Home
HomeContact Us

Privacy Notice

How CERTCRYPT handles inquiry and limited website data

Last updated: February 27, 2026

CERTCRYPT is designed around minimal data handling. We do not operate as a custodial document service and do not store user documents or personal identities as part of our infrastructure model.

This notice explains how personal data may be processed when you use certcrypt.com, particularly through the contact channel and limited website functionality.

1. Data Controller

Personal data submitted through this website is processed by CERTCRYPT.

For any privacy-related inquiries or data protection requests, you may contact:

[email protected]

CERTCRYPT is currently in the process of formal organizational structuring. This notice may be updated to reflect changes in legal status or governance.

2. Scope

This notice applies exclusively to certcrypt.com and related public website pages operated directly by CERTCRYPT.

It does not apply to third-party websites or services that may be referenced or linked from this site.

3. Data We Process

A. Contact Form Data

When you submit the contact form, we may process:

In addition, limited technical metadata may be processed for:

This may include:

CERTCRYPT does not request sensitive personal data through the contact channel.

B. Website Technical Data

When you browse the website, limited technical information may be processed automatically for security and operational purposes, including:

If optional analytics cookies are enabled by you, aggregated usage statistics may be processed to improve technical performance. These statistics are used in aggregated form and are not used for profiling or behavioral advertising.

  • Full name
  • Email address
  • Organization (if provided)
  • Message content
  • Message delivery
  • Abuse prevention
  • Security validation
  • Basic request metadata (such as timestamp and IP address stored in server logs)
  • Security verification tokens used to validate human submissions
  • Server log data
  • Security monitoring signals
  • Essential cookie data required for secure operation

4. Purpose of Processing

Personal data is processed exclusively for:

CERTCRYPT does not use personal data for:

  • Reviewing institutional, technical, or strategic inquiries
  • Responding to submitted requests
  • Preventing abuse, spam, or malicious activity
  • Maintaining operational and technical security
  • Improving technical performance where optional analytics are enabled
  • Behavioral profiling
  • Targeted advertising
  • Sale or resale of data
  • Marketing automation unrelated to a submitted inquiry

5. Legal Basis

Processing is carried out for the purpose of:

Where applicable, submission of the contact form implies consent to the processing necessary to review and respond to the request.

Optional analytics cookies are activated only where you provide consent through the cookie banner.

  • Responding to user-initiated inquiries
  • Maintaining secure website operation
  • Ensuring technical integrity

6. Data Minimization

CERTCRYPT applies a strict minimization approach.

Only data necessary for secure communication, response handling, and essential website operation is processed.

The website does not collect data beyond what is required for its technical function and user-initiated communication.

7. Retention

Inquiry records may be retained for:

Retention periods vary depending on the nature of the inquiry. Data is not retained longer than reasonably necessary for the purposes described.

Server logs and security-related metadata are retained for limited technical periods consistent with operational security practices.

  • Operational continuity
  • Follow-up communications
  • Security review
  • Compliance with applicable obligations

8. Third-Party Processors

Certain technical functions may involve trusted third-party processors, such as:

These processors act solely for operational delivery, security, or technical performance purposes and do not use data for independent commercial purposes.

Where such providers operate across multiple jurisdictions, appropriate safeguards are implemented consistent with applicable data protection standards.

  • Email delivery providers
  • Hosting infrastructure providers
  • Security challenge or anti-bot services
  • Optional analytics providers (if enabled)

9. International Processing

If data is processed outside the jurisdiction from which it was submitted, such processing is carried out under appropriate safeguards consistent with applicable data protection requirements.

10. Security

CERTCRYPT implements reasonable technical and organizational measures designed to protect processed data against unauthorized access, misuse, loss, or disclosure.

No online system can guarantee absolute security. Security controls are periodically reviewed and improved.

11. Your Rights

You may request:

To exercise any such request, please contact:

[email protected]

Requests will be reviewed and handled in accordance with applicable data protection requirements.

  • Access to personal data submitted through the contact channel
  • Correction of inaccurate data
  • Deletion of personal data
  • Restriction of processing where applicable
  • Objection to processing where applicable

12. Cookies and Tracking

CERTCRYPT applies a minimal and security-oriented approach to cookies.

The website uses essential cookies required for secure operation. Optional analytics cookies may be enabled only with your consent.

CERTCRYPT does not use advertising or behavioral tracking technologies.

For more information, please see our Cookies Policy.

13. Changes

This notice may be updated as website operations, infrastructure design, or compliance requirements evolve.

The effective revision date is shown at the top of this page.