These Terms of Use (“Terms”) govern the access to and use of the EUCERTA platform and related services, operated by the European Certification Agency (“EUCERTA”, “we”, “us”, or “our”), in accordance with applicable laws of the European Union. By using our platform, you (“you”, “user”, or “organization”) agree to be legally bound by these Terms. If you do not agree, you must not use the services.
EUCERTA provides an online platform to facilitate the evaluation, registration, certification, and verification of compliance with international and European standards (e.g., ISO standards), including related documentation workflows, auditor involvement, and certificate issuance.
To access or use EUCERTA, you must:
Be at least 18 years of age;
Have full legal capacity under applicable laws;
Act as a representative of a legal entity (where applicable);
Agree to and comply with these Terms and our Privacy Policy.
Users may register under different roles, including but not limited to:
Applicant Organizations submitting for certification;
Auditors performing evaluations;
Verifiers confirming documentation;
Administrators managing platform operations.
All users agree to:
Provide accurate and complete information;
Use the platform in good faith and not for unlawful purposes;
Respect confidentiality and data protection obligations;
Refrain from tampering with the platform, its content, or its operations.
The platform and its content are protected by intellectual property laws. You may use the platform solely for its intended certification-related purposes. You may not:
Copy, reproduce, or distribute content without permission;
Reverse engineer or attempt to extract source code;
Misuse or exploit the services, certificates, or logos.
EUCERTA may charge fees for certain services. Fees will be communicated transparently. Payment obligations must be fulfilled according to the agreed conditions. Non-payment may result in suspension of services or withdrawal of certifications.
All certificates issued by EUCERTA are subject to:
Successful verification of compliance;
Ongoing surveillance or re-certification (where applicable);
Revocation in case of misuse, fraud, or non-compliance.
EUCERTA reserves the right to publish, suspend, or revoke certificates in line with its procedures and applicable accreditation rules.
All personal and company-related data will be processed in accordance with the EU General Data Protection Regulation (GDPR). Confidential information provided through the platform will be protected and not disclosed to third parties without legal basis or consent.
EUCERTA shall not be liable for:
Any indirect, incidental, or consequential damages;
Certification decisions based on false or incomplete information;
Use or misuse of the certificates by third parties.
EUCERTA’s liability is limited to cases of gross negligence or willful misconduct, as permitted by applicable law.
We may suspend or terminate your access to the platform with immediate effect if:
You violate these Terms or applicable laws;
Fraudulent activity is detected;
Continued service would pose a legal or reputational risk.
We reserve the right to update or amend these Terms at any time. Users will be informed of material changes. Continued use of the platform after such changes constitutes acceptance.
These Terms shall be governed by and construed in accordance with the laws of the European Union and, where applicable, the country in which EUCERTA is registered. Any disputes shall be subject to the exclusive jurisdiction of the competent courts in [Insert Country, e.g., Belgium or Germany].
This Privacy Policy explains how EUCERTA – European Certification Agency (“EUCERTA”, “we”, “us”, or “our”) collects, processes, stores, and protects personal data of users (“you”, “user”, or “organization”) when accessing our platform and using our services. We are committed to protecting your privacy in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and relevant EU legislation.
EUCERTA acts as the Data Controller for all personal data processed via its online platform and related services.
Contact Details:
EUCERTA – European Certification Agency
[Insert Address]
Email: [Insert Contact Email]
Website: [Insert Website URL]
We may collect and process the following categories of personal data:
Identification Data: Name, title, position, organization, contact details (e.g., email, phone number, postal address)
Login Data: Username, passwords (encrypted), role assignments
Certification Data: Submitted forms, audit documents, evidence, and certificates
Technical Data: IP address, browser type, device information, log files
Usage Data: Interactions with the platform, timestamps, audit trails
We do not collect special categories of personal data (e.g., health data, racial or ethnic origin) unless explicitly required and consented.
We process personal data for the following purposes:
| Purpose | Legal Basis |
|---|---|
| To register and authenticate users | Art. 6(1)(b) GDPR – Contract performance |
| To evaluate and certify submitted information | Art. 6(1)(b) and (f) GDPR – Contract and legitimate interest |
| To issue, manage, and verify certificates | Art. 6(1)(b) GDPR |
| To comply with legal obligations (e.g., accreditation, audit logs) | Art. 6(1)(c) GDPR |
| To improve services, platform security, and technical functionality | Art. 6(1)(f) GDPR – Legitimate interest |
| To communicate with users regarding services, deadlines, and updates | Art. 6(1)(b) and (f) GDPR |
We may share personal data with:
Authorized auditors, verifiers, and platform administrators;
Accredited certification partners (where applicable);
Regulatory or accreditation bodies when required;
Technical service providers and IT support (bound by Data Processing Agreements).
Data is not transferred outside the European Economic Area (EEA) unless adequate safeguards under Art. 44 ff. GDPR are ensured (e.g., Standard Contractual Clauses).
Personal data will be retained:
As long as necessary for the certification process;
To comply with legal retention obligations (typically 10 years for certification records);
Until withdrawal of consent (where applicable).
After expiration, data will be securely deleted or anonymized.
We implement appropriate technical and organizational measures (TOMs) to protect your data against unauthorized access, disclosure, alteration, or destruction. These include:
Encrypted transmission (SSL/TLS);
Role-based access control;
Regular backups and monitoring;
Secure hosting within the EU.
As a data subject, you have the following rights:
Right of Access (Art. 15)
Right to Rectification (Art. 16)
Right to Erasure (“Right to be Forgotten”) (Art. 17)
Right to Restriction of Processing (Art. 18)
Right to Data Portability (Art. 20)
Right to Object (Art. 21)
Right to Lodge a Complaint with a supervisory authority
To exercise any of these rights, please contact us via the contact details above.
Our platform may use cookies and analytics tools to improve user experience. You will be informed via a separate Cookie Policy and given the option to manage your preferences.
We may update this Privacy Policy to reflect legal or technical changes. Users will be informed of material changes. Continued use of our services after changes constitutes your agreement to the updated policy.