INTRODUCTION
As a company that specializes in data security products, we take data security very seriously. The purpose of this Privacy Notice (“Notice”) is to inform the representatives of our business customers and other individuals (“you” or “your”) who share personal information with CheapSSLsecurity.com (“we,” “us,” “our,” and “CheapSSLsecurity.com”) of how we collect and process personal information and your rights you may have concerning your personal information that you share with us.
WHO WE ARE
CheapSSLsecurity.com is a website affiliated with Web Security Solutions, LLC (“WSS”), an affiliate of DigiCert, Inc. (“DigiCert”), which will act as data controller of personal information you share with and that is processed by CheapSSLsecurity.com. DigiCert is headquartered at 2801 North Thanksgiving Way, Suite 500, Lehi, Utah 84043.
Likewise, DigiCert and our valued partners will act as joint controllers with respect to personal information transferred from CheapSSLsecurity.com to our valued partners for the purpose of providing you with the certificate services and related products that you have requested or purchased from our valued partners. We encourage you to carefully read the privacy policies posted on our valued partners’ websites to understand their privacy and security practices.
WHAT THIS PRIVACY NOTICE COVERS
This Notice applies to all employees, agents, networks, servers, products, websites, mobile applications, online services, platforms, devices, and/or technology that collect and process your personal information that have access to and process the personal information you shared with CheapSSLsecurity.com.
PURPOSE OF PROCESSING
We process your personal information for the purpose of providing you with expert support services and access to vendors and their prices related to digital certificates and other products. For more information, see below on How Do We Use Your Information?
LAWFUL BASIS OF PROCESSING
We only process your personal information where there is a basis or justification under applicable law to do so.
For agents and representatives of our business customers, we process your personal information according to a legitimate interest that we have in servicing our customer which you represent, by providing the products and/or services that our business customer has requested or purchased, and to perform the services that are necessary to process your personal information.
For other customers, as applicable and depending on your location and/or the service or product you have requested or purchased, we may process your personal information to take steps to enter a written agreement and/or fulfill our obligations under a written agreement with you.
Where required, we may also obtain your affirmative, express consent to process your personal information.
WHAT PERSONAL INFORMATION DO WE COLLECT?
During the previous 12-months and/or while you engage CheapSSLsecurity.com services, we collect and/or process the following personal information, respectively:
Business Contact Information - First and last name, email address, postal address, telephone and fax number(s), IP address, usernames and related account information, job title, employer, and certain payment details.
COOKIES & TRACKING TECHNOLOGIES
Cookies are small files that a site or its service provider transfers to your computer's hard drive through your browser. Cookies enable the site's or service provider's systems to recognize your browser and capture and remember certain information.
We use cookies to help us remember and process the items in your shopping cart and compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.
DO WE COLLECT VALIDATION OR BIOMETRIC INFORMATION?
- Validation data: CheapSSLsecurity.com sites do not collect or process validation data. Instead, validation data will be collected and processed by the certificate authority that owns the product-brand that you purchase.
- Biometric data: CheapSSLsecurity.com sites do not collect or process biometric data. However, for our European customers and potentially customers in other areas, if you engage certificate services powered by DigiCert and choose to use our Remote Identity Verification (“RIV”) process, then DigiCert collects biometric data as part of that process. For our European customers, please note that biometric data is processed and stored in the Netherlands and Switzerland. For more information on DigiCert’s privacy practices related to RIV, please see DigiCert’s Remote Identity Verification Privacy Notice here.
HOW DO WE USE YOUR INFORMATION?
We use your personal information to provide certificate services and related products that you have requested. We may also use your personal information for the following purposes:
- Providing products and services: we use your information to provide you with our products and services you have requested or purchased.
- Improving our website: we continually improve our website based on your information and feedback.
- Providing better customer service: your information helps us better respond to your requests and needs.
- Processing transactions: your information helps us to process your orders and expedite certificate issuance.
- Promotional communications: we may also use your personal information to communicate promotional materials. Where required, we obtain your consent to send you promotional communications.
- Security: we use your information to detect, prevent, and address technical issues and to monitor the usage of our service.
- Facilitating live chat: provide live chat services in response to sales and technical questions.
CATEGORIES OF SOURCES FROM WHICH WE COLLECT YOUR INFORMATION:
As part of our products and/or services we provide, we may collect personal information from you, or through our website, email, live chat, blog or for our customers who have an account with us, through the customer account.
DISCLOSURES TO THIRD PARTIES
Depending on the products and/or services you have requested or purchased, during the previous 12 months and/or while you engage CheapSSLsecurity.com, we may disclose your personal information to our valued partners, to our service providers, and to other third parties who process personal information to provide you the services that you have requested or purchased.
We do not sell your data to third parties, and our third parties to whom we do disclose your information are subject to requirements that are at least as restrictive as this Notice. Where required by applicable law, such third parties are bound by data processing agreements that restrict usage of your information to fulfilling one or more of purposes outlined below:
Disclosures to Valued Partners
- For our customers who choose to engage the services provided our valued partners (not including services from DigiCert, which is already the controller of data you provide us), we will share only the information necessary to facilitate the transaction with our valued partner.
Disclosures to Service Providers
- IT service providers: We may share your information with third parties that provide us with SaaS services, including customer relationship management and other database and application software.
- Analytics/optimization firms: We may share your information with analytics and search engine providers that help us improve and optimize our networks, products, websites, mobile applications, platforms, devices, and/or other online services and technology.
- Payment processors: We may share your information with payment processors that help process your credit card payments. We follow Payment Card Industry Security Standards (PCI-DSS) when handling credit card information.
- External auditors: We may share your information with external auditors that audit our accounting practices and financial statements, information security practices, compliance programs, and other essential parts of our global infrastructure. Such audits evaluate, confirm, and verify processes related to the quality and security of products and services to ensure CheapSSLsecurity.com systems have been effectively implemented. As part of the audit process, auditors may contact you to verify information related to the services you have purchased.
Disclosures to Other Third Parties
- Marketing and advertising Firms: We may share your information with marketing firms, advertisers, and advertising networks that send you advertisements across our platforms about our products and services.
- Blogs: Our websites may offer publicly accessible blogs or community forums. Any information you provide in our blogs can be read, collected, and used by others who access them. To request removal of your personal information from our blog or community forums, please contact us at [email protected]. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.
- Law enforcement: When required by formal judicial or other lawful and mandatory process, we may share your personal information with law enforcement agencies, public authorities, other government agencies, or other parties who are able to obtain a lawful order compelling our production of such information.
We accept liability for all onward transfers of personal data to third parties.
INFORMATION SECURITY
The security of your personal information is of the utmost importance to us. We have implemented and maintain internal technical and organizational measures in accordance with industry best practices and applicable data protection laws.
Among other security measures, we have industry-standard encryption for data at rest and data in transit. While our security practices align with commercially reasonable protocols, we cannot guarantee absolute security of your personal information. For questions about our security practices, please contact [email protected].
WHERE DO WE STORE YOUR INFORMATION AND FOR HOW LONG?
We store your information in the United States using Amazon Web Services and a secure server where all personal data is transmitted using industry standard cryptography. After your transaction has been processed, your personal information, including credit card information and other financial information related to your transaction, will not be stored on our servers.
We retain personal information only for legitimate business purposes and as long as necessary to fulfill our commitment to provide products and/or services to you (or the business customer you represent).
Third-Party Sub-Processors
We maintain a list of third-party processors, some of which may process your personal information on our behalf for the purpose of providing you with the products or services you have requested. You may view our list of sub-processors here.
YOUR RIGHTS WITH RESPECT TO YOUR PERSONAL INFORMATION
You may have certain rights regarding your personal information. You may submit a request to access your information, request portability, request deletion, restrict processing of your personal information, request correction, and, in certain cases, you may object to us processing your personal information and submit a request to withdraw processing.
Exercising Your Rights
You may exercise your rights with respect to your personal information by emailing our data privacy officer at [email protected].
Verification of Your Identity
Prior to responding to a request listed above, we will ask you to answer a few questions about yourself to help us verify your identity. In the event more documentation is necessary to verify your identity, we will notify you.
What if We Cannot Verify Your Identity?
If we can’t verify your identity, we will notify you. Any request may be denied if we have reason to believe the request is fraudulent.
FILING A COMPLAINT
You may file a complaint regarding our privacy practices by emailing [email protected]. Before we respond to your complaint, we will ask you to verify your identity.
CHILDREN’S PRIVACY
CheapSSLsecurity.com websites, platforms, and applications do not knowingly collect personal information from children under the age of 18 and are not directed toward children. If you believe we might have personal information belonging to a child under the age of 18, please contact CheapSSLsecurity.com at [email protected].
APPLICABILITY
Our Terms and Conditions of use of our products and services may override the terms of this Notice with respect to use of our products and services.
CHANGES TO THIS NOTICE
If we decide to change this Notice, we will post those changes on this page. For material changes to this Notice, we will send interested parties an email notification.
CONTACTING US
If there are any questions regarding this privacy policy or the data we have collected about you, contact us at [email protected] or at: