Here’s how we got ready for GDPR

1 Star2 Stars3 Stars4 Stars5 Stars (5 votes, average: 4.20 out of 5)
Loading... has made a number of changes to prepare for GDPR

GDPR is important and we took it very seriously. Here’s a quick look at the steps we took to ensure that we’re GDPR compliant both for us and our partners.

We redid our Privacy Policy

We’ve simplified our privacy policy. It was already available in the footer of every page of our website, but we now link to it from our privacy notifications, to

We added a ton of privacy notifications

At any point where we are collecting your data, we will now notify you about what it’s going to be used for. Trust me, for a site like ours that involved writing a lot of notifications, but we now notify you about pretty much every action we take.

We refined our security practices

We didn’t have too much to do in this department, after all we’re a cybsercurity company. We already use the requisite safeguards like firewalls and encryption. We also appointed a Data Protection Officer, Robert Walters-Thorn, to oversee our data policy

We got Privacy Shield Certified

That’s right, you can look us up on the Privacy Shield roll under Rapid Web Services, LLC. Additionally, if you ever have an issue exercising your data rights with us, you can contact the ICDR-AAA, who we use as an independent recourse mechanism for disputes.

We signed DPAs with all our partners

We made sure to contact all of our partners, anyone we share any data with, and get a legally binding Data Protection Addendum with them. This ensures that any data shared will only be used for the intended purposes and also governs what safeguards must be in place.

We recognize your right to be forgotten

We recognize your data rights, as defined by the EU, at For the most part, you can access any data we have saved on you in your user control panel after logging in. It can be modified from there. Alternatively, you can email our Data Protection Officer to get a copy of your data. You may also choose to delete all of your data by sending an email to the DPO, we will delete it within 72 hours.

The only data we may not be able to delete is any data published in certificate transparency logs following issuance of an SSL certificate. While we don’t anticipate this being a major issue, it’s worth putting out there that we do not operate a CT log, nor do we publish to any directly. So we can’t really help with that.

Overall though, we want you to feel comfortable doing business with us. We’re just out here trying to help businesses and site owners find affordable SSL certificates—we really don’t have anything to hide.

Stay cautious, my friends.