Privacy Policy

Last updated: March 2026

1. Data controller

FairSSL A/S (Denmark) is the data controller for personal data processed through sslbrain.com and sslbrain Cloud. Privacy-related inquiries: info@fairssl.dk.

2. Scope

This policy covers sslbrain.com and sslbrain Cloud. The sslbrain appliance runs on-premises, and data from the appliance never leaves your network.

3. Data we collect

  • Contact and account details: name, email, company, and the content of your message when you write to us or create an account.
  • sslbrain Cloud data: licence and usage information needed to deliver the service.
  • Website analytics: cookieless measurement of visits to sslbrain.com. We record how the site is used and which referral and campaign parameters in the URL brought traffic.
  • Server access logs: standard web server logs for all requests to our infrastructure, with technical details about the request and the connection.

4. Purposes

  • Delivering and administering sslbrain Cloud
  • Security monitoring, attack prevention, and incident investigation
  • Operational stability and troubleshooting
  • Internal analytics for the site and our own marketing
  • Responding to your inquiries

5. Legal bases

  • Performance of a contract (GDPR Art. 6(1)(b)) for sslbrain Cloud.
  • Legitimate interest (Art. 6(1)(f)) for security, operations, analytics, and internal marketing measurement. You have the right to object.
  • Consent (Art. 6(1)(a)) where we expressly ask for it, for example for the newsletter.

6. Cookies and consent

The marketing site sets no non-essential cookies. All analytics are cookieless and stay on our own infrastructure. The sslbrain.com/cloud portal uses only strictly necessary cookies for login and security. For that reason, we do not show a consent banner.

7. Data we do NOT collect

As an on-premises product, we never have access to:

  • Certificate private keys
  • Passwords, SSH keys, or WinRM credentials
  • Domain names and internal network information
  • Audit and operational data from your appliance

8. Recipients

We do not share personal data with advertising platforms, data brokers, or third-party marketing systems. All processing takes place on FairSSL A/S infrastructure within the EU. We use processors only where necessary to deliver the service, and always under a written data processing agreement.

9. Retention

  • Server access logs: up to 90 days
  • Account and licence data: life of the account plus 12 months
  • Contact inquiries: up to 24 months
  • Website analytics: aggregated and rolling

10. Your rights

Under the General Data Protection Regulation, you have the right of access, rectification, erasure, restriction, data portability, and objection, including objection to processing based on legitimate interest. Contact us at info@fairssl.dk.

You may also lodge a complaint with the Danish Data Protection Agency (Datatilsynet) if you are not satisfied with how we handle your data.

11. Changes

We update this policy when our practice changes. The last-updated date appears at the top of the page.