Login to profile

Terms of Use


This is an official web site of CREST (International) (hereafter referred to as “CREST”) and means CREST (International), with Company Registration number 09805375, and any or all of its group of companies.

Use of this web site is subject to the Terms and Conditions contained herein.  CREST reserves the right to change the Terms and Conditions at any time without notice.  By using, or continuing to use, this site you agree to abide by all of the Terms and Conditions.  If you do not wish to be bound by the Terms and Conditions, you must cease use of this web site immediately.  Any goods or services purchased or advertised via this web site are, and may only be purchased or applied for, subject to the CREST terms and conditions of sale or CREST terms and conditions of application that are either contained elsewhere on this web site or can be obtained on request from CREST.

You agree not to interrupt or disrupt or attempt to interrupt or disrupt the operation of this web site in any way.  Subject to the Terms and Conditions, CREST grants you a non-exclusive, non-transferable, limited right to access and use this web site and the materials contained herein.  The words CREST (International), CREST and the CREST logos which appear on this site are trade marks of CREST.  None of these trade marks may be used in any advertising, publicity or in any manner whatsoever except with the prior written permission of CREST.

All of the material on this site is the exclusive copyright material of the CREST.  Such material may be printed and copied by you for your own internal purposes but may not be reproduced in any publications, web sites, newsletters, or external documents or media whatsoever except with the prior written permission of the CREST.

CREST’s website is for general guidance on matters of interest only.  While CREST takes every precaution to ensure that the content of the website is both current and accurate, errors can occur. Also, given the changing nature of laws, rules and regulations, there may be delays, omissions or inaccuracies in the information contained on the website.

Whilst CREST attempts to present accurate and reliable information on this web site, information contained on this web site may contain technical inaccuracies or typographical mistakes.  CREST reserves the right to alter or update information contained on this web site at any time without notice and to terminate, alter, suspend or discontinue any aspect of this web site at any time.  CREST reserves the right to impose limits on any or all services of the web site and to restrict access to all or part of the web site without notice or liability.

Any references contained on this web site to any specific companies, commercial products, processes or services by company, manufacturer, trade name, trademark, or otherwise do not constitute or imply endorsement, recommendation or sponsorship by CREST.

All information, materials and/or software made available on this web site are provided ‘as is’ for information purposes only without any representation or warranty, express or implied, of any kind including, but not limited to, warranties of merchantability, non-infringement or fitness for any particular purpose.  Use of any or all of the above is entirely voluntary and reliance on any of the above is at your sole risk.  CREST is not.

The information on website is provided with the understanding that the Company is not engaged in rendering legal or other professional advice and services.  As such, it should not be used as a substitute for consultation with professional or other competent advisers.

CREST will not be liable for any decision made or action taken in reliance on the information given on the website nor for any consequential, special or similar damages, even if advised of the possibility of such damages.  In no event shall CREST or its suppliers be liable for any special, incidental, indirect, or consequential damages whatsoever arising out of or in connection with your access or use or inability to access or use the website.

By using this web site you assume full responsibility for the protection of your computer system including computer hardware and software, stored data on your computer system and the stored data and computer systems including hardware and software of third parties who may access or be otherwise connected to your computer system.  You assume full responsibility for ensuring that programs or other data downloaded or otherwise received from this web site are free from viruses or any other items of a destructive nature whatsoever.

CREST will take reasonable steps to ensure that unauthorised third parties do not access data transmitted electronically by you to CREST via the web site and stored by CREST.  However, by using this web site you fully accept the risk that data transmitted electronically to CREST via this web site may be intercepted before reaching CREST or accessed from CREST’s data storage facility by unauthorised third parties.  CREST excludes any and all responsibility and/or liability for the acts of such unauthorised third parties or for guarding against such acts.

CREST maintains physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of customer information and personal data.  CREST’s internal personnel, who have access to data, have been trained to maintain the confidentiality of such information.

Client privacy is an important aspect of our business and we do not sell it or rent it to third parties.  We will not share your information with third parties for marketing purposes.

CREST makes no representations or warranties as to the security or propriety of any web site(s) that may be accessed through this web site. Connected web sites accessed through this web site are entirely independent web sites over which CREST exercises no control, whether financial, editorial or in any other way whatsoever.  Connected web sites are in no way endorsed, sponsored or recommended by CREST. CREST does not guarantee the accuracy, relevance, timeliness, or completeness of any information on these external websites.

Before reporting any potential vulnerabilities on our website, you must read the CREST Disclosure Policy fully to ensure that it is fully understood and complied with. Failure to comply with the policy may result in legal action.

Responsible Vulnerability Disclosure – CREST (crest-approved.org)

In no event shall CREST, its officers, directors, members or affiliates be liable for any direct, indirect, special, consequential or other damages howsoever resulting from the use of, or the inability to use, this web site or any part thereof or any web site or part thereof connected to this web site by any means whatsoever.

By using this web site you agree to indemnify and hold harmless CREST, its officers, directors, members and affiliates from and against any and all losses, expenses, damages and costs, including reasonable legal fees, resulting from any violation on your part of these Terms and Conditions.  CREST reserves the right to take over the exclusive defence of any claim for which we are entitled to indemnification under this section and, in such event, you shall provide CREST with such cooperation as is reasonably requested by CREST.

This site is controlled, operated, and administered by CREST from its offices in England.  You may not use this web site, or export the materials contained herein, in violation of English export laws and regulations.  CREST makes no representation that materials on this web site are appropriate or available for use at locations outside of England.  If you access this web site from locations outside of England, you assume full responsibility for compliance with all local laws.

These Terms and Conditions shall be governed by, construed by and shall take effect entirely in accordance with the laws of England subject to the exclusive jurisdiction of the English courts.

These Terms and Conditions constitute the entire agreement between CREST and you with respect to your use of this site.

In the event that any term, condition or provision of these Terms and Conditions shall be nullified or made void by any statute, regulation or order or by the decision or order of any Court having jurisdiction, the remaining terms, conditions and provisions shall remain in full force and effect.

Any failure on the part of CREST to enforce any provision of these Terms and Conditions will not constitute a waiver of CREST’s right to subsequently enforce such provision or any other provision of these Terms and Conditions.


Our Privacy Policy can be found here.

CREST uses its best endeavours to safeguard the privacy of its contacts and website visitors.  CREST obtains information in a variety of ways including when contacted about our products and services and making make an enquiry via our website.

The information collected:

  • ensures member companies are getting the full benefit of their membership;
  • ensures that CREST Qualified Individual certifications are managed accurately;
  • enables improvement to services.

In line with our Privacy Policy, information may be used for the following purposes:

  • responding to requests;
  • carrying out obligations arising from any contracts or agreements that are entered into;
  • communicating about our work and services;
  • notification about CREST services;
  • seeking views or comments on the services available from CREST;
  • notification of changes to services;
  • updating records when necessary;
  • supporting activities on members, stakeholders and others (eg. external venues);
  • for marketing purposes.

CREST may pass details on to third parties that are contracted to CREST in order to manage our obligations under those contracts and where this is likely to happen, CREST makes it clear.  These third parties are obliged to keep any details provided to them securely and to use them only to fulfil the request.

Third parties that we may share information with include, but are not necessarily limited to:

  • The Bank of England (eg. STAR and CBEST data)
  • The National Cyber Security Centre (eg. CHECK data, CIR/CIE services)
  • The Civil Aviation Authority (eg. ASSURE services)
  • Dubai Electronic Security Centre (eg. CyberForce framework)

Individuals may opt out of contact from us and instructions are available within the Privacy Policy.

We regularly review our web site Terms of Use and place any updates on this webpage.  Our website Terms of Use were last updated in September 2023.