Privacy Policy

Last updated on: June 10, 2024

1. Introduction

Sertifier INC. (“Sertifier”, “us”, “we”, or “our”) is dedicated to protecting the privacy of our customers and end-users. This Privacy Policy outlines our practices regarding the collection, use, and protection of personal data in compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) Principles, as well as the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

This Policy applies to data collected through the Sertifier website (“Site”) and software application, including our API (“app”). By using our Site or app, you agree to the data practices described in this Policy.

2. Definitions

  • Personal Data: Any information that relates to an identified or identifiable individual.
  • Usage Data: Data collected automatically through the use of the Service, such as IP addresses and browser information.
  • Location Data: Data regarding the user’s geographic location.
  • End-User Data: Data about individuals who receive certificates or badges through our Service.
  • Cookies: Small data files stored on your device to track usage and preferences.

3. Information We Collect

Personal Data

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you (“Personal Data”). This Personal Data may include, but is not limited to:

  • Name
  • Company Name
  • E-mail Address
  • Company Website URL

Usage Data

We may also collect information about how the Service is accessed and used (“Usage Data”). This Usage Data may include information such as:

  • Your computer’s Internet Protocol address (e.g. IP address)
  • Browser type and version
  • The pages of our Service that you visit
  • The time and date of your visit
  • The time spent on those pages
  • Unique device identifiers
  • Other diagnostic data

Location Data

We may use and store information about your location if you give us permission to do so (“Location Data”). We use this data to provide features of our Service, to improve and customize our Service. You can enable or disable location services when you use our Service at any time through your device settings.

End-User Data

Customers can share data about their receivers of the certificates or the badges, to help deliver the related assets and to assess which users engaged with the certificates and badges. The legal basis for Sertifier processing this data is a legitimate interest (to help provide Sertifier’s service). This data is displayed only in the Sertifier customer dashboard.

Tracking & Cookies Data

We use cookies and similar tracking technologies to track the activity on our Service and hold certain information. Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Tracking technologies also used are beacons, tags, and scripts to collect and track information and to improve and analyze our Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

4. How We Use Your Information

Sertifier uses the collected data for various purposes:

  • To provide, maintain, and improve our Service
  • To notify you about changes to our Service
  • To allow you to participate in interactive features of our Service when you choose to do so
  • To provide customer support
  • To gather analysis or valuable information so that we can improve our Service
  • To monitor the usage of our Service
  • To detect, prevent, and address technical issues
  • To provide you with news, special offers, and general information about other goods, services, and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information

Legal Basis for Processing

We process Personal Data under the following legal bases:

  • Contractual Necessity: For the performance of a contract to which the data subject is party.
  • Legitimate Interests: For our legitimate interests, provided those interests are not overridden by your rights and interests.
  • Consent: Where you have given consent to the processing of your personal data for one or more specific purposes.

5. Data Retention

Sertifier will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

Sertifier will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer periods.

In the case that customers or individuals request the deletion of their data, Sertifier will perform this deletion within seven working days. Requests for data deletion may be addressed to support@sertifier.com.

6. Data Security

Sertifier leverages best-in-class practices around data security including serving over 256-bit SSL and controls to prevent data access between customers. We backup data daily and all backups are encrypted.

Sertifier is committed to the privacy of the information as it passes over the network, as well as to preventing unauthorized access to customer or end-user data. We use industry-leading encryption to protect all external traffic in transit (via HTTPS/TLS) and at rest (using AES-256 and an automated key rotation system).

Sertifier does not handle customer payment data directly, instead using a fully PCI DSS compliant payments processor. Sertifier is not intended for the handling of end-user payment information.

7. Sharing of Data

Third-Party Service Providers

We employ third-party companies and individuals to facilitate our Service (“Service Providers”), to provide the Service on our behalf, to perform Service-related services, or to assist us in analyzing how our Service is used. These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Legal Obligations

We may disclose your Personal Data in the good faith belief that such action is necessary to:

  • Comply with a legal obligation
  • Protect and defend the rights or property of Sertifier
  • Prevent or investigate possible wrongdoing in connection with the Service
  • Protect the personal safety of users of the Service or the public
  • Protect against legal liability

Business Transfers

If Sertifier is involved in a merger, acquisition, or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy.

8. Your Data Protection Rights

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. Sertifier aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data. If you wish to be informed of what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.

In certain circumstances, you have the following data protection rights:

  • The right to access, update, or delete the information we have on you. Whenever made possible, you can access, update, or request the deletion of your Personal Data directly within your account settings section. If you are unable to perform these actions yourself, please contact us to assist you.
  • The right of rectification. You have the right to have your information rectified if that information is inaccurate or incomplete.
  • The right to object. You have the right to object to our processing of your Personal Data.
  • The right of restriction. You have the right to request that we restrict the processing of your personal information.
  • The right to data portability. You have the right to be provided with a copy of the information we have on you in a structured, machine-readable, and commonly used format.
  • The right to withdraw consent. You also have the right to withdraw your consent at any time where Sertifier relied on your consent to process your personal information.

Please note that we may ask you to verify your identity before responding to such requests. You have the right to complain to a Data Protection Authority about our collection and use of your Personal Data. For more information, please contact your local data protection authority in the European Economic Area (EEA).

9. Our Privacy Approach

We use the information you provide about yourself when placing an order only to complete that order and to provide excellent customer service during the term of your service.

Although Sertifier owns the data storage, databases, and the Sertifier site, you retain all rights to your content. We will also not utilize your content in our databases to compete with you, to advertise, or to market to your clients.

Under the following circumstances, we may have to share your personally identifiable information provided to us online:

  • If it becomes necessary to share information to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of the Terms of Service, or as otherwise required by law.
  • If Sertifier is acquired by or merged with another company. In this event, Sertifier will notify you before information about you is transferred and becomes subject to a different privacy policy.

10. Children’s Privacy and Data

Services offered by Sertifier are not directed at children under the age of 13. Sertifier does not allow anyone to register and use the tools under the age of 13 as a user.

Sertifier’s collection of personal data on services and contents that are directed to children under 13 is intended to follow the principles of the Children's Online Privacy Protection Act ("COPPA"), a U.S. law designed to protect the online privacy of children under the age of 13.

In matters and cases where Sertifier provides a direct service to a customer which allows the data infrastructure to reach and collect end-user customer data that belongs to children under the age of 13, Sertifier ensures that:

  • Children's data cannot be collected without the approval and legitimate consent of the child’s parents,
  • Data can be directly removed upon the request of the parent and/or legal data owner,
  • Only the aforementioned kinds of data are collected, and the same security policy applies,
  • Any infringement can and should be reported to Sertifier via support@sertifier.com,
  • Data belonging to children cannot be retargeted, remarketed, shared, or altered.

11. Remarketing and Behavioral Targeting

Sertifier uses remarketing and behavioral targeting services to advertise on third-party websites to you after you visited our Service. We and our third-party vendors use cookies to inform, optimize, and serve ads based on your past visits to our Service.

  • LinkedIn Website Retargeting (LinkedIn Corporation): Connects the activity of this Site with the LinkedIn advertising network. Privacy Policy - Opt-Out
  • Facebook Custom Audience (Facebook, Inc.): Connects the activity of this Site with the Facebook advertising network. Privacy Policy - Opt-Out
  • Facebook Remarketing (Facebook, Inc.): Connects the activity of this Site with the Facebook advertising network. Privacy Policy - Opt-Out
  • Twitter Remarketing (Twitter, Inc.): Connects the activity of this Site with the Twitter advertising network. Privacy Policy - Opt-Out
  • Google Ads Remarketing (Google LLC): Connects the activity of this Site with the Google Ads advertising network and the DoubleClick Cookie. Privacy Policy - Opt-Out

12. Our GDPR Compliant Vendors

We use vendors to help us deliver the best functionality and user experience for our customers. This part gives an overview of what we use and where you can find more information about the GDPR compliance of these vendors.

  • Infrastructure: AWS - We use AWS as our static file storage (S3) and infrastructure provider.
  • Email Distribution: Mailgun - Mailgun is an email distribution service that we use to distribute certificates and badges to the receivers of our customers.
  • Data Analytics: Google Analytics, Amplitude, Woopra - Google Analytics is an analytics platform that helps us understand what parts of our product users are engaging with. We also track overall tour data by account (e.g., how many tours were started on a certain domain). We don't collect or see any user attribute data you are sending to Sertifier here.
  • Tag Management: Google Tag Manager - Google Tag Manager is a tag management platform that helps us to manage the tags or scripts needed on this site in a centralized fashion.
  • Communications: Intercom - Intercom helps us manage our communication (emails and in-app messages) and support (tickets and help articles) with our customers. Intercom also supplements our customer data from other sources, and you can read more about this here.
  • Internal Communications: Slack - Slack is our internal communications platform (instead of email) and also contains a stream of events that our customers are taking, such as payments, errors, usage, and tickets.
  • Billing: Iyzico and Stripe - İyzico and Stripe are our credit card and payment processing platforms. Stripe handles all sensitive credit card and account information on our behalf so we can rely on their super-secure system and keep your data safe.
  • Video Conferencing: Zoom - Zoom is our video conferencing platform. We also use it for hosting webinars or group calls, and this sometimes requires registration.

13. Updates to This Privacy Policy

We may update and improve this Privacy Policy and will attempt to notify you. Regardless, if you continue to use our services, you accept our current Privacy Policy.

14. Contact Us

If you have any questions about this Privacy Policy, please contact us via support@sertifier.com.

Getting started is easy.Start issuing credentials with Sertifier.
Sign Up Free No credit card required
dashboard