Privacy Policy

TasteCert (“TasteCert”, “we”, “us”, or “our”) is a food and beverage certification service operated by Netseline Ltd. We are committed to protecting your privacy and handling your personal data transparently and in accordance with the EU General Data Protection Regulation (GDPR) and applicable Cyprus data protection law. This policy applies to our website at tastecert.com and the services offered through it.

For the purposes of the GDPR, the data controller is Netseline Ltd., located at Nikolaou Nikolaidi, 10 Pittakeio Megaro, 3rd Floor, Office 305, 8010 Paphos, Cyprus.

1. Information we collect

We collect information that you provide directly to us, information collected automatically when you use our website, and information from third parties. This may include:

• Account and contact data: name, email address, telephone number, company name, business address, and login credentials.
• Product submission data: details about the food or beverage products you submit for evaluation, including descriptions, ingredients, and related documentation.
• Payment data: billing details and transaction records. Card payments are processed by our payment providers; we do not store full card numbers.
• Usage and device data: IP address, browser type, device information, pages visited, and interactions with our website, collected through cookies and similar technologies.
• Communications: messages you send us through forms, email, or support channels.

2. Cookies and tracking technologies

We use cookies and similar technologies to operate our website, remember your preferences, analyze traffic, and improve our services. Essential cookies are necessary for the website to function. Analytics and preference cookies are used only where permitted. You can manage or disable non-essential cookies through your browser settings or any cookie controls we provide. Disabling certain cookies may affect the functionality of the website.

3. How we use your data

We use your personal data to:

• Provide, operate, and maintain our certification services.
• Process product submissions, evaluations, and certification decisions.
• Process payments and send invoices and related notices.
• Communicate with you about your account, submissions, and support requests.
• Improve and personalize our website and services.
• Send service updates and, where you have consented, marketing communications.
• Comply with legal obligations and enforce our terms.

We process your data on the legal bases of performance of a contract, your consent, our legitimate interests in operating and improving our services, and compliance with legal obligations.

4. Partner and producer data

When you register as a partner or producer, we process the business and product information you provide to deliver our certification services. Certain information about certified products — such as the product name, producer, and certification tier — may be published in our public Certified Products directory to provide visibility to consumers, retailers, and distributors. We do not publish sensitive commercial details of your submission without your agreement.

5. Third-party services

We share personal data with trusted third-party service providers who help us operate our business, including payment processors, hosting and infrastructure providers, analytics providers, and communication tools. These providers process data on our behalf under contractual safeguards. We may also disclose data where required by law, to protect our rights, or in connection with a business transfer. We do not sell your personal data.

Where personal data is transferred outside the European Economic Area, we ensure appropriate safeguards are in place, such as European Commission adequacy decisions or standard contractual clauses.

6. Data retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including to provide our services, comply with legal, accounting, and reporting obligations, and resolve disputes. Certification records may be retained for the period required to maintain the integrity of the certification program. When data is no longer required, we securely delete or anonymize it.

7. Your rights under the GDPR

If you are located in the European Economic Area, you have the following rights in relation to your personal data:

• The right to access the personal data we hold about you.
• The right to rectification of inaccurate or incomplete data.
• The right to erasure (the “right to be forgotten”) in certain circumstances.
• The right to restrict or object to our processing of your data.
• The right to data portability.
• The right to withdraw consent at any time, where processing is based on consent.
• The right to lodge a complaint with a supervisory authority.

To exercise any of these rights, please contact us using the details below. You also have the right to lodge a complaint with the Office of the Commissioner for Personal Data Protection in Cyprus.

8. Data security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, loss, misuse, or alteration. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

9. Children's privacy

Our services are intended for businesses and individuals over the age of 18. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can remove it.

10. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the “Last updated” date above and, where appropriate, notify you. We encourage you to review this policy periodically.

11. Contact us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us: