Use of Certification Mark Policy

Statement of Commitment

Guardian’s Commitment to Mark Integrity

Guardian Assessment Private Limited (India) and Guardian Assessment UK Ltd, together constituting the Guardian Assessment certification body, operate this Use of Certification Mark Policy as the documented framework governing how the Guardian SecureApp™ certification mark is awarded, displayed, controlled, and protected against misuse. The Policy is the operational implementation of UAF-GEN-CAB-02 (Conditions for the Use of UAF Accreditation Symbol) — explicitly cited in Guardian’s UAF accreditation Schedule among the documents Guardian’s accreditation requires us to comply with — and ISO/IEC 17030:2003 (General requirements for third-party marks of conformity), embedded in our Certification Agreement and audited annually by UAF during accreditation surveillance.

Mark integrity is itself a procurement-grade signal. The value of the Guardian SecureApp™ mark to certified clients — the ability to display the mark in marketing, packaging, RFP responses, and customer communications — depends on every displayed mark accurately representing actual current certification. A mark that is misused on uncertified products, displayed beyond awarded scope, or retained after withdrawal devalues the mark for every certified client and undermines the procurement-grade trust the mark carries. Guardian protects mark integrity actively, not passively.

Two Distinct Marks Discussed in This Policy

This Policy addresses two distinct marks. Stakeholders should be clear about which mark each provision concerns:

• The Guardian SecureApp™ certification mark — designed, owned, and licensed by Guardian Assessment Private Limited. Awarded to certified clients on Grant decisions and licensed for display under specific scope-bounded conditions described in this Policy. This is the mark that certified clients are authorised to display.
• The UAF accreditation symbol — owned by UAF (United Accreditation Foundation Inc.) and used by Guardian under separate UAF-GEN-CAB-02 conditions set by UAF. Certified clients are NOT authorised to display the UAF accreditation symbol on their products or marketing materials. The symbol may appear on Guardian’s own website (e.g., the Guardian trust strip), on Guardian-issued certificates, and in Guardian’s own marketing materials, but it is not transferable to certified clients. This distinction is one of the most consequential clarifications in this Policy.

Scope of This Policy

This Policy applies to:

• Guardian SecureApp™ certified clients — entities that hold a current Guardian SecureApp™ certificate and have been issued a Mark Usage Licence Agreement
• Former certified clients — entities whose certificates have been suspended, withdrawn, or have expired and who are subject to mark-removal obligations
• Marketing teams, brand teams, and legal counsel of certified clients responsible for materials displaying the certification mark
• Procurement teams and other third parties verifying mark legitimacy on supplier materials
• Guardian personnel administering the mark licensing programme

Explicitly out of scope: VAPT engagements. Per /services/vapt Section 3.3, the Guardian VAPT service is non-accredited and produces NO certification mark. Clients of the standalone Guardian VAPT service are not authorised to display any Guardian SecureApp™ mark in connection with the VAPT engagement, the Technical Findings Report produced by it, or any product on which VAPT was conducted. Display of any Guardian mark on a product where VAPT (rather than certification) was the engagement type is mark misuse subject to Section 3.8 below.

Underlying Standards

This Policy implements:

• UAF-GEN-CAB-02 (Conditions for the Use of UAF Accreditation Symbol) — the principal UAF document governing how the UAF accreditation symbol may be used by Guardian
• ISO/IEC 17030:2003 (General requirements for third-party marks of conformity) — the principal international standard governing certification marks
• ISO/IEC 17065:2012 Clause 7.7 (Use of Licences, Certificates, and Marks of Conformity) — the principal product certification standard provision governing mark usage in certification schemes
• ISO/IEC 17065:2012 Clause 4.6 (Publicly Available Information) — requiring this Policy to be publicly accessible

Certification Mark

The Mark Itself, and What It Represents

The Guardian SecureApp™ certification mark is a graphical and verbal trademark designed by Guardian Assessment Private Limited. It comprises the Guardian SecureApp™ wordmark, a graphical badge element, and accompanying scope identifiers that locate the displayed mark within Guardian’s certification structure. The mark is owned by Guardian Assessment Private Limited; trademark protection is maintained in the jurisdictions where Guardian operates, with international protection available through extension as Guardian’s operational footprint expands.

Mark Composition

The complete certification mark, as displayed by certified clients, comprises three components:

• The Guardian SecureApp™ graphical badge — the principal visual identifier
• The wordmark ‘Guardian SecureApp™’ rendered in the approved typography
• The scope identifiers — Module designation (Module A, Module B, or Module C, or specific combinations for multi-Module engagements), Level designation (Level 1 Basic, Level 2 Advanced, or Level 3 High-Risk / Critical), certificate number, and validity reference

All three components are required for legitimate mark display. The graphical badge alone, without the wordmark or scope identifiers, is not legitimate display. The wordmark alone, without the badge or scope identifiers, is not legitimate display. The scope identifiers alone, without the badge and wordmark, are not legitimate display. The mark functions as a unified identifier, not as separable elements.

Approved Mark Artwork

Approved mark artwork is provided to certified clients on issuance of the certificate. The artwork includes vector formats (SVG, EPS) for scalable display, raster formats (PNG with transparency) for digital use, and brand guidelines specifying colour palette, typography, minimum size, clear-space requirements, and acceptable backgrounds. Mark display must use the approved artwork without modification — colour shifts, rotation, distortion, partial obscuring, or addition of unauthorised elements is mark misuse subject to Section 3.8 below.

Artwork updates — for example, where Guardian refreshes mark design across the cycle — are communicated to certified clients with a transition period during which existing mark display can be updated without breach. The Mark Usage Licence Agreement defines the transition period; typically six months from updated artwork release.

What the Mark Represents

Display of the Guardian SecureApp™ certification mark represents that:

• The named product (specifically the version or version range covered by the certificate) has been independently evaluated by Guardian Assessment under ISO/IEC 17065-accredited certification at the displayed Module + Level
• The evaluation reached a Grant decision by Guardian’s independent Decision Authority
• The certificate is currently valid (not suspended, not withdrawn, not expired)
• The certified client is currently in compliance with surveillance obligations during the cycle
• The certified client is authorised under a current Mark Usage Licence Agreement to display the mark

Display of the mark on a product or in a context where any of these elements is not true is mark misuse, regardless of whether the misrepresentation was intentional. Certified clients planning mark display in marketing materials, RFP responses, or other public-facing contexts should verify against this list before publication.

Conditions

When and How the Mark May Be Displayed

Mark display is governed by the Mark Usage Licence Agreement issued to each certified client at certificate Grant. The Agreement formalises the conditions described below; this Policy summarises them for public reference.

The Mark Usage Licence

Issuance: the Mark Usage Licence is issued automatically with each Grant decision. There is no separate application or fee — the Licence is incorporated into the certification engagement and governed by the Certification Agreement. Where multiple products are certified or multiple Modules are added, separate Licences are issued (one per certificate).

Term: the Licence runs for the validity period of the certificate (typically three years from Grant, with renewal at recertification). The Licence terminates automatically on certificate suspension, withdrawal, or expiry — see Section 3.7 below for the operational consequences.

Transferability: the Licence is non-transferable. Where a certified client undergoes corporate change (acquisition, merger, restructure) that materially affects the certified entity, the Licence does not automatically transfer to the resulting entity; continuity of mark use requires Decision Authority assessment of the corporate change and, where appropriate, fresh Licence issuance per the new corporate structure.

Permitted Display Contexts

The mark may be displayed in the following contexts, subject to all conditions in this Policy and the Mark Usage Licence Agreement:

• On the certified product itself — software UI, product packaging, product documentation, in-product ‘About’ or security pages
• On the certified client’s website — particularly product pages, security pages, trust pages, certifications pages
• In marketing materials concerning the certified product — brochures, datasheets, sales presentations, demo materials, case studies
• In RFP and procurement responses where the certified product is the subject of the response
• In customer communications concerning security and compliance posture of the certified product
• In trade show, conference, and event materials where the certified product is featured
• In supplier security questionnaires and vendor assessments where the certified product is the subject of the response

Display Requirements

In every permitted display context, the mark display must comply with the following requirements:

• All three mark components (badge, wordmark, scope identifiers) must be clearly visible and legible
• The scope identifiers must accurately reflect the actual certified scope — Module, Level, certificate number, validity reference
• The display context must concern the actual certified product, not a different product, a broader product family beyond what is certified, or an uncertified version of the certified product
• Approved artwork must be used without modification (per Section 3.2 above)
• Minimum size and clear-space requirements per the brand guidelines must be observed
• Where the mark is displayed alongside other certifications, the contextual presentation must not imply that the Guardian SecureApp™ mark covers scope it does not actually cover

Where uncertainty exists about whether a specific display context complies with these requirements — for example, where the certified scope is narrow but marketing materials reference the broader product family — the certified client is encouraged to consult Guardian via the Mark Usage contact channel before publication. A short pre-publication review is faster than corrective action after misuse is discovered.

Scope

The Mark Cannot Exceed Awarded Scope

The most operationally consequential mark display rule is scope discipline: the mark may only be displayed in a manner consistent with the actual awarded certification scope. Scope-creep mark display — where the mark suggests certification beyond what was actually granted — is the most common form of mark misuse, and the most damaging to mark integrity. This Section addresses scope-bounded display in detail.

Scope Identifiers Are Mandatory

Display of the Guardian SecureApp™ mark requires display of the scope identifiers — Module designation, Level designation, certificate number, validity reference. These are not optional adornments; they are part of the mark itself, identifying what the certification actually covers. Display of the mark without scope identifiers (e.g., the badge alone with the wordmark but no Level or Module) is misuse because it suggests certification of unspecified scope.

Specifically:

• Level designation must accurately state the certified Level: ‘Level 1 (Basic)’, ‘Level 2 (Advanced)’, or ‘Level 3 (High-Risk / Critical)’. Abbreviation to just ‘Certified’ or ‘Guardian Certified’ without Level designation is misuse — readers cannot distinguish the assurance signal.
• Module designation must accurately state the certified Module(s): ‘Module A — Web Application Security’, ‘Module B — SaaS / Multi-Tenant Platform Security’, ‘Module C — API / Microservices Security’, or specific combinations for multi-Module engagements. Generalised ‘application security certified’ framing without Module specificity is misuse.
• Certificate number must be visible and accurate, allowing third parties to verify the certificate against the Public Directory at /directory.
• Validity reference must indicate that the certificate is currently valid; Guardian’s Public Directory is the authoritative source for current validity status.

Product/Version Coverage

The mark covers a specific product (or specific products) at specific version(s) or version ranges as defined in the certificate. Display of the mark in connection with:

• A different product, even from the same certified client — misuse
• A new version of the certified product not within the certified version range — misuse, until that version is brought within the certified scope through change-management procedures (see /process/surveillance) or fresh evaluation
• A modified product where the modification materially affects security-relevant aspects — misuse, pending Decision Authority assessment of whether the modification falls within or outside certified scope
• A broader product family or product portfolio of which the certified product is one component — misuse, unless the display clearly identifies that only the specific named product carries the certification and not the broader family

Where certified clients introduce new versions or variants during the cycle, /process/surveillance Section 3.4 (Change Management) is the operational route for keeping mark display accurate.

Geographic Scope

Where the certificate specifies a geographic scope of operation, mark display in markets outside that geographic scope is misuse. Most Guardian SecureApp™ certificates do not have a restrictive geographic scope (the certification is product-level, not market-level), but where a certificate specifies a particular geography (for example, a regulatory-driver-scoped certification covering specific jurisdictions), display in non-scoped markets requires the additional context that locates the display within the actual certified scope.

Comparison and Equivalence Claims

Display of the Guardian SecureApp™ mark accompanied by claims that the certification is ‘equivalent to’ other certifications — for example, claiming Level 2 is ‘equivalent to’ a different framework’s specific level — is generally misuse unless the equivalence claim is itself accurate and supportable. Guardian does not endorse equivalence claims unless they appear in Guardian’s own published materials. Certified clients planning equivalence framing should verify with Guardian before publication.

The integrity rule: Every display of the Guardian SecureApp™ mark must be true at the time and in the context of display. If a display would lead a reasonable reader to conclude something that is not actually true about the actual current certification, the display is misuse — regardless of whether the misleading conclusion was intended. The reasonable-reader test is the operational test for scope-bounded display compliance.

Accreditation Symbol

A Different Mark with Different Rules

The UAF accreditation symbol — the visual identifier showing that Guardian is accredited by United Accreditation Foundation Inc. — is a distinct mark from the Guardian SecureApp™ certification mark. The two marks have different owners, different governing rules, and different permitted display contexts. This Section addresses the UAF accreditation symbol specifically because confusion between the two marks is a common source of misuse.

UAF Accreditation Symbol Ownership and Control

The UAF accreditation symbol is owned by United Accreditation Foundation Inc., whose offices are at 1060 Laskin Road, STE 12B/13B, Virginia Beach, VA 23451, United States of America. The symbol is licensed to UAF-accredited certification bodies (including Guardian) under the conditions set out in UAF-GEN-CAB-02. Those conditions are set by UAF, not by Guardian, and may be updated by UAF from time to time. Guardian’s use of the UAF accreditation symbol is itself audited during UAF surveillance.

Where the UAF Accreditation Symbol May Appear

Under UAF-GEN-CAB-02, the UAF accreditation symbol may appear:

• On Guardian’s own website — particularly on the trust strip, on /accreditation page, on certificates, and in similar contexts identifying Guardian as a UAF-accredited certification body
• On Guardian-issued certificates — the accreditation symbol appears on the certificate face alongside the Guardian SecureApp™ certification mark, locating Guardian’s certification activities within UAF’s accreditation framework
• In Guardian’s own marketing materials, presentations, and corporate communications identifying Guardian as a UAF-accredited body
• In Guardian’s reports and public communications where UAF accreditation reference is appropriate

Where the UAF Accreditation Symbol May NOT Appear

Critically, the UAF accreditation symbol may NOT appear:

• On certified clients’ products — even though certified clients display the Guardian SecureApp™ certification mark on their products, they do not extend that to displaying the UAF accreditation symbol
• On certified clients’ marketing materials, websites, RFP responses, or other public-facing communications — the UAF symbol stays with Guardian
• On any third-party website, materials, or content not produced by Guardian
• In a manner suggesting that the certified client is itself UAF-accredited (the certified client is not — Guardian is, and the client holds Guardian-issued certification)

The structural reason for this distinction is straightforward: UAF accredits certification bodies, not products. The Guardian SecureApp™ certification mark says ‘this product was certified by an accredited body’. The UAF accreditation symbol says ‘this body is accredited by UAF’. Mixing the two — putting the UAF symbol on a product — would suggest UAF directly accredits the product, which it does not. Maintaining the distinction is part of how the layered accreditation framework retains its integrity.

Verifying Guardian’s UAF Accreditation

Stakeholders verifying Guardian’s UAF accreditation should consult UAF’s directory at uafaccreditation.org directly, not rely on the symbol alone. The directory is the authoritative public record of Guardian’s accreditation; the symbol is a visual indicator that the directory is the verification source. Guardian’s accreditation reference (52605385601, valid 06 May 2026 to 05 May 2030) appears on certificates and in our /accreditation page for cross-reference.

Mark Usage

Maintaining Mark Display Through the 3-Year Cycle

Mark display obligations are not one-time at certificate Grant — they are continuous through the certification cycle. Several events during the cycle affect mark display, and certified clients are responsible for tracking and complying with these. The principal mark-relevant events during the cycle are described below.

Surveillance Audits

Surveillance audits per /process/surveillance verify ongoing compliance with certification scope and conditions, including mark usage compliance. Surveillance scope explicitly includes review of the certified client’s current mark usage — a sample of public-facing materials displaying the mark is reviewed for accuracy, currency, and scope discipline. Where surveillance reveals mark display that does not comply with this Policy, surveillance findings include corrective actions for mark display correction; failure to correct can result in surveillance non-compliance findings affecting the certificate’s continued maintenance.

Change Management

Where the certified client makes material changes to the certified product (per /process/surveillance Section 3.4), the changes may affect mark display. New product versions outside the certified version range cannot display the mark until brought within scope. Modules added to the certified scope (e.g., Module C added to existing Module B certification) require updated Mark Usage Licence with revised scope identifiers. Scope reductions (modules retired from certification) require mark display update to remove the retired Module from scope identifiers. Change Management coordination through /process/surveillance is the operational route for keeping mark display accurate; certified clients should not unilaterally modify scope identifiers without Guardian-side confirmation.

Recertification

Recertification at cycle end produces a new certificate with new validity dates and (typically) a new certificate number. Mark display must update to reflect the new certificate’s identifiers within a transition period from recertification — typically 90 days from the new certificate issuance. Display continuing to reference the expired prior certificate’s identifiers after the transition period is misuse. Where recertification scope changes (Level upgrade, Module addition, Module retirement), mark display update is correspondingly more substantive.

Mid-Cycle Mark Refresh

Where Guardian refreshes the Guardian SecureApp™ mark design — for example, evolution of the graphical badge or the wordmark typography — certified clients are notified with a transition period (typically six months) during which both the legacy mark and the new mark are acceptable. After the transition period, only the current mark is acceptable. Mark refresh is infrequent (Guardian does not refresh mark design routinely); when it occurs, the transition is structured to minimise disruption to certified clients’ marketing assets.

Mark Removal

When Mark Display Must Cease

The Mark Usage Licence terminates automatically on three events: certificate suspension, certificate withdrawal, and certificate expiry without recertification. Each event has specific operational consequences for mark display, which are described below. Certified clients should plan for these events; failure to remove mark display promptly after termination is a serious form of mark misuse with corresponding corrective action.

Mark Removal on Suspension

On certificate suspension per ISO/IEC 17065 Cl. 7.11, the Mark Usage Licence is suspended for the duration of the certificate suspension. During suspension:

• All mark display must be removed from public-facing materials within 14 calendar days of the suspension notice
• Mark display in physical products and packaging that have already been distributed need not be physically recalled, but ongoing distribution must remove the mark from new units
• Marketing materials in production must update to remove the mark before publication; published materials must update at the next print run or web update
• RFP responses in progress must update to remove the mark before submission

If the certificate is reinstated after suspension, mark display may resume from the date of reinstatement. Where suspension converts to withdrawal (per Cl. 7.12), mark removal becomes permanent rather than temporary; see below.

Mark Removal on Withdrawal

On certificate withdrawal per Cl. 7.12, the Mark Usage Licence terminates permanently. Mark removal obligations:

• All mark display must be removed from public-facing materials within 30 calendar days of the withdrawal notice
• Marketing materials, brochures, datasheets, sales presentations, demo materials, and case studies must remove the mark in their next update cycle and immediately if there is no scheduled update within 60 days
• Website displays must remove the mark within 30 days; references in evergreen content (case studies, customer success stories) require update or removal
• Physical inventory bearing the mark may continue to be distributed within a reasonable wind-down period (typically 90 days for finished goods inventory at withdrawal); new production must not bear the mark
• RFP responses citing the certificate must update to reflect that the certificate is no longer current; references that suggest current certification are misuse

Mark Removal on Expiry

If a certificate expires without recertification (the certified client has chosen not to recertify, or recertification was not completed in time), mark display obligations are similar to withdrawal:

• All current mark display must be removed within 30 calendar days of expiry
• Where the certified client intends to recertify but recertification was not completed before expiry, mark display must still be removed during the gap; resumption requires the new certificate’s issuance per Section 3.6 above
• References to the expired certificate in historical contexts (e.g., ‘certified by Guardian SecureApp™ from 2024 to 2027’) are acceptable where they explicitly identify the historical period and do not suggest current certification

Public Directory Updates

Concurrent with each mark removal event, the Public Directory at /directory is updated per ISO/IEC 17065 Cl. 7.8 to reflect the certificate’s status (Suspended, Withdrawn, Expired). Third parties verifying mark legitimacy should consult the Public Directory; where the displayed mark does not match the Public Directory’s current status, the Public Directory is the authoritative source. Misuse complaints from third parties commonly arise from this mismatch — see Section 3.8 below.