Privacy Policy
Effective Date: 1st September 2024
1. Introduction
Your privacy is of utmost importance to us. This Privacy Policy explains how Cert Rocket collects, uses, and protects your personal information when you use our monitoring services. Please read this policy carefully.
2. Information We Collect
We collect the following types of information when you interact with Cert Rocket:
2.1. Email Address and Domain Information
When you sign up for our service, we collect your email address and the domain names you choose to monitor.
2.2. Client IP Address
We collect the client IP address for security and abuse detection. This data is stored only transiently in RAM for the purpose of detecting malicious activity and is not retained permanently.
2.3. Payment Information
For paid plans, we collect credit card details and your country/region for payment purposes. However, payment information is processed securely by Stripe™, and Cert Rocket does not store or retain your payment details.
3. How We Use Your Information
We use the collected information to:
Provide Services
Provide our monitoring services, including sending notifications regarding the health and uptime of your monitored domains.
Security
Ensure the security of our services and detect abusive or malicious activity.
Payment Processing
Process payments for paid plans through Stripe™.
4. Data Storage and Security
We take data security seriously and ensure that your information is protected:
Encrypted Storage
Your email and domain information are stored encrypted at rest in our Sydney, Australia data facility.
Data Encryption
All data is encrypted both in transit and at rest. Data is only decrypted for the purposes of monitoring your domains or sending notifications.
Data Deletion
When a domain monitor is canceled, all associated data is deleted immediately and is not retained by Cert Rocket.
Billing Records
Payment and billing records are retained through Stripe™ as required by Australian law.
5. Data Transfers and Processing
While your data is stored in the United States of America, some processing resources, such as those needed for sending email notifications, are hosted in Australia. However, the home and storage of your data remain in New York, USA.
6. Your Rights
You have the following rights regarding your personal data:
Access and Correction
You may request access to the personal information we hold about you and correct any inaccuracies.
Deletion
If you cancel domain monitoring, your related data is deleted from our system.
Data Retention
Purchase and billing records are retained via Stripe™ in compliance with Australian law.
7. Security Measures
We employ stringent measures to protect your data:
Encryption
All customer data is encrypted during transmission and at rest.
Access Control
Only senior, authorized engineering personnel have access to your data.
8. Stripe™ and Payment Information
For users on paid plans, Cert Rocket uses Stripe™ to securely process your payment. Cert Rocket does not store or retain your credit card details. Stripe™ handles all payment information securely, and we store only subscription and billing information, such as payment status and region.
9. Data Retention and Deletion
Once you cancel your last domain monitor, all associated data (email address, domain names, etc.) is deleted from our system. However, billing and purchase records are retained as required by law.
10. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. If significant changes are made, we will notify you via email or by posting a notice on our website. Continued use of Cert Rocket after the changes take effect indicates acceptance of the updated Privacy Policy.
11. Contact Us
If you have any questions or concerns about our privacy practices, please email us at [email protected]