ACS Registrars is committed to protecting the privacy and confidentiality of information obtained in the course of its certification activities, in accordance with applicable international standards, accreditation requirements, and legal obligations.

This Privacy Policy describes how personal and organizational information is collected, used, protected, retained, and disclosed in relation to certification services and the use of this website.

Information Collect

ACS Registrars collects and processes information that is necessary for the performance of its certification activities, including but not limited to:

• Contact details and identification information of applicants, certified organizations, and their authorized representatives

• Information related to management systems, audit activities, certification decisions, surveillance, and recertification processes

• Limited technical information collected through website usage for operational integrity and security purposes

Information is collected only where relevant and necessary to fulfill certification, legal, contractual, or accreditation requirements.

Use of Information

Collected information is used exclusively for purposes that support certification activities, including:

• Conducting audits, certification, surveillance, and recertification

• Managing applications, contracts, and certification decisions

• Maintaining the integrity, impartiality, and effectiveness of certification processes

• Complying with legal, regulatory, and accreditation obligations

Information is not used for marketing, promotional, or profiling purposes unrelated to certification activities.

Confidentiality and Information Security

All information obtained during certification activities is treated as confidential.

ACS Registrars implements appropriate technical and organizational controls to protect information against unauthorized access, disclosure, alteration, misuse, or loss.

Access to information is restricted to authorized personnel with a legitimate need related to certification or accreditation activities and is subject to confidentiality obligations.

Disclosure of Information

Confidential information is disclosed only under the following circumstances:

• When required by applicable law or regulatory authorities

• When required by accreditation bodies for oversight, witness, or assessment activities

• With the explicit consent of the organization or individual concerned

Confidential information is not disclosed to third parties for commercial or promotional purposes.

Data Retention

Information is retained only for periods necessary to meet certification, legal, contractual, and accreditation requirements.

Retention periods are defined, documented, and controlled in accordance with applicable regulations and internal procedures.

Upon expiry of the retention period, information is securely disposed of or anonymized as appropriate.

Website Use

The ACS Registrars website may collect limited technical data, such as IP address, browser type, and access logs, solely for security, functionality, and performance monitoring.

Such information does not identify individuals and is not used for tracking, profiling, or marketing purposes.

Changes to This Policy

This Privacy Policy is reviewed periodically and updated as necessary to reflect changes in legal, regulatory, or accreditation requirements.

The current approved version of this policy is made publicly available on the ACS Registrars website.

Contact

Questions or concerns regarding this Privacy Policy may be submitted using the official contact details provided on the ACS Registrars website.