PRIVACY POLICY Last updated: 9 July 2025

This privacy notice for Tradecert Limited ('we', 'us', or 'our') describes how and why we might collect, store, use, and/or share ('process') your information when you use our services ('Services'), such as when you:

• Visit our website at tradecert.app, or any website of ours that links to this privacy notice

• Use our application (Tradecert)

• Engage with us in other related ways, including any sales, marketing, or events

Questions or concerns? Reading this privacy notice will help you understand your privacy rights and choices. If you do not agree with our policies and practices, please do not use our Services. If you still have any questions or concerns, please contact us at privacy@tradecert.app.

SUMMARY OF KEY POINTS This summary provides key points from our privacy notice, but you can find out more details about any of these topics by clicking the link following each key point or by using our table of contents below to find the section you are looking for.

What personal information do we process? When you visit, use, or navigate our Services, we may process personal information depending on how you interact with us and the Services, the choices you make, and the products and features you use.

Do we process any sensitive personal information? We do not process sensitive personal information.

Do we receive any information from third parties? We may receive information from third parties as necessary to provide and improve our Services, including for marketing purposes where you have provided consent.

How do we process your information? We process your information to provide, improve, and administer our Services, communicate with you (including essential service-related communications and, where you have consented, marketing communications), for security and fraud prevention, and to comply with law. We may also process your information for other purposes with your consent.

TABLE OF CONTENTS

1. WHAT INFORMATION DO WE COLLECT?

2. HOW DO WE PROCESS YOUR INFORMATION?

3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

5. HOW DO WE KEEP YOUR INFORMATION SAFE?

6. HOW LONG DO WE KEEP YOUR INFORMATION?

7. DO WE COLLECT INFORMATION FROM MINORS?

8. WHAT ARE YOUR PRIVACY RIGHTS?

9. CONTROLS FOR DO-NOT-TRACK FEATURES

10. DO WE MAKE UPDATES TO THIS NOTICE?

11. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

12. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

13. MARKETING AND OTHER COMMUNICATIONS

1. WHAT INFORMATION DO WE COLLECT?

Personal information you disclose to us In Short: We collect personal information that you provide to us.

We collect personal information that you voluntarily provide to us when you use our Services, including:

• Basic contact information (name, email, phone number)

• Professional information (qualifications, certifications)

• Technical data from submitted certificates and installation documentation

• Images and documentation of electrical installations and distribution boards

• Any other information you choose to provide

All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

Information automatically collected In Short: Some information is collected automatically when you use our Services.

We automatically collect certain information when you visit, use, or navigate the Services. This information may include:

• Device and usage information

• Log and diagnostic data

• Location data (if permitted by your device settings)

• Technical data from your interactions with our Services

This information is primarily needed to maintain the security and operation of our Services, and for our internal analytics and reporting purposes.

2. HOW DO WE PROCESS YOUR INFORMATION?

In Short: We process your information to provide our Services, improve our technology, maintain security, and for communications, including marketing where you have provided consent.

We process your personal information for a variety of reasons, including:

• To provide and maintain our Services

• To develop and train machine learning models

• To analyze and validate electrical certification data

• For research and development of automated certification technologies

• To share with authorized development partners and service providers

• To improve our Services and user experience

• To protect our Services and users

• To comply with legal obligations

• To send you essential service-related communications via email and SMS: We may use your contact information to send you essential service updates, notifications about your account, new features, technical support, and assistance that are necessary for the provision of our Services. These communications are typically not marketing-related and are vital for your continued use of the platform.

• To send you marketing and promotional communications via email and SMS: We and/or our third-party marketing partners may use the personal information you send to us for our marketing purposes, but only where you have provided your explicit consent or where otherwise permitted by law. For example, when expressing an interest in obtaining information about us or our Services, subscribing to marketing or otherwise contacting us, we will collect personal information from you. You can withdraw your consent and opt-out of our marketing emails and SMS at any time (see the "MARKETING AND OTHER COMMUNICATIONS" section below).

3. WHAT LEGAL BASES DO WE RELY ON TO PROCESS YOUR PERSONAL INFORMATION?

In Short: We only process your personal information when we have a valid legal basis to do so.

We may rely on the following legal bases to process your personal information:

• Consent: We may process your information if you have given us clear, specific, and unambiguous permission (consent) to use your personal information for a specific purpose, such as sending you marketing communications via email and SMS. You have the right to withdraw your consent at any time.

• Performance of a Contract: We may process your information when we believe it is necessary to fulfil our contractual obligations to you, including providing our Services or at your request prior to entering into a contract with you. This often applies to essential service-related communications.

• Legal Obligations: We may process your information where we believe it is necessary for compliance with our legal obligations, such as to cooperate with a law enforcement body or regulatory agency, exercise or defend our legal rights, or disclose your information as evidence in litigation in which we are involved.

• Legitimate Interests: We may process your information when we believe it is reasonably necessary to achieve our legitimate business interests and those interests do not outweigh your interests and fundamental rights and freedoms. For example, we may process your personal information for:

  • Developing and improving our Services.

  • Operating our Services effectively.

  • Detecting and preventing fraud.

  • Sending you certain types of non-electronic marketing or electronic marketing to corporate subscribers where a 'soft opt-in' applies and you have not opted out, in compliance with applicable law.

• Vital Interests: We may process your information when we believe it is necessary to protect your vital interests or the vital interests of a third party, such as situations involving potential threats to the safety of any person.

4. WHEN AND WITH WHOM DO WE SHARE YOUR PERSONAL INFORMATION?

We may share your data with third parties in the following situations:

• Vendors, Consultants and Other Third-Party Service Providers. We may share your data with third-party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information to do that work. Examples include: payment processing, data analysis, email delivery, hosting services, customer service and marketing assistance.

• Marketing and Advertising Platforms. We may share certain personal information, such as hashed email addresses or phone numbers, with advertising platforms including Meta (Facebook/Instagram), Google, or similar partners. This is used to create custom audiences or lookalike audiences to help deliver more relevant advertising to people who may be interested in our services. We only share this data when we have a lawful basis to do so, such as your consent or our legitimate interests. You may opt out of this type of processing at any time by contacting us.

• Business Transfers. We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company.

• Legal Obligations. We may disclose your information where we are legally required to do so to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process.

• Protection of Rights. We may disclose your information when we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person, and illegal activities, or as evidence in litigation in which we are involved.

5. HOW DO WE KEEP YOUR INFORMATION SAFE?

In Short: We aim to protect your personal information through security measures.

We have implemented appropriate technical and organizational security measures designed to protect your personal information. However, no electronic transmission over the Internet or information storage technology can be guaranteed to be 100% secure, so we cannot promise or guarantee absolute security.

6. HOW LONG DO WE KEEP YOUR INFORMATION?

In Short: We keep your information for as long as necessary to fulfill the purposes outlined in this privacy notice.

We will retain your personal information for as long as it is necessary for the purposes set out in this privacy notice, unless a longer retention period is required or permitted by law.

7. DO WE COLLECT INFORMATION FROM MINORS?

In Short: We do not knowingly collect data from or market to children under 18 years of age.

By using the Services, you represent that you are at least 18 years of age. We do not knowingly collect personal information from minors.

8. WHAT ARE YOUR PRIVACY RIGHTS?

In Short: You have rights regarding your personal information, depending on your location.

Depending on your location, you may have certain rights regarding your personal information, including:

• Right to access: The right to request copies of your personal information.

• Right to rectification: The right to request that we correct any information you believe is inaccurate or complete information you believe is incomplete.

• Right to erasure: The right to request that we erase your personal information, under certain conditions.

• Right to restrict processing: The right to request that we restrict the processing of your personal information, under certain conditions.

• Right to data portability: The right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

• Right to object: The right to object to our processing of your personal information, under certain conditions, particularly concerning direct marketing.

• Rights related to automated decision-making and profiling: The right to object to decisions based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

To exercise any of these rights, please contact us using the details provided below.

9. CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers and mobile applications include a Do-Not-Track ('DNT') feature. We currently do not respond to DNT browser signals.

10. DO WE MAKE UPDATES TO THIS NOTICE?

In Short: Yes, we will update this notice as necessary.

We will notify you of material changes to this privacy notice by updating the 'Last updated' date. Continued use of the Services after such updates constitutes your acceptance of the changes.

11. HOW CAN YOU CONTACT US ABOUT THIS NOTICE?

If you have questions or comments about this notice, you may contact our Data Protection Officer (DPO), Harvey Appleton, by email at info@tradecert.app, or by post at:

Tradecert Limited Charles Appleton 111-113 High Street Evesham, Worcestershire WR11 4XP England

12. HOW CAN YOU REVIEW, UPDATE, OR DELETE THE DATA WE COLLECT FROM YOU?

Based on the applicable laws of your country, you may have the right to request access to the personal information we collect from you, change that information, or delete it. To request to review, update, or delete your personal information, please email: info@tradecert.app.

13. MARKETING AND OTHER COMMUNICATIONS

In Short: We will communicate with you for service-related matters. We will only send you marketing communications where you have given your explicit consent.

Service-Related Communications: We will use your contact information to send you essential service updates, notifications about your account, new features, technical support, and assistance that are necessary for the provision of our Services. These communications are not marketing-related and are vital for your continued use of the platform. You cannot opt-out of these essential service communications as long as you use our Services.

Marketing Communications: We will only send you marketing and promotional materials via email and/or SMS if you have provided your explicit, affirmative consent to receive such communications. This consent will typically be requested through a clear, unticked checkbox during your account registration, or via dedicated marketing sign-up forms on our website.

You have the right to withdraw your consent for marketing communications at any time. You can opt-out by:

• Clicking the "unsubscribe" link clearly provided at the bottom of any marketing email you receive from us.

• Replying "STOP" to any marketing SMS message you receive from us.

• Contacting us directly at info@tradecert.app.