CertiAlert

Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your information.

Last updated: January 15, 2025

1. Information We Collect

Account Information

When you create an account, we collect your name, email address, company name, and contact information. This information is necessary to provide our services and communicate with you about your account.

Carrier Data

You provide carrier information including company names, contact details, insurance information, and compliance documents. This data is stored securely and used solely to provide compliance tracking services.

Usage Information

We collect information about how you use CertiAlert, including features accessed, pages viewed, and actions taken. This helps us improve our service and provide better support.

2. How We Use Your Information

  • Provide and maintain CertiAlert services
  • Send compliance alerts and notifications
  • Communicate about your account and service updates
  • Improve our product features and user experience
  • Provide customer support and technical assistance
  • Ensure security and prevent fraud

We never sell your data. Your carrier information and business data remain confidential and are never shared with third parties for marketing purposes.

3. Data Storage and Security

Security Measures

  • All data encrypted in transit using TLS 1.3
  • Data encrypted at rest using AES-256 encryption
  • Regular security audits and vulnerability assessments
  • Strict access controls and employee training
  • SOC 2 Type II compliance (in progress)

Data Location

Your data is stored in secure, enterprise-grade data centers in the United States. We maintain redundant backups to ensure data availability and disaster recovery.

4. Data Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties. We may share your information only in the following limited circumstances:

  • Service Providers: Third-party services that help us operate CertiAlert (hosting, email delivery, analytics)
  • Legal Requirements: When required by law, court order, or government regulation
  • Business Transfer: In the event of a merger, acquisition, or sale of assets
  • Safety: To protect the rights, property, or safety of CertiAlert, our users, or others

All service providers are bound by strict confidentiality agreements and data processing terms.

5. Your Rights and Choices

Access and Control

  • Access and review your personal information at any time
  • Update or correct your account information
  • Export your data in standard formats
  • Delete your account and associated data
  • Opt-out of non-essential communications

Data Retention

We retain your information for as long as your account is active or as needed to provide services. If you delete your account, we will permanently delete your data within 30 days, except as required by law or legitimate business purposes.

6. Cookies and Tracking

CertiAlert uses cookies and similar technologies to enhance your experience:

  • Essential Cookies: Required for login and basic functionality
  • Analytics Cookies: Help us understand how you use our service
  • Preference Cookies: Remember your settings and preferences

You can control cookie preferences in your browser settings. Note that disabling certain cookies may affect functionality.

7. Third-Party Services

CertiAlert integrates with trusted third-party services to provide functionality:

  • Email Delivery: For sending notifications and alerts
  • Cloud Storage: For secure document storage
  • Analytics: To improve our service (anonymized data only)
  • Payment Processing: For subscription billing (we don't store payment details)

These services have their own privacy policies and are chosen for their security and privacy practices.

8. International Users

CertiAlert is operated from the United States. If you are accessing our service from outside the US, your information will be transferred to and processed in the United States. We comply with applicable international data protection laws, including GDPR for European users.

9. Children's Privacy

CertiAlert is designed for business use and is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we become aware that we have collected such information, we will promptly delete it.

10. Changes to This Policy

We may update this privacy policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by email or through our service. Your continued use of CertiAlert after such notification constitutes acceptance of the updated policy.

11. Contact Us

If you have any questions about this privacy policy or our privacy practices, please contact us:

Email: privacy@certialert.com

General Support: support@certialert.com

Data Protection Requests: privacy@certialert.com

We are committed to protecting your privacy and will respond to your inquiries promptly.