The data controller for personal data collected by Idently is Idently Systems Limited, having its registered offices at Four Greenway, 2nd Floor, Westlands Road, Nairobi, Kenya. All questions or requests regarding the processing of data may be addressed to: firstname.lastname@example.org.
Collection of Personal Information
We collect information from you when you (i) place an order for a Idently digital certificate or other product or service, (ii) scan your servers for digital certificates using our Certificate Inventory Tool (CIT), (iii) apply for access to our portal and/or managed service platforms, (iv) subscribe to our newsletter, (v) use our online chat service, (vi) download a white paper, (vii) register for a webinar, (viii) respond to a survey, (ix) fill out a form for pre/post sales assistance, (x) open a support ticket, (xi) apply for a job at Idently, (xii) share data with social media sites, or (xiii) attend a Idently exhibit.
Idently is a Certification Authority and trusted third party. To fulfill requests for digital certificates or other products or services, you may be asked to enter your name, email address, physical address, phone number, credit card information and/or organizational details or other personal information.
- Contact information such as your name, email address, physical address, and phone number.
- Relationship information that helps us do business with you, such as the types of products and services that may interest you, contact and product preferences, languages, marketing preferences and demographic data.
- Vetting evidences such as ID documentation
- Transactional information about how you interact with us, including purchases, inquiries, customer account information, billing and credit card information, organizational details, transaction and correspondence history, and information about how you use and interact with our website.
We may develop and acquire additional information about you by using third-party (public and private) data sources such as third-party databases and government agencies, as well as your browsing and purchasing history in order to process orders for certificates and to improve our services.
Idently treats personal information as confidential, except for the information included in an issued digital certificate. Such information may be verified using third party commercial and government resources, and as such, is deemed to be public information.
Purpose of Processing
Your personal data will be used for the purposes specified below:
- To process applications for Idently products and services
Your information is used to provide our products and services and order processing as well as to conduct business transactions such as billing.
- To improve customer service
Your information helps us to more effectively respond to your pre/post sales requests and provide technical support.
- To send renewal notices
The email address you provide for order processing may be used to send you renewal notices for your expiring digital certificate.
- To send service updates
In addition, subject to your consent where required, we may send you new service updates, security updates, related product or service information, and status updates on maintenance windows or service availability.
- To tell you about our products and services
Subject to your consent where required, we may send you periodic company newsletters, information about our products and services that may be of interest to you based on your use of other Idently products and services, your attendance at Idently sponsored marketing events such as webinars or exhibitions, your requests for information about similar products and services, or your sharing of data with social media sites such as LinkedIn or Facebook.
3.6 To process applications for jobs at Idently
If you apply to work with us, your information is used to process your application.
Legal Basis for Processing Personal Data
We will process your data for the purpose of performance of our contract with you or the legitimate interest of Idently, which are our usual business activities. In other cases, we will request your consent for the processing of the personal data you may submit.
Your refusal to provide personal data to us for certain products and services may hinder us from fulfilling your order for those products or services. Also, if you deny or withdraw your consent to use personal data or opt out of receiving information about Idently products and services this may result in you not being made aware of renewal notices, periodic company newsletters, new service updates, security updates, related product or service information, and status updates on maintenance windows or service availability. See section 10 below for how to withdraw your consent.
First time visitors may choose to not have any activity monitoring cookies set in their browser. We use an opt-out identification cookie to tag these users as having made this decision. Those cookies that pertain to site performance, experience improvement and marketing are programmed not to execute when an opt-out cookie is present in a visitor’s browser. Opt-out cookies persist until a visitor clears their browser cookies, or until their expiration one year after the set date. A visitor is required to opt out again after one year in order to disable any activity monitoring cookies.
Use of application logs for diagnostics or to gather statistical information
Our servers automatically record information (“Application Log Data”) created by your use of our services. Application Log Data may include information such as your IP address, browser type, operating system, the referring web page, pages visited, location, your mobile carrier, device and application IDs, search terms, and cookie information. We use this information to diagnose and improve our services. Except as stated in section 9 (Data Retention), we will either delete the Application Log Data or remove any account identifiers, such as your username, full IP address, or email address, after 12 months.
Sharing of Information and Transfers of Data
Third Parties: We may also transfer your personal data to trusted third parties and our partners in order to serve purposes that are specified in section 3 above. Idently uses a third party to process credit card payments and provides credit card numbers and identifying financial data directly to the third party credit card processor.
In circumstances where data is shared with such third parties, they are required to comply with confidentiality terms included in our data processing agreements. This prohibits such third parties from selling, trading, using, marketing or otherwise distributing Idently customer data.
As Required by Law: We may also release your information when we believe release is appropriate to comply with the law or protect our rights, property, or safety.
It is our policy to notify customers of requests for their data from law enforcement unless we are prohibited from doing so by statute or court order. Law enforcement officials who believe that notification would jeopardize an investigation should obtain an appropriate court order or other process that specifically precludes member notification.
Mergers & Acquisitions: We may also disclose your personal information to third parties who may take over the operation of our site or who may purchase any or all of our assets, including your personal information. We will contact you using the details you provide if there is any change in the person controlling your information.
The third parties, subsidiaries and affiliates to which your personal information can be disclosed may be located throughout the world. Therefore, information may be sent to countries having different privacy protection standards than your country of residence. In such cases, we take measures to ensure that your personal information receives an adequate level of protection by only transferring your personal information to countries that have received an adequacy decision, or by entering into standard contractual clauses to protect your personal information.
The personal information we collect is retained for no longer than necessary to fulfil the stated purposes in section 3 above or for a period specifically required by law or regulation that Idently is obligated to follow.
To meet public CA audit requirements as detailed in the Idently Certification Practice Statement, personal data used to fulfill verification of certain types of digital certificate applications will be retained for a minimum of 10 years depending on the class of product or service and may be retained in either a physical or electronic format. Please refer to the Idently Certification Practice Statement for full details.
After the retention period is over, Idently securely disposes or anonymizes your personal information in order to prevent loss, theft, misuse, or unauthorized access.
Opting out; withdrawing consent
If at any time you would like to unsubscribe from receiving future emails, we include unsubscribe instructions at the bottom of each email. Renewal notices may be cancelled on a per digital certificate basis by logging into your certificate management system account and disabling renewal notices.
Email preferences for CIT related/collected information can be updated and changed within CIT.
You are responsible for providing Idently with true, accurate, current and complete personal information. Also, you are responsible to maintain and promptly update the information to keep it true, accurate, current and complete.
You have the right to access and modify your personal data stored on Idently systems. You can exercise your rights by contacting us in writing. We will require you to provide identification in order to verify the authenticity as the data subject. We will make reasonable efforts to respond to and process your request as required by law.
To the extent of applicable law, you may have the right to request erasure of your personal information, restriction of processing as it applies to you, object to processing and the right to data portability. You also have the right to lodge a complaint with a supervisory authority.
If you provide any information that is untrue, inaccurate, not current or incomplete, or if we have reasonable grounds to suspect that such information is untrue, inaccurate, not current or incomplete, we have the right to suspend or terminate your account and refuse any and all current or future services.
As a provider of services, Idently may receive or have access to personal data on behalf of our customers. Such information (“Customer Personal Data”) is owned and controlled by our customers, the data controllers for such information. Customer information may include information provided by the customer in support of certain services, such as identification data for verification purposes. As a data processor of the Customer Personal Data, Idently processes the Customer Personal Data pursuant to the instructions from our customers. If Idently receives a data subject request, it may direct you to our Customer, as the controller of the Customer Personal Data.
How we protect your information
We implement a variety of security measures to maintain the safety of your personal information when you place an order or enter, submit, or access your personal information. All supplied sensitive/credit information is transmitted via Transport Layer Security (TLS).
After a transaction, your transaction-related information will be kept on file to meet audit requirements and facilitate renewals. We do not retain any credit card details.
The Services are not designed for, not marketed to, minors. We do not knowingly collect or solicit personal information from minors, and we do not knowingly allow such persons to use the Services. If you are a minor, please do not attempt to use the Services or send any information about yourself to us. In the event that we learn that we have collected personal information from a minor without verified parental consent, we will delete that information as quickly as
possible. If you believe we have any information from or about a minor, please contact us using the contact information shown in section 16.
Idently commits itself to protect the personal information submitted by applicants and subscribers for its public certification services. Idently declares to fully respect all rights established and laid out in applicable regional laws and regulations.
Idently Systems, ATTN. Data Protection Officer,
Four Greenway, 2nd Floor, Westlands Road, Nairobi, Kenya.
P.O. Box 66268 00800 Nairobi, Kenya.
Tel: + 254 734467635
Our Office Location
Four Greenway, 2nd Floor, Westlands Road,