Skip to main content

Privacy Policy

Effective:

1. Introduction

This Privacy Policy describes how Anchor Apps LLC ("we," "us," or "our") collects, uses, and protects your personal information when you use our CertShield service at certshield.com and our certificate lifecycle management platform (collectively, the "Service").

If you have any questions about this Privacy Policy, please contact us at privacy@certshield.com.

2. Information We Collect

We collect the following types of information:

  • Email address — provided when you sign up for our waitlist or create an account.
  • Infrastructure and certificate data — when you connect your infrastructure, we access certificate metadata including domain names, expiration dates, issuers, and configuration details to provide our monitoring and management service.
  • Usage data — pages visited, browser information, device type, and interaction data collected automatically to improve the Service. We may use cookies or similar technologies to collect this data.

3. How We Use Your Information

We use your information to:

  • Provide and operate the certificate monitoring and management service
  • Send certificate expiration alerts and status notifications
  • Send product updates and announcements (with your consent)
  • Improve the Service, fix bugs, and develop new features
  • Respond to your inquiries and support requests

We do not sell your personal information to third parties.

4. Lawful Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or United Kingdom, we process your personal data under the following legal bases:

  • Performance of a contract — to provide the Service you have signed up for, including certificate monitoring, alerting, and lifecycle management.
  • Legitimate interests — to improve the Service, ensure security, and prevent fraud, where these interests are not overridden by your data protection rights.
  • Consent — to send you marketing emails and product updates. You can withdraw consent at any time.

5. Third-Party Services

We use the following third-party services to operate the Service:

  • Cloudflare — Website hosting, CDN, and DDoS protection.
  • Stripe — Payment processing when paid plans are introduced. We will not store payment card details; all payment data will be processed and retained by Stripe in accordance with their privacy policy and PCI-DSS standards.

6. Cookies and Tracking Technologies

We may use cookies, local storage, and similar technologies to collect usage data and improve the Service. These technologies help us understand how you interact with the Service, remember your preferences, and ensure security.

You can control or disable cookies through your browser settings. Disabling cookies may affect the functionality of the Service.

7. Data Retention

  • Waitlist emails are retained until you unsubscribe or request deletion.
  • Account data (email, profile information) is retained for as long as your account is active. Upon account deletion, we remove your account data within 30 days.
  • Certificate and infrastructure data is retained only as long as needed to provide the Service. When you disconnect your infrastructure or delete your CertShield account, we delete your data within 30 days.
  • Usage and analytics data is retained in anonymized or aggregated form for up to 12 months.
  • Payment records are retained as required by applicable tax and accounting laws.
  • You can request deletion of your data at any time by emailing privacy@certshield.com.

8. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

  • 256-bit encryption for data at rest
  • TLS encryption for all data in transit
  • Access controls and authentication for internal systems
  • Ongoing security monitoring for anomalous access

9. Your Rights (GDPR/CCPA)

Depending on your location, you may have the following rights regarding your personal data:

  • Right to access — request a copy of the data we hold about you.
  • Right to correction — request that we correct inaccurate data.
  • Right to deletion — request that we delete your personal data.
  • Right to restrict processing — request that we limit how we process your data in certain circumstances.
  • Right to withdraw consent — withdraw consent for data processing at any time.
  • Right to data portability — receive your data in a structured, machine-readable format.
  • Right to object — object to the processing of your personal data.
  • Right to lodge a complaint — you have the right to lodge a complaint with a supervisory authority (Data Protection Authority) in your jurisdiction if you believe your data is being processed unlawfully.

To exercise any of these rights, please contact us at privacy@certshield.com. We will respond within the timeframe required by applicable law (generally 30-45 days).

10. International Data Transfers

Your data is processed in the United States. If you are located outside the United States, your information will be transferred to and processed in the United States. We use Standard Contractual Clauses and other appropriate safeguards where applicable to ensure your data is protected in accordance with this Privacy Policy.

11. Children's Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal data from a child under 16, we will take steps to delete such information promptly.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users via email of any material changes before they take effect. The "Effective" date at the top of this page indicates when the policy was last revised.

13. Contact

If you have questions or concerns about this Privacy Policy, please contact us:

Anchor Apps LLC
Email: privacy@certshield.com