DigiCert Privacy Policy

TRUSTe Privacy

Introduction

DigiCert, Inc. ("DigiCert") is committed to protecting the privacy of its customers and website visitors. As a result, DigiCert has developed this privacy policy to inform its website visitors and customers about how DigiCert collects, uses, shares and secures your personal information, as well as your choices regarding use, access and correction of your personal information. This privacy policy applies to www.digicert.com, a site owned and operated by DigiCert.

Non-Personal Information

DigiCert, like most website operators, uses cookies and web beacons and log files to automatically gather, analyze, and store non-personal information about website visitors. Non-personal information may include the visitor's IP address, browser type, ISP, referring page, operating system, date/time, and clickstream data. DigiCert uses third-party software to assist in collecting and analyzing this information. This information is used to improve DigiCert's service and enhance the experience of DigiCert's website visitors.

Technologies such as: cookies, beacons, tags, and scripts are used by DigiCert and our third party service providers to analyze trends, administer the site, track users' movements around the site, and gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis. Visit our Online Cookies and Privacy page for a list of cookies used on the DigiCert website. You can control the use of cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our website or service. To manage Flash cookies, please click here.

DigiCert uses a third party to either display advertising on our website or to manage our advertising on other sites. Our third party partner may use technologies such as cookies to gather information about your activities on this site and other sites in order to provide you advertising based upon your browsing activities and interests. If you wish to not have information used for the purpose of serving you interest-based ads, you may opt-out by clicking here (or if located in the European Union click here). Please note this does not opt you out of being served ads. You will continue to receive generic ads.

Personal Information

In order to provide quality communication, DigiCert collects information such as the name, organization, and email address of website visitors who voluntarily submit that information to download software or to submit sales or technical support questions. We also collect information required to issue certificates (as specified in our Certification Practices Statement) when you buy certificates from our site. This information is voluntarily submitted by the customer or is obtained from third-party databases during the validation process.

Regardless of the source, DigiCert protects personal information as confidential information except where the information is embedded in an issued digital certificate. This information is necessary for the digital certificate's operation and is considered public information. DigiCert's certificate profiles, available through DigiCert's online repository at https://www.digicert.com/ssl-cps-repository.htm, list the information embedded in each certificate type.

When performing validation, DigiCert uses third party sources to confirm or supplement customer information. We may receive information about you from other sources, including third parties from whom we have purchased access to certain data, and combine this data with information we already have about you. We may confirm or supplement, for instance, address, email and company name for validation and verification purposes.

Accessing and Updating Personal Information

Generally, a customer can review, delete inaccuracies, and update personal information through its DigiCert account interface by clicking edit under the Account Profile tab. Alternatively, upon request DigiCert will provide you with information about whether we hold any of your personal information. You may also access, correct or request deletion of your personal information by sending an email to privacy@digicert.com or by mailing DigiCert at the address listed in this policy. Emailed and mailed requests are subject to DigiCert's satisfaction about the authenticity of the request. We will respond to your request within a reasonable timeframe.

DigiCert retains information about customers while the customer’s account is active, while a certificate remains unexpired, and in accordance with industry standards. A customer may request account cancellation or request that DigiCert no longer provide services by emailing privacy@digicert.com. DigiCert may retain certain customer information after receiving a request to cancel services or disable an account, as necessary to comply with industry standards and legal obligations, to resolve disputes, and to enforce customer agreements.

Personal information embedded in a digital certificate cannot be directly edited. Customers wishing to update personal information in a digital certificate must submit a change request through the customer account. DigiCert may require that the updated information be verified for accuracy prior to accepting the change request. In addition, even if information is updated in DigiCert's databases, the information will generally not be updated in the issued digital certificate. If information embedded in a digital certificate needs updating, DigiCert may require revocation of the digital certificate.

Use of Information

Products and Services

DigiCert may use personal information to market, sell and provide its products and services, send an order confirmation, respond to customer service requests, and fulfill your order, including using the information to verify the identity of the customer or to contact the customer in order to discuss support, renewal, and the purchase of products and services.

As discussed further in the "Sharing With Third Parties" section below, DigiCert may allow its business partners to assist in providing requested products and services. All such DigiCert service providers are required to keep personal information confidential and are only allowed to use the information to the extent necessary to provide the requested products and services.

Live Chat Sales/Support

DigiCert utilizes a live chat tool for assisting our customers with sales questions and technical support needs; in addition to the customer's name and email address (for purposes of communication), this tool collects information in accordance with the "Non-Personal Information" section above.

Emails

DigiCert may send out promotional emails (such as a newsletter) to individuals who provide personal information and have not opted-out of DigiCert's mailing list. These emails may include beacons that communicate information about the email back to DigiCert. This communication allows DigiCert to gauge the effectiveness of its advertising and marketing campaigns. Recipients may opt-out of receiving promotional communication from DigiCert by following the unsubscribe instructions provided in each promotional email or by emailing privacy@digicert.com.

DigiCert also sends out advisory emails. Advisory emails are related to the primary purpose for which the information was collected and are used to respond to inquiries, provide support and validation services, provide upgrade information and security updates, and inform the customer about ordered products and services. Because advisory emails contain essential information related to the use and security of DigiCert's products and services, customers may not unsubscribe from advisory emails.

DigiCert may use third parties, with which it has a confidentiality agreement, to send promotional or advisory emails. However, DigiCert restricts its partners from sending spam associated with DigiCert's site, brand, or products. A customer receiving an unsolicited email related to DigiCert's products and services should forward the entire message and headers to privacy@digicert.com.

Sharing With Third Parties

We will share your personal information with third parties only in the ways that are described in this privacy policy.

DigiCert never sells personal information to third parties. We may share your information with third parties who provide services on our behalf to help with our business activities. These companies are authorized to use your personal information only as necessary to provide these services to us.

DigiCert uses a third party to process credit card payments and may provide credit card numbers and identifying financial data directly to the third party credit card processor. These companies do not retain, share, store, or use personally identifiable information for any other purposes. DigiCert does not permanently store any provided credit card information.

DigiCert also uses a third party to provide its chat-based support. The support software allows users to input information, including an email address, to request support and clarify their problem. The software provider does not share inputted information with anyone other than DigiCert.

DigiCert may disclose information when required by law or when disclosure is necessary to protect DigiCert's rights and/or comply with a judicial proceeding, court order, bankruptcy proceedings, or similar legal process.

DigiCert will notify all interested parties if DigiCert is involved in a merger, acquisition, or sale of all or a portion of its assets that materially affects how DigiCert collects and stores personal information. Typically, this notice will be by email and/or a prominent notice on our website.

Referrals

If you choose to use our referral service to tell a friend about our site, we will ask you for your friend's name and email address. We will automatically send your friend a one-time email inviting him or her to visit the site. DigiCert collects this information for the sole purpose of sending this one-time email and tracking success of the referral program.

Your friend may contact us at privacy@digicert.com to request that we remove this information from our database.

Testimonials

With prior permission from the customer, DigiCert displays personal testimonials of satisfied customers on its website in addition to other endorsements. Customers wishing to update or delete a testimonial may contact DigiCert at privacy@digicert.com.

Blogs

Our website offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them.

Our blog is also managed by a third party application that may require you to register to post a comment. We do not have access or control of the information posted to the blog. You will need to contact or login to the third party application if you want the personal information that was posted to the comments section removed. To learn how the third party application uses your information, please review their privacy policy.

Social Media Widgets

The DigiCert website includes social media features, such as a Facebook "Like" button and widgets, as well as share buttons or interactive mini-programs. These features may collect the user's IP address, may collect the pages visited on DigiCert's site, and may set a cookie to enable the feature to function properly. Social media features are either hosted by a third party or hosted directly on DigiCert's site. Interactions with these features are governed by the privacy policy of the corresponding social media company.

Security

The security of your personal information is of the utmost importance to DigiCert. DigiCert only transmits personal information, including sensitive information (such as credit cards), using secure socket layer technology (SSL). To learn more about SSL, follow this link https://www.digicert.com/ssl.htm.

Unfortunately, no method of transmission over the Internet or electronic storage is 100% secure. While DigiCert strives to use commercially acceptable standards to protect personal information, DigiCert cannot guarantee absolute security. If you have any questions about the security of your personal information, please contact us at privacy@digicert.com.

U.S.-Swiss Safe Harbor Framework

DigiCert complies with the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use and retention of personal data from Switzerland. DigiCert has certified that it adheres to the Safe Harbor Privacy Principles of Notice, Choice, Onward Transfer, Access, Security, Data Integrity, and Enforcement. DigiCert is subject to the jurisdiction of the Federal Trade Commission of the United States, and our failure to comply with this privacy policy or the Safe Harbor Frameworks is actionable under Section 5 of the Federal Trade Commission Act. To learn more about the Safe Harbor program, and to view DigiCert's certification, please visit https://safeharbor.export.gov/swisslist.aspx.

EU-U.S. Privacy Shield Framework

DigiCert participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework.  DigiCert is committed to subjecting all personal data received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework's applicable Principles.  To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce's Privacy Shield List here.

DigiCert is responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf.  DigiCert complies with the Privacy Shield Principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.

With respect to personal data received or transferred pursuant to the Privacy Shield Framework, DigiCert is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.  In certain situations, DigiCert may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.  

Under certain conditions, more fully described on the Privacy Shield website here, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.

Applicability

In addition, this privacy policy does not apply to any downloadable software provided through DigiCert's websites.

Third party sites may link to or from DigiCert websites. DigiCert is not responsible for the privacy practices or the content of those other websites. We encourage you to carefully read the privacy policies of those third-party sites.

Changes to This Privacy Policy

DigiCert may modify its privacy policy and related practices at any time. DigiCert will notify interested parties of material changes by either posting a notice on its home page or by emailing affected individuals. Visitors and customers should check the DigiCert website regularly to be aware of changes. Revisions to the privacy policy are effective 30 calendar days after being posted (for posted notices) or 14 days after the notice is sent (for email notice).

Contact

Please contact DigiCert with any questions or concerns about this privacy policy or our data collection practices:

By mail:

DigiCert, Inc.
2801 North Thanksgiving Way
Suite 500
Lehi, Utah 84043

By phone or fax:

Toll Free: 1-800-896-7973 (US & Canada)
Direct: 1-801-701-9600
Fax Toll Free: 1-866-842-0223 (US & Canada)
Fax Direct: 801-705-0481

By email:

privacy@digicert.com

For assistance with technical difficulties, including problems with accessing or using your customer account, please email support@digicert.com.

As noted above, if you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third-party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.

Effective Date of Privacy Policy

Effective Date: September 27, 2016
Last Updated: September 27, 2016

DigiCert Legal Repository

The DigiCert Legal Repository is available at: DigiCert Legal Repository