Policies

Website Terms & Privacy Policy

Terms of Use:

Persons who access the Trade Cert Limited website (“Trade Cert Limited”, “TradeCert”, “we” or “us” shall mean Trade Cert Limited, trading under the brand name essCert as the context so admits) agree to be bound by the following terms and conditions:

About Us
Trade Cert Limited is a member of the essDOCS Group. Each member of the essDOCS Group is separate company engaged in a variety of trades and no assumption should be made that the whole group or any part of the group is a single legal entity, or that any one member controls another.

Proprietary Rights
Unless otherwise stated, the materials located on the TradeCert website including text, graphics, logos, button icons, images, real time or other information and content as well as any software programs available on or through the website (the “Content” or “Contents”) are the property of TradeCert and are protected by copyright, trademark and other forms of proprietary rights. All right, title and interest in and to the Contents are owned, licensed or controlled by TradeCert. No license nor any other right is granted to any other person in respect of any related intellectual property rights, other than a licence to download the Contents to your computer temporarily and incidentally for the purpose of viewing this website.

Trademarks
The trademarks, logos, service marks and trade names of TradeCert may not be used without TradeCert prior written permission. Requests for permission should be sent by email to legal@esscert.com.

Use of Contents
Except as otherwise indicated with respect to a particular portion, file, or document provided on this website, you may only print one copy of the Contents for your own personal, non-commercial use. You may not copy, store, either in hardcopy or in an electronic retrieval system, transmit, transfer, perform, broadcast, publish, reproduce, create a derivative work from, display, distribute, sell, license, rent, lease or otherwise transfer any of the Contents to any third person (including, without limitation, others in your company or organization) whether for direct commercial or monetary gain or otherwise without the prior written permission of TradeCert. Requests for such permission must be in writing and should be sent to: legal@esscert.com.

Errors and Inaccuracies
TradeCert does not represent or warrant that the Contents are accurate, complete, or current. This includes pricing and availability information. We reserve the right to correct any errors or omissions, and to change or update the Contents at any time without prior notice.

Forward Looking Statements
To the extent that there are any forward looking statements on the website, these reflect the views of TradeCert as of the date on which they were made with respect to future events and are subject to risks and uncertainties. Actual results may differ from those expressed in such statements, depending on a variety of factors.

Disclaimer of Liability
The Contents available on or through the website are provided “as is” and TradeCert accepts no responsibility for any reliance on any Content included on it. Despite our efforts, the information contained in this website may not be comprehensive, accurate, up to date or applicable to the circumstances of any particular case. The TradeCert Group, its directors, officers and staff do not make any representations or warranties, whether express, implied in law or residual, as to the sequence, accuracy, completeness or reliability of information, opinions, any share price information, research information, data and/or content contained on the website (including but not limited to any information which may be provided by any third party or data or content providers) (“information”), shall not be bound in any manner by any information contained on the website and accept no liability whatsoever for any inaccuracies or omissions. Any decision you make based on information contained in this site is your sole responsibility and at your own risk. TradeCert does not accept liability for any direct, indirect, special, consequential or other losses or damages arising out of access to, or the use of, this website.

Links to TradeCert Website
Web site visitors may create a hypertext link to the TradeCert website, but only if such link is directed to our homepage at http://www.esscert.com/.

Links to Other Sites
This website contains links to other resources on the Internet. Those links are provided to you in good faith to help you identify and locate quickly and easily other Internet resources that may be of interest to you. Should you leave this site via a link contained herein, the content that you view therein is not provided by TradeCert and is beyond our control. TradeCert is not responsible for, nor has it developed or reviewed, the content at those sites. The fact that we provide these links does not mean that we endorse any or all of these sites and does not indicate any responsibility on our part for their contents; we provide these links for the ease of our users only. It is your responsibility to decide whether any services/products available on any of these sites are suitable for your purposes.

TradeCert prohibits storing of unauthorized hypertext links on the website and the framing of any Content available through the site. TradeCert reserves the right to disable any unauthorized links or frames and disclaims any responsibility for the content available on any other site reached by links to or from the TradeCert website.

No Confidentiality
Any comments or other submissions sent to us will be deemed to be non-confidential, and shall be the property of TradeCert, including worldwide rights in all intellectual property submitted to us through the website.

Cookies
There is a technology called “cookies” which can be used by a website to enable its users to store tailored information from the website. A cookie can be sent to your browser, which may then store it on your system. Some TradeCert pages use cookies so that we can better serve you when you return to our site. A cookie does not retrieve any other data from your hard drive or capture or store your e-mail address. You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether to accept it. You may continue browsing our site even if you decide not to accept the cookie.

Privacy Policy
Personal details provided to TradeCert through this web site will only be used in accordance with our privacy policy (below).

Antitrust Compliance Policy
TradeCert is committed to maintaining fair and competitive practices in the trading and shipping industries, and to adhering to all applicable antitrust laws adopted for these purposes. Accordingly, all website visitors reviewing the Content and participating in any online meetings organised by TradeCert, including surveys, workgroups and workshops, are prohibited from discussing or reaching agreement on or disseminating information relating to any activities which have the purpose or effect of restraining trade or which have the potential to affect or distort competition among individual companies. Such activities include, but are not limited to: fixing terms, prices or rates; discussions relating to particular customers or suppliers; boycotting or blacklisting particular customers or suppliers; allocating or dividing customers, territories, or markets; or otherwise seeking to distort competition.

Changes to Terms and Conditions of Use
TradeCert reserves the right to revise these terms and conditions at any time without giving you notice of such changes. You should check the current terms and conditions every time you visit, because in browsing this website you are submitting to being bound by the latest version.

Violations of Terms and Conditions of Use
TradeCert reserves the right to seek all remedies available at law and in equity for violations of these terms and conditions, including the right to block access from a particular Internet address to our site.

Applicable Law
Your use of this website and downloads from it are governed by, and these terms and conditions are to be interpreted in accordance with, English law. You agree to submit any dispute arising out of or in connection with these terms and conditions or in relation to this website, to the exclusive jurisdiction of the courts of England. In the event that any or any part of the terms contained in these terms and conditions shall be determined by any competent authority to be invalid, unlawful or unenforceable to any extent, such term shall to that extent be severed from the remaining terms which shall continue to be valid and enforceable to the fullest extent permitted by law.

Privacy Policy:

Persons who access the TradeCert website agree to be bound by the following privacy policy:

Trade Cert Limited together with its affiliates, (“we”, “us” or “TradeCert”) is a leading technology provider and our customers, prospects, registered users, applicants for employment, and others with whom we do business entrust us with their personal data and personally identifiable information (“Personal Information”) and they expect us to protect that Personal Information with the same level of care we do our own. This is fundamental to the way we do business.

This TradeCert Privacy Policy (the “Policy”) describes and is intended to provide information about the practices we have adopted with respect to processing Personal Information including the collection, use, storage or disclosure of Personal Information, except where there are specific privacy requirements for a product or service (“Service”) and a separate policy has been published for that particular Service.

Scope
Whether acting as a data controller, a data processor or data intermediary, TradeCert is required to comply with all applicable laws and regulations protecting the privacy of Personal Information in the jurisdictions where TradeCert conducts business.

We may amend this Policy from time to time, should it become necessary or advisable to do so to comply with regulatory requirements or best practices. The most recent modification date of this Policy will appear at the top of this page. If we materially change our practices in processing Personal Information, we will post an updated policy in place of this Policy.

General Definitions
These definitions may vary slightly according to local data privacy laws.

“Personal Information” is any information relating to an identified or identifiable natural person, recorded in any medium including but not limited to electronic, paper, or voice recordings. It may include information such as name, address, date of birth, identification numbers, financial information and any other identifiable personal information. Personal Information may include non-identifiable information which, when combined with other information to which TradeCert is likely to have access, can be used to identify an individual.

Individuals that are identified or identifiable by Personal Information are referred to as “data subjects”.

Examples of Personal Information relevant to TradeCert may include:

  • Customer or Prospect Information: Customer or potential customer’s name, email address, business address, and company-related information. This information may be found on marketing, mailing, and contact lists, in corporate data bases, or spreadsheets.
  • Event Attendee and/or Sponsor Information: Name, email address, business address, company-related information, and credit card information. Some of this information may be found on registration forms/profiles, attendee lists, business cards, photos, video clips, online streaming and contest entries.
  • Applicants for Employment at TradeCert: We regularly post available positions in the “Careers” section of our website and we collect the necessary information to assess a candidate’s qualifications.

"Processing" means any operation that is performed on Personal Information, whether or not by automatic means, such as collection, recording, organization, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, blocking, disabling or destruction.

"Sensitive Personal Information" is a subset of Personal Information, which due to its sensitive nature has been classified by law or policy as requiring additional privacy protection. Sensitive Personal Information may include, without limitation, race, ethnicity, health information, biometric information, religion, gender, sexual orientation, medical/health records, credit card information, dietary requirements, political beliefs and criminal history.

"Third Party" or "Third Party Service Provider" is any natural or legal person, public authority, agency, or other body apart from TradeCert that processes or stores Personal Information solely on behalf of and under the instructions of TradeCert.

TradeCert Privacy Principles
We take our responsibilities as a controller, processor, intermediary or custodian of Personal Information very seriously. We adhere to the following privacy principles:

1. Notice
We will provide notice and, where required by law, obtain consent, when we collect Personal Information that will be used to administer and deliver a Service. We will provide information about TradeCert offerings that may be relevant in accordance with applicable laws.

(a) The nature of the information we collect or receive varies depending on the Service being provided. We process Personal Information in a reasonable and lawful manner for relevant business purposes. Personal Information is retained for as long as is necessary for the purpose(s) for which it was collected. We request that only the information necessary to fulfill the Service requested be supplied to us.

(b) We collect Personal Information in several ways for different purposes, in particular the following:

  • Cookies/Web server logs: Similar to other commercial websites, our website utilizes standard technology called "cookies" and web server logs to collect information about how our website is used. Cookies are a feature of web browser software that allows web servers to recognize the computer used to access a website. Cookies are small pieces of data that are stored by a user's web browser on the user's hard drive. Information gathered through cookies and web server logs may include the date and time of visits, the pages viewed, time spent at our website, and the website visited just before and just after our website. This information is collected on an aggregate basis. None of this information is associated with you as an individual. You can, of course, disable cookies on your computer by indicating this in the preferences or options menus in your browser. However, it is possible that some parts of our website will not operate correctly if you disable cookies. You should consult with your browser's provider/manufacturer if you have any questions regarding disabling cookies.
  • Usage Tracking: We may monitor the use of our websites, including pages visited and documents viewed. For registered users, this information is stored with the registration information. It is uniquely numbered, and is used solely for purposes of enabling us to provide users with a personalized website experience.
  • Do-Not-Track: Currently, our systems do not recognize browser “do-not-track” requests. Certain tracking may be disabled by disabling cookies.
  • Direct Marketing: We may occasionally use direct marketing to introduce new Services that may be of interest, or to point out different ways that users may be able to take advantage of existing Services. Where required by law, we will obtain consent before using Personal Information for direct marketing purposes. We will also provide an unsubscribe or other mechanism to allow opt out from receiving direct marketing messages from us. However, because of the nature of our Services, users who elect not to receive direct marketing messages from us may still be contacted with messages relating to servicing an account with us, or with notifications about software upgrades or release availability, or of other information related to licensed products, if applicable.
  • Service Delivery: In order to deliver some Services, we may gather specific information (contact, and other general information), as well as information relating to business needs and preferences and non-identifiable information (such as core system, domain server, computer operating system, or web browser). We collect this information when we onboard a customer using methods described in this Policy and, to the extent permissible under applicable law, by other publicly available means (such as by accessing publicly available databases).
  • Email Alerts: We may ask for an email address upon registration for email alerts on TradeCert websites or through a TradeCert mobile app. Additional information may be collected depending on the type of alert requested. We will provide an unsubscribe or other mechanism to allow individuals who no longer wish to receive email alerts from us to opt out.
  • Event Registration: We may collect Personal Information (such as hotel, meal, and other travel preferences) as part of the registration process for TradeCert events. This information is used solely for confirmation and billing purposes and to service the registration. We will not disclose such information to any Third Party (other than in connection with administration of the TradeCert event) without consent. We do not rent, sell, or otherwise disclose this Personal Information for non-event related mailings without consent.
  • TradeCert Websites: TradeCert websites may require users to create an account and choose a password. Passwords are for individual use only and may not be shared with others. We do not sell, rent or share Personal Information collected on the TradeCert websites, except as described in this Policy. We may provide links to various third-party websites. We do not control or access information users provided to other websites. We are not responsible for the privacy practices of unaffiliated websites to which a TradeCert website may link. We encourage users to become familiar with the privacy practices of such websites before providing them with Personal Information.
  • Mobile Computing Devices: Some TradeCert websites and Services are specifically designed to be compatible with and used on mobile computing devices. Information about the use of each mobile version or mobile application will be associated with user account credentials. Some of the TradeCert websites enable download of applications, widgets or other tools that can be used on a mobile device. These tools may transmit Personal Information to us (i) to enable access to a user account, and (ii) to enhance and track use of these tools as well as develop new tools for quality improvement.
  • Purchases and Fulfillment: When Services are purchased, additional Personal Information, such as credit card number and expiration date may in some instances be requested. In doing so, Personal Information may be collected in connection with the specific order and in accordance with the privacy practices associated with that specific Service.

2. Choice
We do not share Personal Information outside of TradeCert unless we have been given permission to do so, on behalf of one of our customers who has authorized us to do so in order to provide that Service, or as permitted or required by law, or as described in this Policy.

(a) We will only collect, use or disclose Personal Information where we have consent to do so or where otherwise permissible under applicable law. Consent can be withdrawn at any time as described under “Rights”; however, the withdrawal of consent may affect our ability to provide the requested Services or information. Where Services are used by our customers to provide services to their customers, employees or other data subjects, and particularly where our customer provides us with its customers’, employees’ and other data subjects’ Personal Information, we may rely on our customers to obtain the consent of their customers, employees or other data subjects to the collection, use and disclosure of their Personal Information by TradeCert.

(b) We may collect, use or disclose Personal Information we hold without consent in circumstances of emergency that threatens life, health or safety or as permitted or required by law.

(c) We will limit the collection, use and disclosure of Personal Information to that which is reasonably necessary for the identified purposes for which it was collected. We will not collect, use or disclose any Personal Information that is provided to us, except as necessary to provide the Services that we have been contracted to provide or as permitted or required by law.

3. Onward Transfer
We are accountable for all Personal Information under our control or provided to us, including any Personal Information transferred to Third Party Service Providers for the purpose of providing the Services that we have been contracted to provide. When using Third Party Service Providers, we use contractual or other safeguards to provide a comparable level of protection.

(a) We take our obligation to protect and safeguard Personal Information seriously and we ensure that our Third Party Service Providers apply the same care when processing information on our behalf.

(b) TradeCert may share Personal Information, consistent with this Policy, with essDOCS' affiliates or related entities in order to deliver Services, provided those affiliates or related entities apply at least the same level of protection as set out in this Policy.

(c) To perform certain support, software upgrades or changes, or to provide certain Services, it may be necessary to allow Third Party Service Providers of TradeCert to access Personal Information. If so, the Third Party Service Providers will have signed an appropriate TradeCert non-disclosure agreement before receiving access to Personal Information and will be bound to treat that Personal Information in a manner consistent with our commitment to privacy and data security.

(d) If we become aware that a Third Party Service Provider is using Personal Information in a way that is contrary to this Policy, we will take the appropriate measures to prevent or stop such use of Personal Information.

(e) We will comply with requests to disclose Personal Information where required by local law or government authorities to comply with a legal obligation, and where permissible, we will provide advance notice of such disclosure to the individuals concerned.

(f) We may transfer Personal Information in connection with a contemplated reorganization, sale, bankruptcy or transfer of all or a portion of our business or assets, to the extent permitted by applicable law. Following such a sale or transfer, the entity to which we transferred Personal Information will be the data controller and point of contact for any inquiries concerning the processing of that information.

(g) TradeCert is a global business. To provide our Services, we may transfer Personal Information to countries other than the country in which the data was originally collected. Countries to which we transfer Personal Information may not have laws providing the same level of protection to Personal Information as the country in which the information was initially provided. When we transfer Personal Information to other countries, we comply with applicable legal requirements to provide adequate safeguards for the transfer and we ensure that information is protected in a manner that is comparable with the protection provided under applicable law and consistent with this Policy.

(h) TradeCert relies on safeguards for Personal Information transferred from the European Economic Area or Switzerland to the U.S., such as European Commission and Switzerland Commission-approved standard contractual clauses.

4. Security
The security of Personal Information is extremely important to TradeCert.

(a) We implement and maintain a data security program that includes appropriate standard administrative, technical, physical and operational safeguards designed to:

  • Maintain the security and confidentiality of Personal Information entrusted to us; and
  • Protect Personal Information against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use that could result in harm.

(b) We implement and maintain practices designed to secure the access, storage and transmission of Personal Information.

(c) We maintain appropriate security upon the disposal and destruction of records containing Personal Information.

(d) The nature and extent of protection maintained will correspond to applicable local laws and regulations.

(e) We restrict access to Personal Information to those employees of TradeCert who need to know that information to provide our Services. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of Personal Information. We commit to taking appropriate disciplinary measures to enforce our employees' privacy responsibilities.

(f) We have implemented protocols to verify ongoing compliance with this Policy and to enforce disciplinary action against those who violate the privacy and security practices. To report a privacy violation, contact legal@esscert.com.

5. Data Integrity
We endeavor to keep Personal Information accurate and current; and we update it whenever we receive a request to do so, as described below under “Rights”.

(a) We take reasonable steps to ensure the Personal Information we have collected is accurate, complete, and current.

(b) We rely on the accuracy and completeness of the Personal Information that has been provided to us to perform the Services requested.

(c) We will ensure that any changes that we are required to make to Personal Information be updated in a timely fashion.

6. Rights
We honour data subjects’ rights under applicable law to access, correct, update, erase, disable and block their Personal Information when lawfully requested to do so. In some circumstances, a data subject may have the right to object to processing of his or her Personal Information; to withdraw consent to the collection, use or disclosure of his or her Personal Information for any purpose; and/or to obtain information about how his or her Personal Information has been used or disclosed.

(a) We will provide data subjects with access to their Personal Information and honour other rights (such as withdrawal of consent) as applicable upon request sent to legal@esscert.com.

(b) We will correct a data subject’s Personal Information upon request sent to legal@esscert.com.

(c) Data subjects may also opt out of direct marketing by contacting legal@esscert.com.

(d) Where we are collecting, using or disclosing Personal Information on behalf of one of our customers we will refer requests from data subjects for access to their Personal Information to that customer for handling and we will assist our customers in responding to access requests we receive.

7. Enforcement
We have policies and procedures in place to implement and audit the privacy principles set out in this Policy. We have adopted a procedure to receive and respond to complaints and inquiries about our policies and practices relating to the handling of Personal Information. We will investigate all complaints in respect of Personal Information. If a complaint is justified, we will take appropriate measures, including, as necessary, amending our policies and practices. Where we are collecting, using or disclosing Personal Information on behalf of one of our customers, we will assist them in responding to questions and complaints respecting their customers’ Personal Information maintained by us on their behalf. Any inquiries or complaints regarding this Policy or our practices relating to the handling of Personal Information should be addressed to legal@esscert.com.

8. Consent
Use of any of our Services conjunction with this Policy is deemed to be consent to the collection, retention, processing, transfer to third parties and transfer to other countries of your Personal Information, all in accordance with the purposes set forth herein. Data subjects provide Personal Information at their own volition and may be entitled to withdraw consent as described above under “Rights”.

9. Contact Us
For further information on our privacy policies and practices relating to the handling of Personal Information, contact our Data Protection Officer by postal mail to Marina Comninos, Data Protection Officer, TradeCert Ltd, Technology House, Galway Technology Park, Parkmore, Galway, H91 Y602; or by email to dpo@esscert.com.

Addendum – Data Processing Agreement:

1. Introduction

1.1 This agreement with regards to the processing of personal data (the “Data Processor Agreement”) regulates Trade Cert Limited’s processing of personal data on behalf of its Chamber and Agent service users and is attached as an addendum to the TradeCert Terms of Use (above).

2. Legislation

2.1 The Data Processing Agreement shall ensure that Trade Cert Limited complies with the applicable data protection and privacy legislation (the “Applicable Law”), including in particular The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679)

3. Processing of personal data

3.1 Purpose: The purpose of the processing under the Master Service Agreement is the provision of the Services by Trade Cert Limited as specified in the Master Service Agreement.

3.2 In connection with Trade Cert Limited’s delivery of the Trade Cert Limited Certification Services to its clients, Trade Cert Limited will process certain categories and types of its users’ personal data on behalf of these users.

3.3 ”Personal data” includes “any information relating to an identified or identifiable natural person” as defined in GDPR, article 4 (1) (1) (the ”Personal Data”). The categories and types of Personal Data processed by Trade Cert Limited on behalf of its users are listed in sub-appendix A (below). The Data Processor only performs processing activities that are necessary and relevant to perform tasks on the Trade Cert Limited Certification platform. The parties shall update sub-appendix A whenever changes occur that necessitates an update.

3.4 Trade Cert Limited shall have and maintain a register of processing activities in accordance with GDPR, article 32 (2).

4. Instruction

4.1 Trade Cert Limited may only act and process the Personal Data in accordance with the requirements of the Trade Cert Limited Certification Platform (the “Instruction”), unless required by law to act without such instruction. The Instruction at the time of entering into this Data Processor Agreement (DPA) is that Trade Cert Limited may only process the Personal Data with the purpose of delivering the Trade Cert Limited Certification Services as described in the Master Service Agreement.

4.2 Trade Cert Limited Service Users guarantee to process Personal Data in accordance with the requirements of Data Protection Laws and Regulations. The users’ instructions for the processing of Personal Data shall comply with Applicable Law and Trade Cert Limited users will have sole responsibility for the accuracy, quality, and legality of Personal Data and the means by which it was obtained.

4.3 Trade Cert Limited will inform Trade Cert Limited Service Users of any instruction that it deems to be in violation of Applicable Law and will not execute the instructions until they have been confirmed or modified.

5. Trade Cert Limited’s obligations

5.1 Confidentiality 
5.1.1 Trade Cert Limited shall treat all the Personal Data as strictly confidential information. The Personal Data may not be copied, transferred or otherwise processed in conflict with the Instruction, unless the Trade Cert Limited Service Users have agreed in writing.
5.1.2 Trade Cert Limited employees shall be subject to an obligation of confidentiality that ensures that the employees shall treat all the Personal Data under this DPA with strict confidentiality.
5.1.3 Personal Data will only be made available to personnel that require access to such Personal Data for the delivery of the Trade Cert Limited Certification Service and this Data Processor Agreement.

5.2 Trade Cert Limited shall also ensure that employees processing the Personal Data only process the Personal Data in accordance with the Instruction.

5.3 Security
5.3.1 Trade Cert Limited shall implement the appropriate technical and organisational measures as set out in this Agreement and in the Applicable Law, including in accordance with GDPR, article 32. The security measures are subject to technical progress and development. Trade Cert Limited may update or modify the security measures from time-to-time provided that such updates and modifications do not result in the degradation of the overall security.

5.4 Trade Cert Limited shall provide documentation for Trade Cert Limited’s security measures if requested by the Trade Cert Limited Service Users in writing.

5.5 Rights of the data subjects
5.5.1 If a Trade Cert Limited Service User receives a request from a data subject for the exercise of the data subject’s rights under the Applicable Law and the correct and legitimate reply to such a request necessitates Trade Cert Limited’s assistance, Trade Cert Limited shall assist the Service User by providing the necessary information and documentation. Trade Cert Limited shall be given reasonable time to assist the Trade Cert Limited Service User with such requests in accordance with the Applicable Law.
5.5.2 If Trade Cert Limited receives a request from a data subject for the exercise of the data subject’s rights under the Applicable Law and such request is related to the Personal Data of the Trade Cert Limited Service Users, Trade Cert Limited must immediately forward the request to the Trade Cert Limited Service User and must refrain from responding to the person (data subject) directly.

5.6 Personal Data Breaches
5.6.1 Trade Cert Limited shall give immediate notice to the Trade Cert Limited Service Users if a breach occurs, that can lead to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of or access to, personal data transmitted, stored or otherwise processed re the Personal Data processed on behalf of the Trade Cert Limited Service Users (a “Personal Data Breach”).
5.6.2 Trade Cert Limited shall make reasonable efforts to identify the cause of such a breach and take those steps as they deem necessary to establish the cause, and to prevent such a breach from reoccurring.

5.7 Documentation of compliance and Audit Rights
5.7.1 Upon request by a Trade Cert Limited Service User, Trade Cert Limited shall make available to the Trade Cert Limited Service User all relevant information necessary to demonstrate compliance with this DPA, and shall allow for and reasonably cooperate with audits, including inspections by the Trade Cert Limited Service Users or an auditor mandated by the Trade Cert Limited Service User. The Trade Cert Limited Service User shall give notice of any audit or document inspection to be conducted and shall make reasonable endeavours to avoid causing damage or disruption to Trade Cert Limited’s premises, equipment and business in the course of such an audit or inspection. Any audit or document inspection shall be carried out with reasonable prior written notice of no less than 30 days, and shall not be conducted more than once a year.
5.7.2 The Trade Cert Limited Service User and/or its auditor may be requested to sign a non-disclosure agreement reasonably acceptable to Trade Cert Limited before being furnished with the above.

5.8 Data Transfers
5.8.1 Trade Cert Limited Service Users data may be transferred to countries outside the European Economic Area, as required for document verification using the Trade Cert Limited  Certificate Verification website. In all cases, personal data will be saved on storage solutions inside the European Economic Area (EEA), and any data transmitted will be transmitted securely. Only those storage solutions that provide secure services with adequate relevant safeguards will be employed.

6. Sub-Processors

6.1 Trade Cert Limited is given general authorisation to engage third-parties to process the Personal Data (“Sub-Processors”), as required for Trade Cert Limited Certification Services provision, without obtaining any further written, specific authorisation from the Trade Cert Limited Service Users. Such third-parties may be Trade Cert Limited employees, Chambers of Commerce, Consular Agents and Freight-Forwarders.

7. Limitation of Liability

7.1 The total aggregate liability to the User, of whatever nature, whether in contract, tort or otherwise, of Trade Cert Limited for any losses whatsoever and howsoever caused arising from or in any way connected with this engagement shall be subject to the “Limitation of Liability” clause set out in the Master Service Agreement.

7.2 Nothing in this Data Processing Agreement relieves Trade Cert Limited of its own direct responsibilities and liabilities under the GDPR.

8. Duration

8.1 The Data Processor Agreement shall remain in force until the Master Service Agreement is terminated.

9. Data Protection Officer

9.1 Trade Cert Limited will appoint a Data Protection Officer where such appointment is required by Data Protection Laws and Regulations.

10. Termination

10.1 Following expiration or termination of the Agreement, Trade Cert Limited will delete or return to the Trade Cert Limited Service User all Personal Data in its possession as provided in the Agreement except to the extent the Data Processor is required by Applicable law or for Trade Cert Limited Certification Service auditing purposes, to retain some or all of the Personal Data (in which case TradeCert will implement reasonable measures to prevent the Personal Data from any further processing). The terms of this DPA will continue to apply to such Personal Data. 

Sub-appendix A:

1. Personal Data

1.1 Trade Cert Limited processes the following types of Personal Data in connection with its delivery of the Trade Cert Limited Certification Services:

1. Information on relevant employees from the Data Controller relevant for the processing of document certification via the Trade Cert Limited Certification Service. Namely:

  1. Name
  2. Business address
  3. Email address
  4. Telephone number
  5. Scanned signatures


2. Categories of data subjects

2.1 Trade Cert Limited processes personal data about the following categories of data subjects on behalf of the Client:

  1. Employees of Chambers of Commerce and Consular Agents that are registered users of the Trade Cert Limited Certification Service.
  2. Employees of Exporters and Freight-Forwarders that are registered users of the Trade Cert Limited Certification Service.