Privacy Policy

Last updated: April 2026

CertNow Ltd (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our mobile application and website (the “Service”).

We are registered in England and Wales. Our registered address is 198 New North Road, Ilford, England, IG6 3BD. We are the data controller for the purposes of UK GDPR.

1. Information We Collect
1.1 Information You Provide

We collect information you voluntarily provide when using our Service:

  • Account Information: Name, email address, phone number, password
  • Property Information: Property addresses, property types, tenant details
  • Certificates: Gas Safety Certificates, EICR, EPC, and other compliance documents you upload
  • Engineer Booking Details: Appointment dates, service requirements, special instructions
  • Communications: Messages you send to us or engineers through the platform
1.2 Information Collected Automatically

When you use our Service, we automatically collect:

  • Device Information: Device type, operating system, unique device identifiers
  • Usage Data: Pages visited, features used, time spent on the app
  • Location Data: General location based on IP address (we do not track precise GPS location)
  • Log Data: IP address, browser type, access times, referring URLs
1.3 Information from Third Parties

We may receive information from:

  • Engineers: Confirmation of completed services, certificate details
  • Payment Processors: Transaction confirmations (we do not store full payment card details)
2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Create and manage your account
  • Store and organize your compliance certificates
  • Send expiry reminders and notifications you’ve opted into
  • Facilitate engineer bookings and communications
  • Process transactions and send related information
  • Respond to your comments, questions, and support requests
  • Send you technical notices, updates, and security alerts
  • Monitor and analyze trends, usage, and activities
  • Detect, investigate, and prevent fraudulent transactions and abuse
  • Comply with legal obligations
3. Legal Basis for Processing (UK GDPR)

We process your personal data under the following legal bases:

  • Contract: Processing necessary to provide the Service you’ve requested
  • Legitimate Interests: Improving our Service, fraud prevention, marketing (where permitted)
  • Consent: Where you’ve given explicit consent (e.g., marketing emails)
  • Legal Obligation: Where we’re required to process data by law
4. How We Share Your Information

We may share your information with:

4.1 Service Providers

Third parties who perform services on our behalf, including cloud hosting providers, email delivery services, and analytics providers. These providers are contractually bound to protect your data.

4.2 Engineers

When you book an engineer, we share relevant property and contact information to facilitate the booking. Engineers are independent third parties with their own privacy practices.

4.3 Certificate Sharing

When you generate a share link for a certificate, anyone with that link can view the certificate. You control who you share links with.

4.4 Legal Requirements

We may disclose your information if required by law, court order, or government request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

4.5 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy.

5. Data Retention

We retain your information for as long as:

  • Your account remains active
  • Needed to provide you with the Service
  • Required to comply with legal obligations (e.g., tax records)
  • Necessary to resolve disputes and enforce agreements

Certificates you upload are retained until you delete them or close your account. You can request deletion of your data at any time (see Your Rights below).

6. Data Security

We implement appropriate technical and organizational measures to protect your data:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Secure cloud infrastructure hosted in the UK
  • Regular security assessments and updates
  • Access controls and authentication requirements
  • Employee training on data protection

However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Your Rights (UK GDPR)

Under UK data protection law, you have the right to:

  • Access: Request a copy of the personal data we hold about you
  • Rectification: Request correction of inaccurate or incomplete data
  • Erasure: Request deletion of your personal data (“right to be forgotten”)
  • Restriction: Request that we limit how we use your data
  • Portability: Request a copy of your data in a machine-readable format
  • Objection: Object to processing based on legitimate interests or direct marketing
  • Withdraw Consent: Where processing is based on consent, withdraw it at any time

To exercise these rights, contact us at hello@certnow.co.uk. We will respond within one month. You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk.

8. Cookies and Tracking

We use cookies and similar technologies to:

  • Keep you signed in
  • Remember your preferences
  • Understand how you use our Service
  • Improve your experience

You can control cookies through your browser settings. Disabling cookies may affect the functionality of the Service.

9. Third-Party Links

Our Service may contain links to third-party websites (e.g., Gas Safe Register). We are not responsible for the privacy practices of these sites. We encourage you to read their privacy policies.

10. Children’s Privacy

The Service is not intended for children under 18. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately.

11. International Transfers

Your data is primarily stored in the UK. If we transfer data outside the UK, we ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses) to protect your data in accordance with UK GDPR.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or in-app notification. Your continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our data practices:

  • Email: hello@certnow.co.uk
  • Address: CertNow Ltd, Office 7052, 58 Peregrine Road, Hainault, Ilford, Essex, IG6 3SZ

For data protection enquiries, you can also contact the UK Information Commissioner’s Office at ico.org.uk.

The all-in-one compliance app for UK landlords. Store certificates, get reminders, book engineers.
Contact us

Services

Company

Communications

  • hello@certnow.co.uk
  • Office 7052, 58 Peregrine Road, Hainault, Ilford, Essex, IG6 3SZ