Privacy Policy — Certify

Last updated: March 2026

Who we are

Certify is a plant inspection and compliance platform operated by Tom Carter trading as Joule ("we", "us", "our").

Data Controller: Tom Carter
Trading name: Joule
Email: [email protected]
Website: ellevo-certify.com
ICO Registration Number: [PENDING — to be added on registration]

Roles under UK GDPR

Certify is a B2B platform. When your organisation uses Certify to manage inspection records for your workforce:

You (the client organisation) are the Data Controller — you determine what personal data is recorded and why.
We (Joule) are the Data Processor — we process personal data on your behalf, under your instructions.

A Data Processing Agreement (DPA) is available on request and governs how we process data on your behalf. Enterprise clients should request this before onboarding.

What data we collect

Data you enter into Certify

Operative names — entered when creating user profiles
Operator licence numbers — for tower crane operators and licenced plant
Digital signatures — captured during inspection sign-off
Inspection records — equipment checks, pre-use checks, thorough examination records
Photographs — uploaded as part of inspection evidence
Equipment history — linked to named operators and sites

Data collected automatically

Login credentials (email address and hashed password — Phase 1+)
Audit log entries — who accessed or modified records and when
IP address and browser data — for security logging

We do not collect payment card data, sensitive personal data (health, biometrics), or data about individuals under 18.

Why we collect it and our lawful basis

Data	Purpose	Lawful Basis
Operative names, signatures, inspection records	Maintaining LOLER/PUWER compliance records	Legal obligation (LOLER 1998, PUWER 1998)
Operator licence numbers	Verifying operator qualification	Legal obligation + Legitimate interests
Photographs	Inspection evidence	Legitimate interests
Login credentials	Account security and access control	Contract
Audit logs	Security, accountability, legal compliance	Legitimate interests + Legal obligation

How long we keep your data

Data type	Retention period	Reason
Thorough examination records	6 years minimum	LOLER 1998 legal requirement
Daily inspection records	2 years	Industry best practice
User account data	Duration of contract + 1 year	Contract
Audit logs	2 years	Security / accountability
Deleted asset records	2 years (anonymised)	Legal disputes

When your organisation's Certify subscription ends, we will provide a data export and delete all personal data within 90 days, unless a longer retention period is required by law.

Who we share data with

We do not sell personal data. We share it only with:

Hosting provider (DigitalOcean): Data is stored on servers in the UK/EU region. DigitalOcean is contractually bound as a sub-processor.
Email service (Resend): Used to send compliance notifications and alerts. No personal inspection data is included in emails beyond names and asset references.

We will never share personal data with third parties for marketing purposes.

Data security

We protect your data using:

TLS encryption in transit (HTTPS)
Encrypted passwords (never stored in plain text)
Role-based access control (users can only see data relevant to their role)
Security headers on all web responses
Rate limiting to prevent brute-force attacks
Regular security reviews

For enterprise clients seeking Cyber Essentials Plus or ISO 27001 evidence packs, contact [email protected].

Data Processing Agreement (DPA)

Enterprise and government clients requiring a formal DPA should contact [email protected]. The DPA covers:

Categories of personal data processed
Processing purposes and instructions
Sub-processor list
Security measures
Breach notification procedures
Data subject rights assistance
Return and deletion of data on contract end

Your rights

Under UK GDPR, individuals whose data is held in Certify have the right to:

Access — request a copy of personal data held
Rectification — correction of inaccurate records
Erasure — deletion of personal data (subject to legal retention obligations)
Restriction — limiting how data is processed
Portability — data export in machine-readable format
Object — objecting to processing based on legitimate interests

Note: Some data (e.g. thorough examination records) cannot be deleted on request as retention is required by law (LOLER 1998). We will inform you of this when a deletion request is received.

Requests should be directed to your organisation's Certify administrator in the first instance, or to [email protected] directly.

Complaints

You have the right to complain to the Information Commissioner's Office (ICO):

Website: ico.org.uk/make-a-complaint
Phone: 0303 123 1113

Changes to this policy

We will notify existing clients of material changes to this policy. The latest version will always be at ellevo-certify.com/privacy.