CAS

Privacy Policy

Effective Date: 01/07/2024
Last Updated: 01/07/2024

  1. Introduction

At CAS Conformity Assessment Services (CAS), we are committed to protecting the privacy of individuals who interact with our website and services. This Privacy Policy outlines how we collect, use, store, and protect personal data in compliance with GDPR (General Data Protection Regulation) and relevant international data protection laws.

  1. Information We Collect

We collect and process personal data necessary for providing our certification, auditing, validation, verification, and registration services. The data we collect includes:

2.1 Personal Information

  • Full Name
  • Contact Information (Phone Number, Email Address, Address)
  • Job Title and Company Name
  • Identification Details (e.g., Passport/ID Number)
  • Payment and Billing Information (if applicable)

2.2 Application and Service Data

  • Certification or Audit Application Details
  • Documents submitted for ISO/IEC 17024:2012 Certification of Persons (CVs, Educational Certificates, Work Experience, Business Licenses, etc.)
  • Examination results and competency assessments

2.3 Website Usage Data

  • IP Address
  • Browser Type and Device Information
  • Pages Visited and Time Spent on Our Website
  • Cookies and Tracking Data
  1. How We Use Your Information

We process personal data to provide services, ensure compliance, and improve user experience. The primary purposes include:

3.1 Service Provision

  • Processing applications for certification, audits, and registrations
  • Conducting audits, assessments, and evaluations
  • Managing customer accounts and communications

3.2 Communication

  • Sending service-related emails (confirmations, updates, and notifications)
  • Providing customer support and responding to inquiries

3.3 Legal and Compliance Obligations

  • Ensuring compliance with ISO, IAF, EGAC, EOS, and other regulatory requirements
  • Preventing fraud and ensuring data security

3.4 Website Enhancement

  • Improving website functionality through analytics
  • Monitoring traffic patterns for security and performance improvements
  1. Legal Basis for Processing Personal Data

We process data under the following legal bases:

  • Consent – When you voluntarily provide personal information for applications or job submissions.
  • Contractual Obligation – Processing necessary for the execution of services (certifications, audits, etc.).
  • Legal Compliance – Ensuring adherence to industry regulations and government requirements.
  • Legitimate Interest – Business improvements and fraud prevention.
  1. Data Sharing and Disclosure

We do not sell, trade, or rent personal data. However, we may share your data with:

Accreditation & Regulatory Bodies – (e.g., EGAC, IAF, EOS) to ensure certification compliance.
Authorized Auditors & Assessors – Engaged in auditing and certification processes.
Third-Party Service Providers – Hosting, security, and document verification services.
Legal Authorities – If required by law, court order, or government regulation.

All third parties are required to adhere to strict confidentiality measures and data protection regulations.

  1. Data Retention Policy

We retain personal data only for as long as necessary for the purposes outlined in this policy:

  • Certification & Audit Applications: 5 years after certification expiration.
  • Job Applications: 1 year if the applicant is not hired.
  • Website Usage Data: 6 months for security and analytics.

After the retention period, data is securely deleted or anonymized.

  1. Data Security Measures

We implement strong security measures to protect personal data from unauthorized access, disclosure, or loss:

🔒 Encryption & Secure Storage – All sensitive data is encrypted and stored securely.
👨‍💻 Access Control – Only authorized personnel can access personal data.
📊 Regular Security Audits – Periodic assessments to maintain compliance and data integrity.

  1. Your Data Protection Rights

Under GDPR and other applicable regulations, you have the following rights:

Right to Access – Request a copy of your personal data.
Right to Rectification – Correct inaccurate or incomplete data.
Right to Erasure – Request deletion of personal data (subject to legal requirements).
Right to Object – Object to processing based on legitimate interests.
Right to Restriction – Request limitation on data processing.
Right to Data Portability – Receive your data in a structured format.

📩 To exercise your rights, contact us at: info@cas.com.eg

  1. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance functionality and user experience.

9.1 Types of Cookies We Use

🍪 Essential Cookies – Required for website operation.
📊 Analytics Cookies – Track website usage for performance improvements.
🎯 Marketing Cookies – Used for targeted advertising and promotions.

9.2 Managing Cookie Preferences

You can adjust cookie settings through your browser preferences. Disabling cookies may impact website functionality.

  1. Third-Party Links

Our website may contain links to third-party websites. CAS is not responsible for the privacy practices of external sites. Users are encouraged to review third-party Privacy Policies before submitting personal data.

  1. Changes to This Privacy Policy

We regularly review and update this policy to reflect changes in regulations and services. Any updates will be posted with a revised effective date. We encourage users to check this page periodically.

  1. Contact Information

For questions regarding this Privacy Policy or to exercise your rights, please contact us:

📧 Email: info@cas.com.eg
📍 Office Address: 4 Safa and Marwa Towers, Studio Misr Street, Al-Haram, Giza, Egypt
📞 Phone: +201008880933