Try It Free
Try It Free

Last Updated 14th May 2026

This privacy notice for Tradecert Limited ("we", "us", or "our") explains how and why we collect, use, store, and share personal data when you use our services ("Services"), including when you:

• Visit our website at tradecert.app
• Use the Tradecert application
• Contact us, purchase subscriptions, or engage with marketing

If you do not agree with this notice, please do not use our Services.
Questions can be sent to info@tradecert.app.

SUMMARY OF KEY POINTS

• We process personal data to provide electrical certification software and related AI assisted features
• We track equipment and calibration dates to send helpful reminders
• We may share anonymised equipment usage data with manufacturers to improve industry standards
• With your consent, we may share your contact details with selected suppliers
• We may earn affiliate commissions from supplier recommendations
• We use third party AI providers strictly to return requested outputs under contractual safeguards
• We act as both a data controller and a data processor, depending on the data
• If you join or are invited to a company workspace in Tradecert, certain account details, including your name, email address and signature, may be visible to other authorised users within that company workspace for collaboration, account management, certificate creation, signing, review and audit purposes
• Company owners, administrators and users who invite others to a company workspace are responsible for ensuring that they only invite authorised individuals who are entitled to access that company’s workspace and associated user information
• You have rights under UK GDPR, including access, correction, deletion, and the right to lodge a complaint with the ICO

If you redeem a Kewtech promotional code, we will share your registration details with Kewtech Corporation Ltd for the purposes of promotion administration

OUR ROLE UNDER GDPR

Tradecert Limited acts as:

• Data Controller for account data, billing data, analytics, and marketing communications
• Data Processor for certificate data, photos, notes, and installation documentation uploaded by users when we process that data on their behalf

Users remain the data controllers for certificate content relating to their customers.

Where a company workspace is created or managed within Tradecert, the company owner, company administrator, or inviting user is responsible for deciding which individuals should be added to that workspace. Tradecert provides the technical functionality that allows authorised company users to collaborate, view company workspace users, manage certificates and use signing features.

INFORMATION WE COLLECT

Personal information you provide:

• Name, email address, phone number
• Company details and professional credentials
• Subscription and billing information
• Certificate data, installation documentation, notes, and observations
• Images of electrical installations and distribution boards
• Equipment and test instrument details (make, model, serial numbers, calibration dates)
• User signatures uploaded or created within Tradecert for use on certificates, reports and related documents
• Company workspace membership information, including which company workspace you belong to, your role or permissions within that workspace, and other users associated with the same company workspace

Information collected automatically:

• Device and usage data
• Log and diagnostic data
• Approximate location (derived from IP, where enabled)
• Error and crash data including stack traces, device state, and session information (via Sentry)
• Product analytics events and session data (via PostHog)
• Push notification device tokens (via Firebase Cloud Messaging)
• App configuration data retrieved from Firebase Remote Config

HOW WE USE YOUR INFORMATION

We process personal data to:

• Provide and operate the Tradecert application
• Generate and store electrical certificates
• Perform AI assisted extraction, validation, and text generation
• Send essential service communications
• Manage subscriptions and payments
• Improve reliability, performance, and security
• Comply with legal obligations
• Track equipment calibration dates and send reminders
• Provide equipment recommendations and supplier offers (with your consent)
• Share aggregated, anonymised usage data with equipment manufacturers and industry partners
• To monitor application errors and crashes in order to maintain service reliability (Sentry)
• To analyse user behaviour and improve the application experience (PostHog, Firebase Analytics)
• To send push notifications relating to service activity and reminders (Firebase Cloud Messaging)
• Display company workspace users to other authorised users within the same company workspace, including names, email addresses and signatures, so that users can identify colleagues, manage access, collaborate on certificates, review company activity, apply or verify signatures, and maintain certificate records
• Allow company owners, administrators and authorised users to manage users, roles, certificates, signatures and company workspace access

AI ASSISTED PROCESSING

We use third party AI service providers to analyse and interpret uploaded certificates, photos, and notes in order to deliver AI assisted features such as:

We currently use the following AI service providers as data processors:
• Anthropic PBC (Claude API) — United States
• Google LLC (Vertex AI / Gemini API, via Google Cloud Platform) — United States

• Auto populating certificate fields
• Extracting data from distribution board photos
• Generating suggested observation wording

These providers act strictly as data processors under our instruction and are contractually prohibited from:

• Using your data to train or improve their own models
• Retaining your data beyond the processing operation
• Using your data for any purpose other than delivering the requested service

We do not train our own AI models on your data.

Only the minimum data required to deliver the requested AI feature is sent, and it is processed under contractual safeguards including data processing agreements compliant with UK GDPR requirements.

The AI processing does not involve automated decision making that produces legal effects or similarly significantly affects you. All AI generated suggestions remain subject to your review and approval.

EQUIPMENT TRACKING AND CALIBRATION REMINDERS

We track details of your test equipment, including make, model, serial numbers, and calibration due dates, to provide helpful reminders and services.

Calibration reminders:

• We will send you reminders when your equipment calibration is due
• These reminders may include recommended suppliers or affiliate links
• You can opt out of calibration reminders at any time in your account settings

Aggregated equipment data:

• We may share anonymised, aggregated statistics about equipment usage with manufacturers and industry partners
• This data does not identify individual users
• This helps improve product development and industry standards

PROMOTIONAL PARTNERSHIPS

Where you redeem a promotional code issued by one of our hardware partners (such as Kewtech Electronics Ltd), we will share the following information with that partner:

• Your name, email address, and phone number • Your company name and company website • The unique promotional code redeemed • Equipment you have registered on Tradecert

This data is shared for the purposes of promotion administration, fraud prevention, and to allow both parties to understand how the promotion is performing.

This processing is carried out on the basis of legitimate interests. You will be informed at the point of code redemption that this sharing will take place.

To request deletion of data shared under this arrangement, contact support@tradecert.app.

Supplier recommendations:

• With your consent, we may share your contact details with selected equipment suppliers and wholesalers
• This is always opt in and you can withdraw consent at any time
• We may earn affiliate commissions from supplier recommendations

Equipment data is processed on the legal bases of:

• Performance of a contract
• Legitimate interests (for anonymised industry insights)
• Consent (for sharing identifiable contact details with suppliers)

LEGAL BASES FOR PROCESSING

We rely on the following lawful bases under UK GDPR:

• Performance of a contract – for core app functionality, certificates, AI assisted features, and equipment calibration tracking
• Legal obligation – where required by law
• Legitimate interests – for service improvement, fraud prevention, business operations, anonymised industry insights, application error monitoring (Sentry), and product analytics (PostHog and Firebase Analytics). You have the right to object to this processing.
• Consent – for marketing communications, supplier contact sharing, and advertising audiences
• Performance of a contract and legitimate interests – for company workspace functionality, including displaying company workspace users’ names, email addresses and signatures to other authorised users within the same company workspace for collaboration, certificate creation, signing, review, account administration and audit purposes

You may withdraw consent at any time.

LEGITIMATE INTERESTS

Where we rely on legitimate interests, we have assessed that processing is necessary and does not override your rights. This includes:

• Service improvement
• Security and fraud prevention
• Business operations
• Anonymised industry insights
• Calibration reminders
• Providing company workspace functionality, including allowing authorised users within the same company workspace to identify colleagues, view relevant user details, manage access, collaborate on certificates, use signatures, review work and maintain accurate company records
• Helping companies using Tradecert manage their internal users, signing arrangements, certificate workflows and audit records

You have the right to object to this processing by contacting info@tradecert.app.

SHARING YOUR INFORMATION

We share personal data with the following third party service providers, each acting as a data processor under our instruction:

Infrastructure and hosting:
• Google LLC (Firebase: authentication, database, file storage, cloud functions, push notifications, remote configuration, and analytics) — United States

AI processing:
• Anthropic PBC (Claude API) — United States
• Google LLC (Vertex AI / Gemini, via Google Cloud Platform) — United States

Analytics and monitoring:
• PostHog Inc. (product analytics and session tracking) — United States / European Union
• Functional Software Inc. trading as Sentry (error monitoring) — United States

Payments:
• Stripe Inc. (subscription billing and payment processing) — United States

App distribution and build infrastructure:
• 650 Industries Inc. trading as Expo (app build and distribution infrastructure) — United States
• Apple Inc. (App Store distribution) — United States
• Google LLC (Play Store distribution) — United States

We do not sell personal data.

Company workspace sharing

If you join, are invited to, or are added to a company workspace within Tradecert, certain personal data linked to your account may be visible to other authorised users within that same company workspace. This may include your name, email address, role or permissions, and signature.

This visibility is provided to support company collaboration, user identification, certificate preparation, signing, quality control, internal review, account administration, audit trails and record keeping.

Company owners, administrators and users who invite others to a company workspace are responsible for ensuring that invited users are authorised to access that company workspace and the information visible within it.

If you believe you have been added to a company workspace incorrectly, or that another user should not have access to your company workspace, please contact your company administrator or email info@tradecert.app.

INTERNATIONAL DATA TRANSFERS

The majority of our service providers are based in the United States. All transfers of personal data outside the UK are made under one or more of the following safeguards:

• UK approved Standard Contractual Clauses (SCCs) — in place with Google LLC (covering all Firebase and Google Cloud services), Anthropic PBC, PostHog Inc., Functional Software Inc. (Sentry), and Stripe Inc.
• UK adequacy decisions, where applicable.

Copies of applicable Standard Contractual Clauses are available on request by contacting info@tradecert.app.

DATA RETENTION

We retain personal data as follows:

• Account and certificate data: We retain account information, certificates, photos, notes, and related records for as long as your account remains open. Many users rely on long term access to historical certificates, including if they pause or stop using the service temporarily.

• Inactive or unpaid accounts: If your account becomes inactive or you stop paying for the Services, we may continue to retain your data so that it remains available should you return, unless you instruct us to delete it.

• Deletion on request: You may request deletion of your account and associated personal data at any time. Where requested, we will delete or anonymise personal data unless we are legally required to retain it.

• Billing and financial records: Retained for 6 years as required by tax and accounting laws.

• Marketing consent records: Retained for as long as necessary to demonstrate compliance.

• Backups: Retained for up to 90 days for security and recovery purposes, after which they are overwritten or deleted.

• Company workspace user data and signatures: Retained for as long as your account remains open, for as long as you remain associated with a company workspace, or for as long as reasonably required to support certificate records, signing records, audit trails, account administration and legal or regulatory purposes.

MARKETING COMMUNICATIONS

Service communications (cannot be opted out):

• Account notifications and security alerts
• Subscription confirmations and billing notices
• Essential service updates

Calibration reminders (can be opted out):

• Equipment calibration reminders
• May include affiliate links

Marketing communications (opt in only):

• Product updates
• Industry news
• Supplier offers (requires separate consent)

You can manage preferences via account settings, unsubscribe links, SMS replies, or by contacting info@tradecert.app.

COOKIES AND TRACKING TECHNOLOGIES

This section applies to users accessing Tradecert via a web browser.

When you access Tradecert via a web browser, we and our service providers may set cookies or similar persistent identifiers on your device, including:

• PostHog — sets a persistent cookie to identify your session and track product usage for analytics purposes.
• Firebase Analytics — sets identifiers to track application events and usage patterns.

These are used on the lawful basis of legitimate interests in maintaining and improving our service. You may object to this processing at any time by contacting info@tradecert.app.

Advertising & Tracking: If you provide your consent by accepting the App Tracking Transparency prompt, we utilise tracking technologies to measure conversions and deliver relevant advertisements. This includes sharing specific event data with Meta (via the Meta Conversions API) and Google (for Google Ads). We do not sell your personal data to advertising networks.

YOUR PRIVACY RIGHTS

You have the right to:

• Access your data
• Correct inaccuracies
• Request deletion
• Restrict or object to processing
• Request data portability
• Withdraw consent
• Lodge a complaint with the ICO

Requests can be made via info@tradecert.app.

If your data is visible within a company workspace and you have concerns about that access, you may contact us at info@tradecert.app. In some cases, we may need to refer the request to the relevant company owner or administrator where they control access to the company workspace or certificate records.

AUTOMATED DECISION MAKING

We do not use automated decision making that produces legal or similarly significant effects.
AI features provide suggestions only and remain under your control.

SECURITY

We apply appropriate technical and organisational measures including encryption, access controls, and staff training. No system is completely secure.

Company workspace users should only invite authorised individuals to a company workspace and should ensure that access is removed when a user no longer requires access. Users are responsible for keeping their own login credentials secure and for ensuring that signatures and account details are used appropriately within their company workspace.

CHILDREN’S DATA

Tradecert is not intended for users under 18. We do not knowingly collect data from minors.

DATA PROTECTION CONTACT

Email: info@tradecert.app
ICO: ico.org.uk | 0303 123 1113

CHANGES TO THIS NOTICE

We may update this notice from time to time. The “Last updated” date reflects the current version.

CONTACT DETAILS

Tradecert Limited
111-113 High Street
Evesham, Worcestershire
WR11 4XP
England

Company number: 15542281
VAT number: 503816901

PRIVACY POLICY

Tradecert logo
Tradecert logo

Less Paperwork. More Paid work.

Privacy Policy

End User License Agreement

Terms & Conditions

Company Number: 15542281
Registered address: 111-113 High Street, Evesham, WR11 4XP VAT number: 503816901