Compliance & certifications

The paperwork your security and procurement teams need.

Certifications in hand (or in progress), process controls we run on every unit, and the documents we can file directly with your audit team.

Standards

Certifications

In progress

Responsible Recycling standard for electronics processors and reverse-logistics operators.

Audit scheduled.

Certified

Quality management system covering our refurbishing workflow and serial-level traceability.

Documented

Media sanitization standard. Every drive is purged before resale, with a per-drive certificate on request.

Documented

Environmental carrier programme. Kilograms of e-waste diverted and carbon avoided reported per PO.

Operations

01

Intake & chain-of-custody

Units are serialised, photographed, and logged on arrival. Chain-of-custody begins on the intake receipt.
02

Functional test & grading

Every unit is tested against the manufacturer spec. Graded A / B / C by cosmetic condition against a published rubric.
03

Data sanitization

Drives purged to NIST 800-88. Certificate of sanitization issued per drive on request.
04

Asset tagging & ship

Optional asset tags applied. CSV of serials + grades + test results sent with the shipment.

Audit-ready

Certificate of Sanitization — per drive, issued against NIST 800-88 Purge.
Certificate of Destruction — for storage media removed during RMA.
Chain-of-custody log — per PO, for HIPAA and public-sector deployments.
ESG report — e-waste diverted and carbon avoided per PO.
W-9, W-8BEN, ACH instructions, Certificate of Insurance — available on request from [[email protected]].

Infosec

TLS 1.3 for all traffic; HSTS enabled.

Payment data never touches Restart infrastructure — Stripe Elements + PCI DSS SAQ-A attestation.

Customer data access is role-restricted; audit logs retained for one year.

Penetration testing scheduled [annually].

If your security or procurement team needs a specific attestation, send the request and we will route it to the right owner.