Data controller handoff (partner-provisioned firms)
In brief: What happens at activation — your partner stops being the data controller; your firm becomes the controller.
When your firm is set up via a partner (such as Hirenza), there's a GDPR-significant moment when you first sign in and accept the Terms — your partner stops being the data controller for your compliance records and your firm becomes the controller instead. This article explains what that means, what gets recorded, and what you should know as the firm-owner.
Why this matters
Under UK GDPR, the data controller is whoever decides how and why personal data is processed. The processor is whoever actually does the processing on the controller's behalf. Controller and processor have very different legal obligations.
While your firm exists in Certivus in shadow state (after the partner created it, before you've signed in and activated), the partner is the controller. Certivus is the processor on their behalf. The processing is governed by the partner's DPA with Certivus.
The moment you accept the Certivus Terms + Privacy Policy on the activation screen:
- Controller responsibility transfers to your firm.
- The processor relationship is now between your firm (controller) and Certivus (processor), governed by the Certivus DPA.
- The partner is no longer the controller, even though they might still be making API calls on your behalf via their existing integration.
What gets recorded
At the moment you click Activate workspace, Certivus writes two audit-log entries:
firm.activated— records when the activation happened, who activated (your verified email), and what auth method was used (Rajoka ID SSO, magic link, etc.).firm.controller_handoff— the GDPR-specific record. Captures the Terms version, Privacy version, the timestamp, and snapshots both sides of the transition (partner_id → firm_id).
You can review both entries in Settings → Audit log (or /firm/audit-log directly). Auditors can read the trail to confirm exactly when controller responsibility transferred.
What stays the same
- All the cases the partner created during shadow state remain in your firm's audit log. The partner's role is now recorded under
actor_partner_idon each historical row. - The partner's API integration keeps working unless you actively disconnect it via Settings → Integrations.
- Your firm's data lives only with Certivus — the partner doesn't get any retroactive read access to records they didn't create themselves.
What you should review on activation day
- Read the Welcome banner on your dashboard — it explains where to start and what the partner has been doing.
- Visit Settings → Audit log — scan the last 30 days of activity to confirm the records look right.
- Visit Settings → Integrations — see which partner is mapped to your firm; you can disconnect at any time.
- Visit Settings → Billing & Usage — confirm your plan tier (the partner may have requested a specific starter plan; you can upgrade if you need more).
- Optionally: Settings → API access — mint your own API credential so you can integrate Certivus into your own tooling directly, independent of the partner.
Disconnecting from a partner
You can disconnect at any time without losing your Certivus workspace. From Settings → Integrations, find the partner row and click Remove access. The partner stops being able to call Certivus on your behalf immediately. Your firm, audit log, billing, and any credentials you've issued yourself all continue to work normally.
Related
- Audit log — review every event recorded for your firm
- API access — issue your own API credentials, independent of any partner
Didn't find what you needed?
Contact support