Privacy Policy (PAS 2030)

NetRet Group Ltd Privacy Policy – Certification & Registration Data

NetRet Group Ltd ("NetRet", "we", "us") is committed to protecting your privacy and handling personal data with transparency and integrity in line with UK GDPR and Data Protection Act 2018. This policy explains how we collect, process, and share data specifically relating to applicants for PAS 2030 certification registration.

1. What Data We Collect

We collect information necessary to process your certification and/or registration, including but not limited to:

  • Company contact details

  • Details of directors and responsible personnel

  • Qualifications and competencies

  • Installation records and compliance evidence

  • Technical documents (e.g. Retrofit designs, Method Statements)

  • Records of audits, assessments, and non-conformances

2. How We Use Your Data

We process your data to:

  • Evaluate your compliance with PAS 2030:2023 and TrustMark scheme requirements

  • Provide certification and/or registration services

  • Schedule and manage assessments, inspections, and surveillance visits

  • Communicate important updates relating to standards, risks, or scheme changes

  • Submit required notifications to regulators (e.g., TrustMark, UKAS, Ofgem, DESNZ)

3. Systems and Storage

Your data may be stored in the following systems used by NetRet:

  • Microsoft 365 (email, document storage, Teams)

  • PAS Certification Platform (internal CRM and compliance dashboard)

  • UKAS-accredited audit systems

  • Secure third-party portals for data submissions

All systems are access-controlled, encrypted, and monitored for security and compliance.

4. Data Sharing with Third Parties

We may share your data with authorised third parties in connection with onboarding and certification, including:

  • Certification and technical inspection partners (e.g., subcontracted surveillance bodies)

  • Scheme owners and regulators (e.g., TrustMark, UKAS, Green Deal Orb)

  • Insurance and warranty providers where required for registration

  • IT and system vendors who provide support to our certification platforms

Note: Data is only shared where required, under confidentiality agreements, and solely for the purposes of service delivery or regulatory compliance.

5. Your Rights

You have the right to:

  • Access your personal data

  • Request corrections

  • Request deletion (subject to regulatory retention periods)

  • Withdraw consent where processing is based on consent

Please contact: compliance@netretgroup.co.uk

6. Retention

Data will be retained for:

  • Certification & audit records: minimum 6 years

  • PAS 2030 installation data and suspension/withdrawal records: 25 years (per PAS 2030 rules)

We use cookies to personalise and enhance your experience on our site and improve the delivery of ads to you. Visit our Cookie Policy to learn more. By clicking 'accept', you agree to our use of cookies.