SSL2BUY is a leading supplier of various brand SSL certificates in domestic and international market. However, the purpose of the General Data Protection Regulation (“GDPR”) and any local data privacy laws, we are the data controller of personal information obtained through our Website. But we do not sell, trade, or otherwise transfer your personally identifiable information to the third party.
We collect several different types of information for various purposes to provide and improve our SSL2BUY service to you.
What Types of Data We Collected?
Collecting your personal data
While using our website for SSL purchase, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you like (“Personal Data”). Personally, identifiable information may include, but is not limited to:
- First name and last name
- Email address
- Address, State, Province, ZIP/Postal code, City, Country
- Phone number
- Company Name
- Company VAT/TAX/REG number
- Transaction ID (not Credit Card details)
- Cookies and Usage Data
The information collected may include your name (first and last), address, email address, phone number, IP address, services you selected, and other things that identify you.
When you purchase a certificate or service
We, SSL2BUY, are authorized reseller of SSL certificate provider of leading brand like Symantec (DigiCert), GlobalSign and Comodo. To process your digital SSL certificate requires, partner (reseller) requires to submit all your information like contact details, business name and address, individual name and address, domain name, phone number, email address, etc. to Certificate Authority. However, only the Certification Authority had the right to complete the validation and issue the certificate to the applicant. From our website, the applicant would get an issued certificate. All the personal information and business information are passed through proper SSL/TLS technology and then encrypted into our authorized CA’s API. All the provided information is accessible to those who are having special access rights to operate the system.
- When You Order a Certificate
When you order any certificate, you will be required to provide certain information depending on the certificate type (e.g. DV, OV, EV etc.). All the provided information are submitted and stored with our server. After the order is placed, some more personal information or business details are required to add in SSL configuration process which passes to the Certification Authority only. No other person had access to go through your personal data.
From SSL2BUY, you can able to purchase your product by adding the information you required but the certificate is issued by Certification Authority only. No even us had the right to issue or revoke any certificate. All the validation process is completed by Certification Authority only we are not having any role for completing the validation for any certificate and issue it. SSL2BUY, pass all the personal information, including sensitive information (such as credit cards), using secure sockets layer technology (SSL).
You have choices about your information, but if you choose not to provide necessary information when purchasing a product or service, or ordering a certificate, (for example, information necessary to validate a certificate), then you may not be able to get that product, service, or certificate.
- What we do from your information
The security of your personal information is of the utmost importance to SSL2BUY under GDPR. We collect your information for the below purpose:
- To personalize your experience while using our site.
- To improve our website for you and other visitors.
- To improve efforts of our customer service.
- To improve the transaction process.
- To send reminder emails for renewing SSL certificate on the timely basis.
- For the betterment of marketing efforts.
We are using such technologies like cookies, browser analysis tools, or server logs to receive error reports or usage data from software running on your device or our website and applications. We may also obtain data from third parties to enhance our files and better understand our customers.
- Payment Process
The security of your data is important to us but remembers that no method of transmission over the Internet, or method of electronic storage is 100% secure. In regarding to GDPR, as well as state and local laws, SSL2BUY use most secured server and all personal/financial data are transmitted through leading SSL/TLS technology and then encrypted into our authorized payment gateway (2checkout.com) providers database, which are accessible to those who are having special access rights to operate the system. According to the law, now all the information would be kept as confidential only. However, from now owners after all transaction would be done by keeping adequate privacy safeguards and protections.
SSL2BUY, use most trusted payment processor. You can make payment through payment gateway (2checkout.com) or by PayPal – most trusted payment sources. These companies are authorized to use your personal information only as necessary to provide these services to us. In this site, all the financial information transmits through the most trusted secure sockets layer technology (SSL). In the third party process, you required to provide credit card numbers and financial data to process the order. These are leading payment service providers who do not retain share, store or use personally identifiable information for any other purposes. SSL2BUY does not permanently store any provided credit card information of any order placed on the website.
Authorized Vendors for Certificate Authorities (Sub-contractors)
SSL2BUY is an authorized reseller of leading SSL certificate authorities like DigiCert (formerly Symantec), GlobalSign and Comodo groups. We use authorized CA service to process and issue SSL certificate. We permit to pass your personal information and order details to our trusted service provider.
How Do We Protect Your Information?
We implement a variety of security measures to maintain the safety of your personal information when you place an order or enter, submit, or access your personal information.
We would like to extend the data rights provided by the GDPR to all our customers and clients. So now owners, you have the right to modify or delete the personal data that we have collected about you while ordering process. However, if you like to modify or delete the personal data which you have used while ordering by just login in your account on our website. If you cannot able to log in, then you can simply email our security officer at firstname.lastname@example.org. We will handle the request within 72 hours.
We offer the use of a secure server to collect all the data. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Payment gateway providers database only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential. After a transaction, your private information (credit cards, social security numbers, financial, etc.) will not be stored on our servers.
Disclosure of Data
We will disclose your personal information under certain circumstances if required to do so by law or in response to valid requests by public authorities like a government agency.
Requirements for the Legal process:
We disclose your personal data with good intention on the following actions.
- To comply with a legal obligation
- To protect from legal liability
- To prevent wrongdoing under the services
- To protect the personal safety of user or public
If you are a European citizen, you may have the right to exercise additional rights available to you under laws, including:
The right of erasure: The user holds the right to erase his/her personal data that we have with us on our website after informing the authorized department. However, we may need to retain certain information for record keeping purposes, to complete transactions or to comply with our legal obligations, and other things.
Right to object data processing: User has the right to request us to stop your personal data processing and/or stop sending you marketing communications.
Right to restrict processing: The user may have the right to request that we restrict your personal data processing under certain situations. For example, where you believe that the personal data we hold about you is unlawfully held or is inaccurate.
Right to data portability: Website user may have the right to be provided with your personal data in a commonly used and machine-readable format. You may also request to transfer the personal data to another data controller without hindrance.
Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the sites or service providers systems to recognize your browser and capture and remember certain information. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our own services.
- Security Cookies: We mainly have security cookies for security purpose.
- Session Cookies: Some of our services are having session cookies.
- Preference Cookies: We use these cookies to remember all your presences and some of the settings.
Do We Disclose Any Information to Outside Parties?
We do not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety. However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.
Children Online Privacy Protection Act Compliance
We are in compliance with the requirements of COPPA (Children Online Privacy Protection Act), we do not collect any information from anyone under 13 years of age. Our website, products and services are all directed to people who are at least 13 years old or older.
Have Any Questions or Want to Contact Us?