Legal

Privacy Policy

Effective date: 13 June 2026  ยท  Last updated: 13 June 2026

Drafting note (remove before publishing): Replace all [SQUARE BRACKET] placeholders. This is a starting draft aligned to the NZ Privacy Act 2020. Have it reviewed by a NZ lawyer before publishing, especially sections 8 and 11.

1. Who we are

This Privacy Policy explains how [LEGAL ENTITY NAME] (NZBN [NZBN]), trading as CertMate ("CertMate", "we", "us", "our"), collects, uses, stores and discloses personal information. CertMate provides online compliance certificate software for electricians in New Zealand through our website at tradecert.co.nz (the "Service").

We are committed to protecting your privacy and handling your personal information in accordance with the Privacy Act 2020.

If you have any questions about this policy, contact us at [PRIVACY CONTACT EMAIL].

2. What this policy covers

This policy covers personal information we collect about:

  • Visitors to our website
  • People who create an account, including the free trial
  • Account holders and any staff or apprentice users added to an account
  • People who contact us for support or other enquiries

It also explains how we handle information that account holders enter into the Service about their own clients (see section 8).

3. Information we collect

We collect the following kinds of personal information.

Account information: your name, company name, email address, phone number, password (stored in encrypted form), and your electrical registration details where relevant.

Certificate and job information: information you enter when creating certificates, which may include job addresses, descriptions of work, client names and contact details, and signatures.

Billing information: when you subscribe, payment is processed by our payment provider. We receive limited billing details such as your billing name and subscription status. We do not store full card numbers ourselves.

Support information: any information you provide when you contact us, including the content of your messages.

Technical and usage information: information collected automatically when you use the Service, such as your IP address, device and browser type, pages visited, and actions taken in the app. See section 10 for cookies and analytics.

4. How we collect information

We collect personal information directly from you when you create an account, use the Service, subscribe, or contact us. We also collect technical information automatically through cookies and similar technologies. In some cases account administrators provide information about staff or apprentice users they add to their account.

5. How we use your information

We use personal information to:

  • Provide, operate and maintain the Service
  • Create, store and manage your account and your certificates
  • Process subscriptions and billing
  • Provide customer support and respond to your enquiries
  • Send service-related communications such as account, billing and security notices
  • Improve and develop the Service
  • Detect, prevent and respond to security issues and misuse
  • Meet our legal obligations

We will only use your information for a purpose connected with the Service, or a directly related purpose, unless you have authorised another use or the law allows it.

6. Marketing communications

We may send you occasional updates about CertMate features and offers. You can opt out at any time using the unsubscribe link in those messages or by contacting us. We will always send you essential service and account communications regardless of marketing preferences.

7. Who we share information with

We do not sell your personal information. We share it only as follows:

  • Service providers who help us run the Service, such as our hosting provider, our payment processor, and our email delivery provider. These providers act on our instructions and are bound to protect your information.
  • Legal and safety reasons, where we are required by law, or where disclosure is necessary to protect our rights, your safety, or the safety of others.
  • Business transfer, if CertMate is involved in a sale, merger or restructure, in which case information may be transferred as part of that transaction subject to this policy.

 

8. Information you store about your clients

When you use CertMate to create certificates, you may enter personal information about your own clients, such as their names and addresses. You remain responsible for that information and for having a proper basis to collect and use it. CertMate stores and processes that information on your behalf so we can provide the Service to you. We do not use your clients' information for our own purposes. If you close your account, your client information is handled as set out in section 12.

9. Storage and security

We take reasonable steps to protect personal information from loss, unauthorised access, use, modification or disclosure. These steps include encrypted connections, access controls, and secure hosting. No system is completely secure, so while we work hard to protect your information we cannot guarantee absolute security.

10. Cookies and analytics

Our website uses cookies and similar technologies to make the site work, remember your preferences, and understand how the site is used. We may use analytics tools to collect aggregated information about site usage so we can improve it. You can control cookies through your browser settings, although disabling some cookies may affect how the site works. [If you add an analytics tool such as Google Analytics or Plausible, name it here and link to its privacy information.]

11. Overseas storage

Some of our service providers, including our payment processor and email delivery provider, may store or process information on servers located outside New Zealand. Where this happens, we take reasonable steps to ensure your information is protected by comparable safeguards consistent with the Privacy Act 2020. [Confirm the countries where your hosting, payment and email providers store data and list them here.]

12. How long we keep information and deletion

We keep personal information only for as long as we need it for the purposes set out in this policy, or as required by law. Electrical compliance certificates may need to be retained for a number of years to meet legal and industry requirements, and we retain certificate records to support that. If you close your account, we will provide you a reasonable opportunity to export your data, after which we will delete or de-identify personal information we no longer need to keep, subject to any legal retention obligations.

13. Your rights

Under the Privacy Act 2020 you have the right to:

  • Access the personal information we hold about you
  • Request correction of that information if it is inaccurate, out of date, incomplete or misleading

To make a request, contact us at [PRIVACY CONTACT EMAIL]. We may need to verify your identity before responding. We will respond within the timeframes required by law.

14. Privacy breaches

If we experience a privacy breach that we assess as likely to cause serious harm, we will notify affected people and the Office of the Privacy Commissioner as required by the Privacy Act 2020.

15. Children

The Service is intended for licensed tradespeople and business users and is not directed at children. We do not knowingly collect personal information from anyone under 16.

16. Changes to this policy

We may update this policy from time to time. When we make material changes we will update the effective date and, where appropriate, notify you. The current version will always be available on our website.

17. Complaints and contact

If you have a concern about how we have handled your personal information, please contact us first at [PRIVACY CONTACT EMAIL] so we can try to resolve it.

If you are not satisfied with our response, you can contact the Office of the Privacy Commissioner:

Contact us

[LEGAL ENTITY NAME] trading as CertMate

[REGISTERED ADDRESS]

Email: [PRIVACY CONTACT EMAIL]