Legal

Privacy Policy

Last updated: January 2025

1. Introduction

KeyGrid ApS ("KeyGrid," "we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our PKI platform, HSM services, and related products (collectively, the "Services").

2. Information We Collect

2.1 Information You Provide

  • Account registration information (name, email, organization)
  • Contact information when you reach out to us
  • Payment and billing information
  • Certificate request data and metadata
  • Technical support communications

2.2 Information Collected Automatically

  • Log data (IP addresses, browser type, access times)
  • Usage data and analytics
  • Device and connection information
  • Cookies and similar tracking technologies

3. How We Use Your Information

We use the collected information to:

  • Provide, maintain, and improve our Services
  • Process certificate requests and manage PKI operations
  • Send administrative notifications and updates
  • Respond to inquiries and provide customer support
  • Monitor and analyze usage patterns and trends
  • Detect, prevent, and address security issues
  • Comply with legal obligations

4. Data Sharing and Disclosure

We do not sell your personal information. We may share information with:

  • Service providers who assist in operating our Services
  • Professional advisors (lawyers, accountants, auditors)
  • Law enforcement when required by law
  • Business partners with your consent

5. Data Security

We implement industry-standard security measures including encryption, access controls, and regular security audits. Our infrastructure is designed to meet FIPS 140-2 Level 3 requirements and SOC 2 Type II compliance standards.

6. Data Retention

We retain your information for as long as necessary to provide our Services and fulfill the purposes described in this policy. Certificate-related data may be retained for compliance and audit purposes as required by industry standards.

7. Your Rights (GDPR)

If you are in the European Economic Area, you have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure of your data
  • Restrict processing of your data
  • Data portability
  • Object to processing
  • Withdraw consent at any time

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including Standard Contractual Clauses approved by the European Commission.

9. Cookies

We use cookies and similar technologies to enhance your experience, analyze usage, and assist in our marketing efforts. You can control cookies through your browser settings.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

KeyGrid ApS

[email protected]

Copenhagen, Denmark