Privacy Policy

Last updated: 10th August, 2025

1. Purpose of This Policy

CertIndex respects your privacy and is committed to protecting personal and organisational information. This Privacy Policy explains how we collect, use, store, and disclose such information when you use our website, submit a pre-registration, or create an Organisation Profile.

By providing information to us, you agree to this Privacy Policy.

2. Who We Are

CertIndex is operated by Consulting 365 Pty Ltd (ABN 27 665 028 544), trading as CertIndex.

Verification of ISO certification details is performed by ISO365, a trading division of Consulting 365 Pty Ltd, using objective criteria including checks against recognised accreditation body registers such as JASANZ and IAF.

3. Information We Collect

3.1 Information You Provide

We may collect:

  • Your name and contact details (email, phone number)

  • Organisation details (name, trading name, ABN/ACN, address, year established, legal entity type, number of employees)

  • Service Location Information

  • Certification Information (certificate numbers, scope, issue/expiry dates, accreditation body, certification body)

  • User-Uploaded Content (documents, images, marketing materials)

  • Any other information voluntarily provided in connection with your Listing or pre-registration

3.2 Information We Collect Automatically

When you use our site, we may collect:

  • IP address and device details

  • Browser type and operating system

  • Pages visited, time spent, and referring source

  • General location data inferred from IP address

4. How We Use Your Information

We collect and use information to:

  • Verify ISO certification details

  • Display Organisation Profiles publicly, including certification jurisdiction and traffic light status indicators

  • Contact you about verification, expiry reminders, or updates

  • Provide “Listed on CertIndex” badges and usage guidelines

  • Operate, maintain, and improve our website

  • Provide anonymised, aggregated industry analytics

  • Comply with our legal obligations

We do not sell your personal information to third parties.

5. Publicly Available Information

Information provided for your Organisation Profile will be published on CertIndex and be publicly accessible.

This may include:

  • Organisation details

  • Certification Information

  • Jurisdiction display (including country flag or other indicator)

  • Uploaded files, which may be publicly downloadable

Do not submit any confidential or commercially sensitive information you do not wish to be made public.

6. Sharing Your Information

We may share your information with:

  • ISO365 for certification verification services

  • Accreditation and certification bodies to confirm certification status

  • Hosting, analytics, and communication service providers

  • Government agencies, regulators, or law enforcement as required by law

  • Industry bodies, in aggregated and anonymised form only, for research or analytics

7. International Data Transfers

If you are located outside Australia or New Zealand, your information may be transferred to and stored in Australia. We take reasonable steps to ensure protection in line with applicable laws.

8. Data Retention

We retain information for as long as necessary to:

  • Provide our services

  • Comply with legal obligations

  • Resolve disputes and enforce agreements

If a Listing is removed, we may still retain:

  • Publicly available information

  • Aggregated/anonymised datasets

  • Basic identifying details to record the existence of a past Listing and prevent re-listing without verification

9. Your Rights

You may request to:

  • Access personal information we hold

  • Correct inaccurate or outdated information

  • Request deletion of personal information (subject to legal/operational requirements)

Requests should be emailed to support@certindex.com.au. We may require identity verification before processing.

10. Cookies and Tracking

10.1 Google Analytics & Google Tag Manager

We use Google Analytics and Google Tag Manager to analyse site usage and improve services. These tools collect data about how visitors interact with the site, which may be transmitted to and stored by Google on servers outside Australia.

Google may combine this data with other information it holds about you. You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

10.2 Social Media Pixels

We may use social media tracking pixels such as the LinkedIn Insight Tag or Meta Pixel to measure ad performance and deliver targeted advertising. These platforms may link data collected on CertIndex to your social media accounts. You can manage ad preferences within your social media account settings.

11. Email Communications

By submitting a pre-registration or creating a Listing, you agree that CertIndex may contact you for:

  • Verification requests

  • Expiry reminders

  • Platform updates

  • “Listed on CertIndex” badge and promotional materials

You may opt out of non-essential communications at any time by following unsubscribe instructions or contacting support@certindex.com.au.

12. Data Breach Notification

In the event of a data breach that is likely to result in serious harm, CertIndex will notify affected parties and the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breaches (NDB) scheme.

13. Law Enforcement & Compliance

We may disclose personal or organisational information to comply with subpoenas, court orders, lawful requests from government authorities, or other legal requirements.

14. Security

We take reasonable technical and organisational measures to protect information from unauthorised access, use, or disclosure.

15. Changes to This Policy

We may update this Privacy Policy at any time. The updated version will be posted with the new date.

16. Contact Us

CertIndex Email: support@certindex.com.au