Boss Builder CPD Pty Ltd (ABN 11 693 815 084) trading as CertoCC
Last updated: 29 May 2026
CertoCC is operated by Boss Builder CPD Pty Ltd (ABN 11 693 815 084), trading as CertoCC ("we", "us", "our"), headquartered in Sydney, New South Wales, Australia. This Privacy Policy explains how we collect, hold, use and disclose your personal information when you use the CertoCC platform at certocc.com.au ("Platform").
We are bound by the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This policy constitutes our APP Privacy Notice. By using the Platform, you agree to the collection and use of your information as described in this policy.
Information you provide directly:
Information collected automatically:
We do not collect sensitive information (as defined under the Privacy Act 1988, including health, racial, religious, political or biometric information) without your consent, unless required or authorised by law.
If you provide us with personal information about another individual (for example, a certifier or builder you invite to a project), you represent that you are authorised to provide that information and have complied with your own privacy obligations, including notifying that individual that their information will be provided to us.
We use your personal information to:
We will only use your information for the purposes for which it was collected, or for a directly related purpose you would reasonably expect.
We do not sell your personal information. We may share it with:
Service providers: We engage the following sub-processors to operate the Platform:
These providers are contractually required to protect your information and may only use it for the purposes we specify.
Other Platform users: Other members of your organisation within the Platform will have access to information consistent with their role and permissions. Project information may be visible to both the builder and certifier associated with a project.
Legal and regulatory: We may disclose your information to law enforcement, government agencies or courts where required by law, regulation or valid legal process.
Business transfers: In the event of a merger, acquisition or sale of assets, your information may be transferred to a successor entity. We will notify you of any such transfer.
Some of our service providers are located overseas, including in the United States. We take reasonable steps to ensure they handle your personal information in a manner consistent with the APPs.
We implement appropriate technical and organisational measures to protect your personal information, including:
Despite these measures, no method of transmission over the internet is completely secure. You are responsible for maintaining the confidentiality of your account credentials. If you suspect unauthorised access to your account, notify us immediately at support@certocc.com.au.
We are subject to the Notifiable Data Breaches scheme under the Privacy Act 1988 (Cth). If we become aware of an eligible data breach that is likely to result in serious harm to any affected individual, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as soon as practicable and within 30 days of becoming aware. We will take immediate steps to contain any breach and assess its likely impact.
We retain your personal information for as long as your account is active or as needed to provide services, comply with legal obligations, resolve disputes and enforce our agreements. When we no longer have a legitimate business need to retain your information, we will delete or de-identify it. You may request deletion of your account and associated data at any time.
The Platform is intended for use by adults aged 18 and over. We do not knowingly collect personal information from children under the age of 18. If we become aware that we have inadvertently collected personal information from a child under 18, we will delete it from our records promptly. If you believe we have collected information from a child, please contact us at support@certocc.com.au.
We may collect and use aggregated, de-identified usage data (such as feature usage patterns, session lengths and error rates) to improve the Platform. This data cannot be used to identify any individual user and may be used for internal research, product development and analytics purposes.
Under the APPs you have the right to:
To exercise any of these rights, contact us at support@certocc.com.au. We will respond within 30 days. We may ask you to verify your identity before processing your request.
If you believe we have breached the APPs, please contact us at support@certocc.com.au. We will investigate and respond within a reasonable time. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.
We will only send you marketing or promotional communications with your consent or where otherwise permitted by the Spam Act 2003 (Cth). All marketing emails will include an unsubscribe mechanism. Transactional emails (account verification, password reset, invitations, billing notices) do not require consent and cannot be opted out of while your account is active.
We may update this policy from time to time to reflect changes in our practices or applicable law. We will notify you of material changes by email or via the Platform. Continued use of the Platform after changes constitutes acceptance of the updated policy.
Boss Builder CPD Pty Ltd (ABN 11 693 815 084) trading as CertoCC
Email: support@certocc.com.au
Website: certocc.com.au