This privacy notice applies to BrandSSL Inc. (“BrandSSL,” “we,” “our,” “us”).
The privacy of your data — and it is your data, not ours! — is a big deal to us. To be crystal clear - BrandSSL does not and will not ever sell your data. We’ll only ever access your account to help you with a problem or squash a software bug. We log all access to all accounts by IP address, so we can always verify that no unauthorized access has happened for as long as the logs are kept.
Identity & Access
When you sign up for BrandSSL, we ask for your name, company name, and email address. That’s just so you can personalize your new account, and we can send you invoices, updates, or other essential information. We’ll never sell your personal info to third parties.
You always have the right to access the personal information we store about you. And, if you wish to further limit our use of your personal information, please contact us
Users of BrandSSL can store any type of information in BrandSSL, but BrandSSL does not access or share that data, and does not know what type of data you or other users are storing. The data is only used by the account owner and invited users as they intend to use it.
When you pay for BrandSSL, we ask for your credit card and billing address. That’s so we can charge you for service, calculate taxes due, and send you invoices. Your credit card is passed directly to our payment processor and doesn’t ever go through our servers. We store a record of the payment transaction, including the last 4 digits of the credit card number, for account history, invoicing, and billing support. We store your billing address to calculate any sales tax due in the United States, to detect fraudulent credit card transactions, and to print on your invoices.
When you write BrandSSL with a question or to ask for help, we’ll keep that correspondence, and the email address, for future reference. When you browse our marketing pages, we’ll track that for statistical purposes (like conversion rates and to test new designs). We also store any information you volunteer, like surveys, for as long as it makes sense.
The only times we’ll ever share your info:
- To provide products or services you’ve requested, with your permission
- To investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of our Terms of Service , or as otherwise required by law.
BrandSSL does not share individual’s personal data with non-agent third parties. If this policy changes in the future, we will notify individuals and provide them with an opportunity to opt-out of having their data shared.
Your Rights With Respect to Your Information
You may have heard about the General Data Protection Regulation (“GDPR”) in Europe. GDPR gives people under its protection certain rights with respect to their personal information collected by us on the Site. Accordingly, BrandSSL recognizes and will comply with GDPR and those rights, except as limited by applicable law. The rights under GDPR include:
- Right of Access. This includes your right to access the personal information we gather about you, and your right to obtain information about the sharing, storage, security and processing of that information.
- Right to Correction. This is your right to request correction of your personal information.
- Right to Erasure. This is your right to request, subject to certain limitations under applicable law, that your personal information be erased from our possession (also known as the “Right to be forgotten”). However, if applicable law requires us to comply with your request to delete your information, fulfillment of your request may prevent you from using BrandSSL services and may result in closing your account.
- Right to Complain. You have the right to make a complaint regarding our handling of your personal information with the appropriate supervisory authority.
- Right to Restrict Processing. This is your right to request restriction of how and why your personal information is used or processed.
- Right to Object. This is your right, in certain situations, to object to how or why your personal information is processed.
- Right to Portability. This is your right to receive the personal information we have about you and the right to transmit it to another party.
- Right to not be subject to Automated Decision-Making. This is your right to object and prevent any decision that could have a legal, or similarly significant, effect on you from being made solely based on automated processes. This right is limited, however, if the decision is necessary for performance of any contract between you and us, is allowed by applicable European law, or is based on your explicit consent.
Many of these rights can be exercised by signing in and directly updating your account information. If you have questions about exercising these rights or need assistance, please contact us at email@example.com.
You may also have the right to make a GDPR complaint to the relevant Supervisory Authority. A list of Supervisory Authorities is available here: https://edpb.europa.eu/about-edpb/board/members_en
Processors we use
As part of the services we provide, and only to the extent necessary, we may use certain third party processors to process some or all of your personal information. For identification of these processors, and where they are located, please see our Subprocessor listing . We have signed appropriate data processing contracts that comply with GDPR with each processor.
In order to improve our services and the website, and provide more convenient, relevant experiences to you, we and our vendors may use “cookies”, “web beacons”, and similar devices to track your activities.
You understand that BrandSSL uses third party vendors and hosting partners to provide the necessary hardware, software, networking, storage, and related technology required to provide you with our services. A current list of vendors is available upon request.
When you cancel your account, you can request to get your data deleted on firstname.lastname@example.org . BrandSSL furthermore reserves the right to delete your data 60 days after you have canceled your account. This information can not be recovered once it has been permanently deleted.
While we may be required to disclose your personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements, BrandSSL won’t otherwise hand your data over to law enforcement unless a court order says we have to. We flat-out reject such other requests from local and federal law enforcement when they seek data without a court order. And unless we’re legally prevented from it, we’ll always inform you when such requests are made. We will provide delayed notice if the legal prohibition is lifted.
Changes & Questions
BrandSSL may update this policy once in a blue moon — we’ll notify you about significant changes by emailing the account owner or by placing a prominent notice on our site. You can access, change or delete your personal information at any time by contacting us at email@example.com