Privacy Policy

1. Information We Collect

TrustPin ("we", "our", or "us") collects information you provide directly to us when you use our certificate pinning platform and services.

Information you provide to us:

• Account information (name, email address, company information)
• Authentication credentials through OAuth providers (Google, GitHub, etc.)
• Certificate and domain configuration data
• Support communications and feedback

Information we collect automatically:

• Usage data and analytics
• Device and browser information
• IP addresses and location data
• Log data and error reports

2. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve our certificate pinning services
• Process transactions and send related information
• Send technical notices, updates, and security alerts
• Respond to your comments, questions, and provide customer service
• Monitor and analyse trends, usage, and activities
• Detect, investigate, and prevent fraudulent transactions and abuse

3. Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except as described in this policy:

• Service Providers: We currently do not share information with third-party vendors and hope to avoid doing so. However, we reserve the right to share information with trusted third-party vendors who perform services on our behalf if necessary for service operations
• Legal Requirements: We may disclose information if required by law or to protect our rights and safety
• Business Transfers: Information may be transferred in connection with mergers or acquisitions

4. OAuth and Third-Party Authentication

When you authenticate using OAuth providers (such as Google), we receive limited information from these providers:

• Basic profile information (name, email address, profile picture)
• Authentication tokens (stored securely and used only for service provision)
• No access to your passwords or other sensitive account data

We comply with OAuth provider requirements and security standards. You can revoke OAuth permissions at any time through your third-party provider's settings.

5. Data Security

We implement appropriate technical and organisational security measures to protect your information against unauthorised access, alteration, disclosure, or destruction. This includes:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication requirements
• Monitoring for suspicious activities

6. Data Retention

We retain your information for as long as your account is active or as needed to provide services. We may retain certain information for legitimate business purposes or as required by law.

7. Your Rights and Choices

You have the right to:

• Access, update, or delete your account information
• Opt out of certain communications
• Request a copy of your data
• Request deletion of your data (subject to legal requirements)

8. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers.

9. Children's Privacy

Our services are not intended for children under 13. We do not knowingly collect personal information from children under 13.

10. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date.

11. Contact Us

If you have any questions about this privacy policy, please contact us at: