Data Privacy is more important than ever nowadays-and that's good. You deserve to know what data about you is being collected, how it's being used and what control over it you have-regardless of whether you're living within the jurisdiction of the EU's GDPR or not.
Here's everything you need to know about how we handle your data at getsslcertificates.com.
What Personal Data do you collect?
We collect information that you provide to use when you:
- Register on our site
- Place an order with us
- Subscribe to our blog
- Subscribe to our newsletter
- Fill out a form
This typically consists of: names, email addresses, mailing addresses, phone numbers and credit card information.
In addition to this, we also capture information like IP address, browser information and cookies for our site.
Do you collect any privileged categories of personal data?
No. getsslcertificates.com neither controls, nor processes any privileged categories of personal data.
What do you use the data for?
We use the personal data we collect for a number of things:
- Personalizing your Experience - your information helps us to better respond to your individual needs
- Improving our Website - we continually improve our website based on your information and feedback
- Providing better Customer Service - your information helps us better respond to your requests and needs
- Processing Transactions – your information helps us to process your orders and expedite issuance
- Administering Contests and Promotions – occasionally we give away free stuff or (even more) exceptional discounts
- Sending Emails – we may email you at the address you provided
What is your legal basis for collecting personal data?
While we prefer to collect personal data on the basis of explicit content, we are also acting to fulfill a contract between our partners, the Certificates Authorities that issue digital certificates, and the end user or reseller purchasing them. Additionally, we conduct related marketing activities under the banner of our legitimate interests. For more information, feel free to email our Data Protection Officer..
Do you share personal data with anyone?
We do not share this information with outside parties except to the extent necessary to inform service providers about services for which you have expressed an interest and requested additional information regarding that service. Any partners that we do share data with have signed binding data processing addendums that restrict their use of the data to only its intended (and documented) purposes. If you need a Data Processing Addendum with us,
We do not sell or transfer your personally identifiable information to third parties without your permission. We use return email addresses to answer the email we receive for tech support, customer service, refer-a-friend, email updates, and to send registered users their passwords.
These addresses are not used for any other purpose and are not shared with outside parties. Finally, we never use or share the personally identifiable information provided to us online in ways unrelated to the ones described above without also providing you an opportunity to opt-out or otherwise prohibit such unrelated uses.
We may release your information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may also choose to release your information to other parties if we deem it necessary to protect our safety, rights, or property, or that of others.
Rapid Web Services, LLC accepts liability for all onward transfers of data to third parties.
How is the data stored? Where? What is guarding it?
In compliance with the GDPR, as well as state and local laws, getsslcertificates.com and all of its undertakings store data in the United States using Amazon Web Services. We use a secure server and all supplied sensitive/financial data is transmitted via Transport Layer Security (SSL/TLS) technology and then encrypted into our Payment gateway providers' database only to be accessible by those authorized with special access rights to such systems. By law they are required to keep the information confidential.
After a transaction, your private information (credit cards, social security numbers, financials, etc.) will not be stored on our servers.
Cookies are small files that a site or its service provider transfers to your computer's hard drive through your Web browser. Cookies enable the site's or service provider's systems to recognize your browser and capture and remember certain information.
Live Chat and Customer Service
At certain points, if you are not logged in, you may be asked to supply personal information for the purpose of customer service. Here, as with all other data touchpoints, we take special care to protect your information, including the use of encrypted channels and servers. All live chat sessions and phone calls are recorded for training purposes. Chat occurs over a secure connection, via Fresh Desk. Logs are saved both by getsslcertificates.com and FreshDesk, though they are never shared with any third party. getsslcertificates.com has a GDPR-compliant joint controller agreement with FreshDesk that ensures confidentiality.
Your Right to be Forgotten
We extend the data rights provided by the GDPR to all our customers and clients. That means that you have the right to modify or delete the personal data we have collected about you. Typically, you can modify or delete the personal data we have stored on you by logging into your account on our website. Failing that, simply email our Data Protection Officer either requesting a copy of the information we have collected about you - which can then be revised and returned - or the deletion of it. We will handle the request within 72 hours.
EU-US and US-Swiss Privacy Shield Certification
As a division of Rapid Web Services, LLC we are committed to adhering to all Privacy Shield principles and standards for the transfer and protection of personal data from the European Economic Area and Switzerland. Rapid Web Services is subject to the enforcement powers of the FTC.
Rapid Web Services, LLC has further committed to refer unresolved Privacy Shield complaints to ICDR-AAA, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit http://go.adr.org/privacyshield.html for more information or to file a complaint. The services of ICDR-AAA are provided at no cost to you.
California Online Privacy Protection Act Compliance
Because we value your privacy, we have taken the necessary precautions to be in compliance with the California Online Privacy Protection Act. We therefore will not distribute your personal information to outside parties without your consent.
California Consumer Privacy Act Compliance
Because we value your privacy, we have taken the necessary precautions to comply with the California Consumer Privacy Act. In the interest of transparency, we provide notice anytime information is being collected, in addition to disclosing what it will be used for. We do not share any customer information with third parties unless otherwise specified. Rapid Web Services, LLC complies with all lawful requests from law enforcement and relevant authorities.