Legal
Privacy Policy
Last updated: 11 July 2026
1. Introduction
This Privacy Policy explains how [LEGAL ENTITY NAME] ("we", "us", or "our"), the operator of godoscertificationinfo.com (the "Website"), collects, uses, stores, and protects personal data relating to visitors and clients worldwide. We provide independent consulting services that help advertisers pursue Google's Government Documents and Services (GODOS) certification and related advertiser verification.
We are committed to handling personal data responsibly and in accordance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR) and the UK GDPR where relevant. This document is a template and should be reviewed by qualified legal counsel before publication.
By using the Website or contacting us, you acknowledge that you have read and understood this Privacy Policy.
2. Who We Are (Data Controller)
For the purposes of applicable data protection law, the data controller responsible for your personal data is:
- Legal entity: [LEGAL ENTITY NAME]
- Jurisdiction of establishment: [JURISDICTION]
- Registered address: [REGISTERED ADDRESS]
- Privacy contact email: [CONTACT EMAIL]
3. Data We Collect
We aim to collect only the personal data we need to respond to enquiries and deliver our consulting services. The categories of data we may collect are set out below.
Information you provide via our contact form:
- Full name
- Email address
- Phone number
- Website or business URL
- Any additional information you voluntarily include in your message
4. Analytics and Cookies
We use privacy-friendly, cookieless analytics to understand aggregate Website usage, such as page views and general traffic patterns. This analytics approach is designed to avoid setting tracking cookies and to minimize the processing of personal data.
Where our analytics tooling processes limited technical information (for example, truncated or anonymized data derived from your visit), it is used solely for statistical and performance purposes and is not used to identify individual visitors.
If we introduce cookies or additional tracking technologies in future, we will update this Policy and, where required, request your consent.
5. How We Use Your Data and Lawful Bases
We process personal data only where we have a valid lawful basis under the GDPR (or equivalent applicable law). The purposes and corresponding lawful bases are described below.
- To respond to your enquiry and provide information about our services — lawful basis: our legitimate interests in responding to prospective clients, or steps taken at your request prior to entering a contract.
- To deliver and administer consulting services you engage us for — lawful basis: performance of a contract.
- To protect our Website from spam and abuse (bot protection) — lawful basis: our legitimate interests in maintaining Website security and integrity.
- To measure and improve Website performance via cookieless analytics — lawful basis: our legitimate interests in operating and improving the Website.
- To comply with legal, regulatory, or accounting obligations — lawful basis: compliance with a legal obligation.
6. Service Providers and Processors
We rely on a small number of third-party service providers (processors) to operate the Website and communicate with you. Each processor acts on our instructions and is subject to appropriate data protection obligations.
The processors we currently use include:
- Web3Forms — relays submissions from our Website contact form to us via email so we can respond to your enquiry.
- Cloudflare Turnstile — provides bot detection and spam protection on our forms to verify that submissions come from genuine human visitors.
- Hosting provider — [HOSTING PROVIDER NAME] hosts the Website infrastructure and may process technical data such as server logs in the course of delivering hosting services.
- Analytics provider — [ANALYTICS PROVIDER NAME], used for cookieless, privacy-friendly usage statistics.
7. International Data Transfers
Because we serve clients worldwide and use service providers that may operate in various countries, your personal data may be transferred to and processed in jurisdictions outside your country of residence, including outside the European Economic Area (EEA) or the United Kingdom.
Where we transfer personal data internationally, we take steps to ensure an appropriate level of protection, such as relying on adequacy decisions, Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum, or equivalent safeguards as required by applicable law.
You may request further information about the safeguards applied to international transfers by contacting us at [CONTACT EMAIL].
8. Data Retention
We retain personal data only for as long as necessary to fulfil the purposes described in this Policy, unless a longer retention period is required or permitted by law.
In general, our retention approach is as follows:
- Enquiry and contact form data: retained for 24 months from your last contact, unless we enter into an ongoing client relationship.
- Client and engagement records: retained for the duration of our engagement and for 24 months afterwards to meet legal, accounting, and dispute-resolution requirements.
- Aggregate analytics data: retained in anonymized or aggregated form and does not identify individuals.
- When retention periods expire, we securely delete or anonymize the relevant personal data.
9. Data Security
We implement reasonable technical and organizational measures designed to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure. These measures include restricting access to data on a need-to-know basis and using reputable service providers with their own security controls.
No method of transmission or storage is completely secure. While we strive to protect your personal data, we cannot guarantee absolute security, and any transmission of data to us is at your own risk.
10. Your Data Protection Rights
Subject to applicable law, and in particular where the GDPR or UK GDPR applies, you have the following rights in relation to your personal data:
- Right of access — to obtain confirmation of whether we process your data and a copy of that data.
- Right to rectification — to have inaccurate or incomplete data corrected.
- Right to erasure — to request deletion of your data in certain circumstances.
- Right to restriction of processing — to limit how we use your data in certain circumstances.
- Right to data portability — to receive your data in a structured, commonly used, machine-readable format.
- Right to object — to object to processing based on our legitimate interests, and to object to direct marketing at any time.
- Right to withdraw consent — where processing is based on consent, without affecting the lawfulness of prior processing.
- Rights relating to automated decision-making — we do not carry out automated decision-making or profiling that produces legal or similarly significant effects.
11. How to Exercise Your Rights
To exercise any of your rights, please contact us at [CONTACT EMAIL] with details of your request. We may ask you to verify your identity before acting on a request to protect the security of your personal data.
We will respond to valid requests within the timeframes required by applicable law (generally within one month under the GDPR), and will let you know if we require additional time due to the complexity or volume of requests.
We do not charge a fee for handling most requests; however, we may charge a reasonable fee or decline to act where a request is manifestly unfounded, excessive, or repetitive, to the extent permitted by law.
12. Right to Lodge a Complaint
If you are located in the EEA, the UK, or another jurisdiction with a data protection authority, you have the right to lodge a complaint with your local supervisory authority if you believe our processing of your personal data infringes applicable law.
We would, however, appreciate the opportunity to address your concerns directly before you approach a supervisory authority. Please contact us first at [CONTACT EMAIL].
13. Third-Party Links and Independence Notice
The Website may contain links to third-party websites, including Google resources. We are not responsible for the privacy practices or content of external websites, and we encourage you to review their respective privacy policies.
Please note that [LEGAL ENTITY NAME] is an independent consultancy and is not affiliated with, endorsed by, or acting on behalf of Google or any government body. Any references to Google or GODOS certification are for descriptive purposes only.
14. Changes to This Policy and Contact
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or service providers. The current version will always be available on the Website, and the effective date below indicates when it was last revised.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us using the details below.
This Policy is provided as a template and should be reviewed and finalized by qualified legal counsel before publication.
- Data controller: [LEGAL ENTITY NAME]
- Registered address: [REGISTERED ADDRESS]
- Privacy contact email: [CONTACT EMAIL]
- Effective date: 11 July 2026