Privacy Policy

1. Introduction

This Privacy Policy explains how TEHH IT Ltd ("we", "our", or "us") collects, uses, and protects your personal information when you use the SSL Bulk Status API service available at ssl.easydmn.com (the "Service").

We are committed to protecting your privacy and complying with the EU General Data Protection Regulation (GDPR) and Finnish data protection laws.

2. Data Controller

TEHH IT Ltd

VAT ID: FI35983115

Finland

Email: mail@easydmn.com

3. Information We Collect

3.1 Information You Provide

When you use our Service, we collect:

• Email address: Collected by Stripe during payment processing for subscription management and receipt delivery
• Payment information: Processed and stored by Stripe (our payment processor). We do not store credit card details on our servers

3.2 Information Automatically Collected

• API keys: Generated for authentication and quota tracking when you subscribe to our Service
• IP addresses: Temporarily processed for rate limiting and abuse prevention. Not permanently stored or linked to individual users
• Usage data: Domain check counts per API key for quota management
• Analytics data: Google Analytics collects anonymous usage statistics, including pages visited, time spent, and general location data

3.3 Information We Do Not Collect

We explicitly do not collect or store:

• Domain lists submitted for SSL certificate checking
• SSL certificate check results linked to individual users or API keys
• Personal identity information beyond what is necessary for service operation
• Browsing history outside our Service

4. How We Use Your Information

We use collected information for the following purposes:

• Service delivery: To provide SSL certificate monitoring via our API
• Authentication: To verify API requests and manage access
• Quota management: To track usage limits and prevent overuse
• Abuse prevention: To protect against malicious use and denial-of-service attacks
• Payment processing: To manage subscriptions and billing through Stripe
• Service improvement: To analyze usage patterns and improve our Service
• Communication: To send service-related notifications (subscription confirmations, important updates)

5. Legal Basis for Processing (GDPR)

We process your personal data based on the following legal grounds:

• Contract performance: Processing necessary to provide the Service you subscribed to
• Legitimate interests: Preventing abuse, ensuring service security, and improving service quality
• Legal obligation: Complying with financial and tax regulations
• Consent: For analytics cookies (Google Analytics), where applicable

6. Data Sharing and Third Parties

We share data with the following third-party service providers:

6.1 Stripe (Payment Processing)

Stripe processes all payment transactions. They collect and store email addresses, payment information, and billing details. Stripe is GDPR-compliant and PCI DSS certified.

Stripe Privacy Policy: https://stripe.com/privacy

6.2 Google Analytics

We use Google Analytics to understand how visitors use our website. Google Analytics collects anonymous usage data including pages visited, session duration, and approximate geographic location.

Google Analytics Privacy Policy: https://policies.google.com/privacy

You can opt out of Google Analytics: Google Analytics Opt-out

6.3 No Other Sharing

We do not sell, rent, or share your personal information with any other third parties for marketing purposes.

7. Data Retention

• API keys and usage data: Retained for the duration of your active subscription. Deleted within 30 days after subscription cancellation
• IP addresses: Processed in real-time for rate limiting. Not permanently stored
• Payment records: Retained by Stripe as required by financial regulations (typically 7 years)
• Analytics data: Retained by Google Analytics for 26 months (default setting)

8. Your Rights Under GDPR

You have the following rights regarding your personal data:

• Right of access: Request a copy of personal data we hold about you
• Right to rectification: Request correction of inaccurate personal data
• Right to erasure: Request deletion of your personal data
• Right to restrict processing: Request limitation of how we process your data
• Right to data portability: Request transfer of your data to another service
• Right to object: Object to processing based on legitimate interests
• Right to withdraw consent: Withdraw consent for analytics or marketing communications

To exercise any of these rights, contact us at mail@easydmn.com

We will respond to your request within 30 days.

9. Cookies

We use the following types of cookies:

9.1 Strictly Necessary Cookies

None. Our Service does not use authentication cookies as API keys are passed via HTTP headers.

9.2 Analytics Cookies

Google Analytics uses cookies to collect anonymous usage statistics. These cookies track:

• Pages visited
• Time spent on site
• Approximate geographic location
• Browser and device type

You can disable these cookies in your browser settings or use the Google Analytics opt-out browser extension.

10. Data Security

We implement appropriate technical and organizational measures to protect your data:

• HTTPS encryption for all data transmission
• Secure API key generation and storage
• Regular security updates and patches
• Access controls limiting data access to authorized personnel only
• Automated backups with encryption

However, no method of transmission over the Internet is 100% secure. While we strive to protect your personal data, we cannot guarantee absolute security.

11. International Data Transfers

Our Service is hosted within the European Economic Area (EEA). Data processed by third parties (Stripe, Google Analytics) may be transferred outside the EEA. These providers are compliant with GDPR and use appropriate safeguards such as Standard Contractual Clauses.

12. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have inadvertently collected data from a child, contact us immediately.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated "Last updated" date. Significant changes will be communicated via email to active subscribers.

Continued use of the Service after changes constitutes acceptance of the updated Privacy Policy.

14. Contact Us

For questions about this Privacy Policy or to exercise your GDPR rights, contact:

TEHH IT Ltd
Email: mail@easydmn.com

15. Supervisory Authority

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the Finnish Data Protection Ombudsman:

Office of the Data Protection Ombudsman
Website: https://tietosuoja.fi/en/
Email: tietosuoja@om.fi