Compliance
Certbond is engineered around the contractual and regulatory frameworks that partner companies and certified consultants must operate within. We treat compliance as a feature of the marketplace, not a side-document.
Vendor program compliance
Consultants are registered as part-time or contract personnel for the partner during the retainer term. Documentation is structured to support partner-program audit requirements across the major IT-vendor programs we cover.
Identity verification
Every member completes a regulated identity check with EU data residency before first payout. Professional identity is anchored to a verified online profile. Every certification is checked at the source with the issuing vendor before listing.
EU data residency and GDPR
Member data lives on EU-resident infrastructure. Data Processing Agreements are available to partner companies on signature. NIS2-baseline operational controls are in place, even though Certbond is currently outside the formal NIS2 scope. Right-to-deletion and right-of-access requests are honoured within statutory windows. Full detail in our Privacy policy and DPA.
Financial controls
Money flows through a regulated payment processor with full reconciliation. The retainer ledger gives an audit-grade record of every retainer and every payout. Project-level hourly billing is negotiated and paid directly between partner and consultant outside Certbond — we do not clip on hourly engagement.
Related documents
- Privacy policy — how we handle personal data under GDPR.
- Terms of service — the retainer model and member commitments.
- Data processing agreement — Art. 28 GDPR commitments to Controllers.
- Accessibility statement — WCAG 2.2 AA conformance under EAA.
- Security & resilience — security organisation and frameworks.