Privacy

Privacy Policy

Last updated: 20 March 2026

This Privacy Policy explains how WiFiCert Ltd (“WiFiCert”, “we”, “us”, “our”) collects, uses, stores and protects personal data when you use our website, self-assessment tools, certification services and related features.

1. Who We Are

WiFiCert Ltd is the data controller responsible for the personal data collected through the WiFiCert platform and associated services.

2. The Data We May Collect

a) Identification Data

full name;
email address;
telephone number.

b) Assessment and Site Data

site name;
venue type;
city and country;
wireless infrastructure and environment details submitted during the assessment process.

c) Technical Data

IP address;
browser type and version;
device and session-related information;
system and platform usage data.

d) Location Data

GPS or device location data, only where you expressly allow this on your device or browser.

3. How We Collect Data

We collect personal data when you:

create or begin an assessment;
submit forms through our platform;
communicate with us;
use website features that generate technical or usage data.

4. How We Use Your Data

We may use your data to:

provide and manage the WiFiCert self-assessment and certification services;
review, validate and process certification applications;
verify integrity, authenticity and anti-fraud controls;
improve service quality, functionality and platform security;
maintain records of assessments and related interactions;
respond to enquiries and support requests;
use automated systems, including artificial intelligence tools, to assist in the analysis, validation and verification of assessment data, infrastructure characteristics and measurement results. Such systems are used as a support tool and do not involve automated decision-making producing legal or similarly significant effects without human review.
Note: Where artificial intelligence tools are used, personal data such as contact details are not included. Processing is limited to technical, infrastructure and measurement-related data where possible.
send service-related communications, including reminders to complete, continue or finalise an assessment process;
notify you about the availability, expiration or eligibility of assessment results, reports or certification;
Such communications are considered part of the service experience and not unsolicited marketing.

5. Legal Basis for Processing

We rely on one or more of the following legal bases:

Contract: where processing is necessary to provide the Service you requested;
Legitimate interests: where processing is necessary for security, fraud prevention, service integrity and reasonable business administration;
Consent: where you voluntarily enable optional features such as GPS location collection.

6. Location Data

Location data is collected only if you explicitly permit access through your device or browser. You may refuse or withdraw that permission at any time through your device or browser settings.

Where used, location data may assist WiFiCert in verifying whether testing was performed at the relevant site or premises.

7. Data Retention

We retain personal data only for as long as reasonably necessary for the purposes set out in this Policy, including legal, administrative, operational and evidential purposes.

assessment records may be retained for up to 24 months or longer where reasonably necessary;
technical and security-related data may be retained for platform protection, monitoring and analysis;
location data, where collected, will be retained only for a limited period appropriate to the relevant verification purpose.

8. Data Sharing

We do not sell your personal data.

We may share data with:

hosting, communications, cloud and technical service providers;
professional advisers where necessary;
authorised partners or reviewers involved in certification-related workflows, where relevant and proportionate;
authorities or regulators where required by law.

9. International Transfers

Your personal data may be processed or stored outside your country of residence. Where required by applicable law, we take appropriate steps and safeguards to protect personal data transferred internationally.

10. Security

We implement appropriate technical and organisational measures intended to protect personal data against unauthorised access, loss, misuse, disclosure or alteration.

11. Your Rights

If you are located in the UK or EEA, you may have rights under applicable data protection law, including the right to:

request access to your personal data;
request correction of inaccurate or incomplete data;
request erasure of data in certain circumstances;
request restriction of processing in certain circumstances;
object to certain types of processing;
withdraw consent where processing is based on consent.

12. Cookies and Similar Technologies

We may use cookies or similar technologies for technical, functional, security and analytical purposes. If a dedicated Cookie Policy is published, it should be read alongside this Privacy Policy.

13. Users in the UK and EEA

Where applicable, we process personal data in accordance with the UK GDPR, the Data Protection Act 2018, the EU GDPR and other relevant data protection laws.

14. Changes to This Policy

We may update this Privacy Policy from time to time. The latest version will always be posted on this page.

15. Contact

WiFiCert Ltd

Email: privacy [at] wificert.org

If you are unhappy with how your personal data is handled and are located in the UK, you may also have the right to raise a concern with the Information Commissioner’s Office (ICO).