CerTracker — Healthcare Workforce Compliance Software
Request Demo
Legal

Privacy Policy

CerTracker provides a secure and efficient platform for healthcare professionals, training programs, nursing boards, and healthcare systems to upload, track, and manage certifications, continuing education (CE) credits, and credentials. We value your privacy and are committed to keeping your personal data confidential. This policy describes what we collect, how we use it, when we share it, and the choices you have. By using the Services, you agree to this Privacy Policy and our Terms of Use.
Last updated: Effective: September 1, 2025

Scope of this Policy

This Privacy Policy applies to the CerTracker platform and any applications, websites, and services that link to it. It does not apply to third-party services we do not control, even when accessed through links on our platform.

Personal data we collect

We collect personal data you provide directly when you register, upload documents, or contact us, as well as data we receive from training programs, nursing boards, and healthcare systems acting on your behalf. Categories include:

  • Identity and contact information (name, email, phone);
  • Professional information (license numbers, certifications, CE credits, employer);
  • Credential documents and the digital fingerprints generated from them;
  • Account and authentication data;
  • Device, log, and usage data (IP address, browser, pages viewed);
  • Communications with our support team.

How we use personal data

  • Operate, maintain, and improve the platform and its features;
  • Verify credentials and provide hiring/credentialing workflows;
  • Communicate with you about your account and the Services;
  • Detect, investigate, and prevent fraud, abuse, or security incidents;
  • Comply with legal obligations and enforce our agreements.

When we share personal data

We share personal data only as needed to deliver the Services or as required by law:

  • With training programs, nursing boards, and healthcare organizations you authorize;
  • With service providers that host or support the platform under written confidentiality and security obligations;
  • To comply with legal process, lawful requests, or to protect rights, safety, and property;
  • In connection with a corporate transaction (merger, acquisition, financing), subject to confidentiality.

We do not sell your personal data.

How we secure your data

CerTracker uses administrative, technical, and physical safeguards designed to protect personal data, including encryption at rest and in transit, role-based access controls, audit logging, and regular security reviews. See our Security Center for details. No system is 100% secure; you are responsible for protecting your account credentials.

Data retention

We retain personal data for as long as needed to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. When data is no longer required, we securely delete or de-identify it.

Your rights & choices

Depending on your jurisdiction, you may have rights to:

  • Access, correct, or delete your personal data;
  • Object to or restrict certain processing;
  • Receive a portable copy of your data;
  • Withdraw consent where processing is based on consent.

To exercise any of these rights, email support@certracker.com. We will respond within the timeframes required by applicable law.

EU users (GDPR)

For users in the European Economic Area or UK, CerTracker processes personal data on the legal bases of contract performance, legitimate interests, consent (where applicable), and legal obligation. You have rights under GDPR including access, rectification, erasure, restriction, portability, and objection. To exercise these rights or contact our data protection lead, email support@certracker.com.

California residents (CCPA/CPRA)

California residents have the right to know what personal information we collect, to request deletion, to correct inaccurate information, and to opt out of "sales" or "sharing" of personal information. CerTracker does not sell personal information.

Children's privacy

The Services are not directed to children under 18, and we do not knowingly collect personal data from children. If you believe a child has provided personal data, contact us and we will delete it.

International transfers

CerTracker is based in the United States. If you access the Services from outside the U.S., your data may be transferred to, stored, and processed in the United States. Where required, we rely on appropriate safeguards for international transfers.

Cookies & tracking

We use cookies and similar technologies to operate the platform, remember your preferences, analyze usage, and improve security. You can control cookies through your browser settings; disabling cookies may affect platform functionality.

Changes to this Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last Updated" date and, where appropriate, notify you. Continued use of the Services after changes constitutes acceptance.

Contact us

Questions about this Privacy Policy or our data practices? Email support@certracker.com.

Related
Terms of UsePrivacy PolicySecurity CenterPress KitCerTracker News
Skip the paperwork

See CerTracker in a 20-minute demo.

The fastest way to understand how CerTracker protects your data and replaces credential spreadsheets with continuous, AI-powered compliance.

Schedule a demoTalk to sales