certi. This Privacy Policy explains how Certi, Inc. (“Certi,” “we,” “us,” or “our”) collects, uses, discloses, and safeguards information in connection with our website, Services, and Products (collectively, the “Services”).

​

By accessing or using any Certi Service or Product, you acknowledge that you have read, understood, and agree to this Privacy Policy. If you do not agree, do not use the Services or Products.

1. Scope and Role of Certi

Certi provides a software platform designed to assist organizations with documentation, recordkeeping, and administrative workflows related to workplace safety and compliance.

For information submitted to the platform by organizations about their employees, contractors, or facilities, Certi acts solely as a service provider / data processor on behalf of the client organization. Client organizations remain the data owners and controllers of such information and are responsible for providing any required notices and obtaining any required consents from their personnel.

​

Certi is not the employer, operator, supervisor, or compliance authority for any organization or facility.

​

2. Information We Collect

A. Information You Provide Voluntarily

We may collect information you voluntarily provide, including but not limited to:

  • Name, email address, phone number

  • Organization and facility information

  • Account credentials

  • Billing and payment information (processed through third-party payment processors)

  • Files, documents, logs, attestations, and training records uploaded to the platform

B. Employee and Workforce Information

Client organizations may upload limited workforce-related information (such as employee names, identifiers, training acknowledgments, and compliance records). This information is provided at the discretion and responsibility of the client organization.

C. Automatically Collected Information

When you access our website or Services, we may automatically collect:

  • IP address

  • Browser type

  • Device information

  • Usage data

  • Log data and diagnostic information

  • ​

3. Use of Information

We use information collected to:

  • Provide, operate, and maintain the Services

  • Manage accounts and subscriptions

  • Process billing and payments

  • Provide customer support

  • Improve and develop functionality

  • Monitor system performance and security

  • Comply with legal and contractual obligations

Certi does not use customer data to provide legal, regulatory, safety, or professional advice.

​

4. Sensitive Information Prohibited

Certi Services and Products are not designed for the storage or processing of sensitive personal information, including but not limited to:

  • Protected health information (PHI)

  • Medical records

  • Social Security numbers

  • Banking or financial account numbers

  • Payment card data (outside of approved payment processors)

You agree not to upload or store such information on the platform.

​

5. Disclosure of Information

We may disclose information:

  • To service providers and subprocessors who support our operations (e.g., hosting, analytics, billing, file viewing)

  • As required by law, regulation, or legal process

  • To enforce our Terms of Service

  • In connection with a merger, acquisition, or sale of assets

Certi does not sell personal information.

​

6. Third-Party Services and Integrations

Certi uses third-party services, including but not limited to:

  • Microsoft software for uploaded file types.
    Users are responsible for reviewing Microsoft’s privacy policy:
    https://privacy.microsoft.com/en-us/privacystatement

  • Google Analytics to analyze website usage.
    Google may collect and process information as described in its privacy policy:
    https://policies.google.com/privacy

  • Certi uses Stripe, Inc. and its affiliates (“Stripe”) as a third-party payment processor to process subscription fees and other payments. When you provide payment information, such as credit card or billing details, that information is collected and processed directly by Stripe and is subject to Stripe’s privacy policy and terms of service. Certi does not store full payment card numbers or sensitive payment authentication data on its systems. Certi receives limited information from Stripe related to payment status, billing details, and transaction identifiers necessary to manage subscriptions, billing, and customer support.

  • Stripe’s privacy practices are governed by its privacy policy, which can be found at:
    https://stripe.com/privacy

  • Certi is not responsible for Stripe’s privacy or security practices.

Certi is not responsible for the privacy practices of third-party services.

​

7. Cookies and Tracking Technologies

Certi uses cookies and similar technologies to:

  • Improve user experience

  • Analyze website traffic

  • Support platform functionality

You may control cookies through your browser settings. Disabling cookies may affect functionality.

​

8. Data Security

Certi employs commercially reasonable administrative, technical, and physical safeguards designed to protect information. However, no system is completely secure, and Certi does not guarantee the security, integrity, or availability of data.

To the fullest extent permitted by law, Certi disclaims liability for unauthorized access, data loss, or security incidents except where required by applicable law.

​

9. Data Retention

Certi does not guarantee retention, archival, or availability of data beyond an active subscription period. Upon termination or expiration of Services, Certi may delete or restrict access to data in accordance with internal retention policies.

Client organizations are solely responsible for maintaining independent copies of records required for regulatory, legal, or operational purposes.

​

10. Email Communications

We may contact you regarding:

  • Account activity

  • Service updates

  • Administrative notices

  • Promotions or product updates

You may opt out of promotional communications at any time.

​

11. Children’s Privacy

Certi Services are not intended for individuals under the age of 13. We do not knowingly collect personal information from children.

​

12. Privacy Policy Changes

We may update this Privacy Policy from time to time. Changes will be posted on this page. Continued use of the Services constitutes acceptance of the revised policy.

​

If you have questions about this Privacy Policy or Certi’s data practices, please contact us through our contact page.

bottom of page