ICSC

Privacy Policy

Last updated: May 2026

ICSC Ltd ("ICSC", "we", "our", "us") is committed to protecting your privacy and ensuring the lawful, fair, and transparent processing of your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This Privacy Policy explains how we collect, use, store, and protect your information when you interact with our website, services, and certificate verification system.

1. Who We Are

ICSC Ltd
Company Number: 17110748
Registered in England and Wales
Registered Office:
124–128 City Road
London, England
EC1V 2NX

For privacy enquiries: privacy@councilforstandards.org

2. Information We Collect

2.1 Information you provide to us

We may collect personal data when you submit forms, report suspicious certificates, request information, verify a certificate, or communicate with us by email. This may include your name, email address, organisation, certificate number, and any other information you voluntarily provide.

2.2 Information collected automatically

When you visit our website, we may automatically collect technical data including IP address, browser type, device information, pages visited, and access times. This data is used for security, service improvement, and operational purposes.

3. How We Use Your Information

We process personal data to respond to enquiries, operate our certificate verification system, investigate reports of certificate misuse or fraud, maintain the integrity of our certification records, improve our services, and comply with our legal obligations. We do not sell your personal data or use it for advertising or marketing purposes.

4. Legal Basis for Processing

We rely on the following lawful bases under UK GDPR, as appropriate to each processing activity:

5. How We Store and Protect Your Data

We take reasonable technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse. These measures include the use of secure servers, encrypted communications, and access controls. No method of transmission over the internet is completely secure; we cannot guarantee absolute security but are committed to protecting your data appropriately.

6. Sharing Your Information

We do not share your personal data with third-party marketers or sell data to any third party. We may share data with authorised personnel, legal authorities, or regulatory bodies where required by law or where we have a legitimate interest in preventing fraud or misuse of our certification system.

7. Data Retention

We retain personal data only for as long as is necessary for the purposes described in this policy, including the maintenance of certificate records for verification and integrity purposes, and for as long as required by applicable law.

8. Your Rights

Under UK GDPR, you have the right to:

To exercise any of these rights, contact us at: privacy@councilforstandards.org

9. Cookies

We may use essential cookies necessary for the operation of our website. We do not currently use advertising or tracking cookies. If we introduce non-essential cookies in future, we will update this policy and provide appropriate notice.

10. Contact Us

For privacy enquiries: privacy@councilforstandards.org
For general enquiries: info@councilforstandards.org
For compliance and integrity matters: integrity@councilforstandards.org

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The most recent version, with its effective date, will always be published on this page. We encourage you to review this policy periodically.