Privacy Policy

We respect your privacy. This document explains exactly what data we collect, how we use it, and your rights under the GDPR and other regulations.

1. What We Collect

• Certificate / CSR Data – Only the PEM text you paste is processed in‑memory; it is not stored.
• Domain Names – The domain you submit for an SSL check is processed transiently.
• Basic Logs – We log IP address, user‑agent and timestamp for security & rate‑limiting (retention < 7 days).

2. Cookies & Local Storage

We use necessary cookies only to keep our site secure and functional (for example, to protect forms from CSRF attacks). We do not set any tracking cookies of our own. However, we use Google AdSense and Google Analytics, which may place cookies on your device for advertising and analytics purposes. For EU/EEA users, non-essential cookies are only used with your consent.

3. Advertising & Third‑Party Services

• We may display third-party advertisements on our site, including through providers such as Google AdSense. As long as Google Adsense is the advertisement provider, we will use Google Analytics for training purposes.
• These providers may use cookies or similar technologies to serve ads based on your prior visits to this or other websites.
• We do not serve personalized ads unless you have given explicit consent (where required by law).
• You can manage your ad preferences or opt out via Google’s Ad Settings.
• We strive to ensure that ad content is appropriate, contextual, and does not compromise your privacy.

4. Legal Basis (GDPR)

Data is processed on the legal basis of legitimate interest (diagnostics / abuse‑prevention) and contractual necessity (providing the service you request).

5. Data Retention

Raw access logs are rotated and deleted after seven (7) days. No certificate or CSR content is persisted beyond the active HTTPS request.

6. Security Measures

• TLS 1.2+ for all connections.
• Server hardening, automatic updates, and least‑privilege containers.
• Rate‑limiting and WAF to mitigate abuse.

7. Disclaimer & Liability

The CSR Generator is provided on an “as is” basis without warranties of any kind. Use is at your own risk. We accept no liability for:

• Loss of data or files
• Damage to systems or configurations
• Security vulnerabilities introduced via usage
• Incorrect or unsafe usage of the CSR generator
• Mismatch between the generated private key and CSR

It is your responsibility to safely store, verify and use the generated materials. Always validate CSRs before submission to a Certificate Authority.

8. Your Rights

You may request access, rectification or erasure of any personal data we hold. Contact us via the email below; response within 30 days.

9. Changes

Updates to this policy will be published on this page with a “last modified” date. Significant changes will be announced on the homepage.

10. Contact

Email: security@articgadgets.nl

Last modified: 05-07-2025