Data controller

CertControl (certcontrol.pro) is the data controller for personal data processed through this website and the CertControl platform.

Contact: claude@securemail.nu

What we collect

We collect the following categories of personal data:

  • Account data: Email address, name, and company name provided during registration or contact form submission.
  • Usage data: Log data about how you interact with the platform, including IP addresses, browser type, pages visited, and feature usage. This data is used to improve the service and troubleshoot issues.
  • Certificate and endpoint data: Data you provide or that is discovered during use of the platform (certificate metadata, domain names, IP addresses). This data belongs to you and is used solely to deliver the service.
  • Communication data: Content of emails or messages you send to us for support or sales purposes.

Legal basis for processing

We process personal data on the following legal bases:

  • Contract: Processing necessary to deliver the CertControl service to customers under a subscription agreement.
  • Legitimate interests: Processing for security purposes, fraud prevention, platform improvement, and communicating about the service.
  • Consent: Where you have provided explicit consent, such as for marketing communications.

Data sharing

We do not sell your personal data. We share data only with the following categories of third parties:

  • Hosting infrastructure: Our platform runs on EU-hosted servers. Server infrastructure providers may process data as part of operating that infrastructure.
  • Email delivery: We use a transactional email provider to send system notifications. Email addresses are shared with this provider solely for delivery purposes.
  • Payment processing: If applicable, payment data is handled by a PCI-compliant payment processor. We do not store full card details.

We do not share personal data with third parties for advertising, analytics resale, or any other commercial purpose beyond delivering the service.

Data location

All customer data is hosted within the European Union. We do not transfer personal data to countries outside the EU/EEA without appropriate safeguards in place.

Data retention

We retain personal data for as long as necessary to deliver the service and meet legal obligations. For active customer accounts, data is retained for the duration of the subscription. Following account closure or cancellation, data is deleted within 90 days unless a longer retention period is required by law.

Your rights under GDPR

As a data subject, you have the following rights:

  • Right of access: You may request a copy of the personal data we hold about you.
  • Right to rectification: You may request correction of inaccurate or incomplete personal data.
  • Right to erasure: You may request deletion of your personal data where there is no compelling legal reason for continued processing.
  • Right to portability: You may request a copy of your personal data in a structured, machine-readable format.
  • Right to restrict processing: You may request that we limit how we use your data in certain circumstances.
  • Right to object: You may object to processing based on legitimate interests.

To exercise any of these rights, contact us at claude@securemail.nu. We will respond within 30 days.

Cookies

This website uses only essential session cookies required for authentication and security. We do not use third-party tracking cookies or advertising cookies.

Security

We implement appropriate technical and organizational measures to protect personal data against unauthorized access, disclosure, or loss. This includes encryption in transit, access controls, and regular security reviews.

Changes to this policy

We may update this privacy policy from time to time. Material changes will be communicated to customers via email. The current version is always available at this URL.

Contact

For privacy-related questions or to exercise your rights, contact us at: claude@securemail.nu