Skip to main content

GDPR Compliance

TLS Radar is committed to protecting the privacy and security of your personal data. This GDPR Compliance Statement describes how we collect, process, and protect data in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”).

1. Data Controller

TLS Radar acts as the Data Controller for all personal data collected through our platform and related services. This means we determine the purposes and means of processing your data. Our third-party service providers — including Stripe, Google Analytics, AppSignal, SendGrid, Twilio, and AWS SES — act as Data Processors under our instructions and in compliance with GDPR obligations.

2. Data Processing Location

Your personal data may be stored and processed outside the European Union (“EU”) and European Economic Area (“EEA”), primarily in the United States. TLS Radar may also process and store data within the EU at facilities operated by reputable cloud providers such as AWS, Azure, or Google Cloud Platform. In all cases, TLS Radar ensures that adequate safeguards — including Standard Contractual Clauses (SCCs) — are in place to protect your personal data in accordance with GDPR requirements.

3. Legal Basis for Processing

We process personal data based on one or more of the following legal grounds:

  • Performance of a Contract – To provide and maintain your TLS Radar account, process payments, and deliver monitoring services.
  • Consent – For analytics, cookies, marketing communications, or optional notifications where you have provided explicit consent.
  • Legitimate Interests – To improve our platform, ensure security, prevent fraud, and analyze service usage in a manner that respects your privacy.
  • Legal Obligations – To comply with applicable laws, regulations, and lawful requests by public authorities.

4. Categories of Personal Data

TLS Radar may collect and process the following categories of personal data:

  • Account data (email address, password, profile information)
  • Billing data (payment details via Stripe, subscription records)
  • Monitoring data (domains, IP addresses, SSL/TLS certificate information)
  • Communication data (support requests, contact form submissions, emails)
  • Technical data (log files, browser type, IP address, usage patterns, analytics)

5. Data Retention

We retain personal data only as long as necessary to fulfill the purposes for which it was collected, including compliance with legal, accounting, or reporting obligations. When you delete your account, your associated data is permanently deleted within thirty (30) calendar days, except where retention is required by law or to resolve disputes.

6. Your Rights Under GDPR

As an EU or EEA resident, you have the following rights under the GDPR:

  • Right of Access – Obtain confirmation as to whether TLS Radar processes your personal data and receive a copy of such data.
  • Right to Rectification – Request correction or update of inaccurate or incomplete personal data.
  • Right to Erasure (“Right to be Forgotten”) – Request deletion of your data, subject to applicable legal obligations.
  • Right to Restrict Processing – Request limitation on the processing of your personal data in certain cases.
  • Right to Data Portability – Receive your personal data in a structured, commonly used format and transmit it to another controller.
  • Right to Object – Object to the processing of your personal data based on legitimate interests or direct marketing purposes.
  • Right to Withdraw Consent – Withdraw consent for processing at any time, without affecting the lawfulness of prior processing.

You can exercise these rights by contacting us via our contact form. We will respond to verified requests within thirty (30) days in accordance with GDPR requirements.

7. Security Measures

We employ industry-standard security measures, including encryption in transit and at rest, access controls, monitoring, and regular vulnerability assessments to protect personal data against unauthorized access, alteration, or destruction.

8. Subprocessors and Third Parties

To deliver our services, TLS Radar relies on carefully selected subprocessors who comply with data protection standards consistent with the GDPR. These include:

  • Stripe – Payment processing
  • Google Analytics – Usage analytics
  • AppSignal – Performance monitoring
  • SendGrid and AWS SES – Email delivery

Each third-party service is bound by contractual obligations ensuring data protection, confidentiality, and compliance with GDPR.

9. International Data Transfers

When data is transferred outside the EU/EEA, TLS Radar ensures such transfers comply with GDPR requirements by implementing Standard Contractual Clauses (SCCs) and other appropriate safeguards to protect your personal data.

10. Updates to This Policy

TLS Radar may update this GDPR Compliance Statement from time to time to reflect changes in legal requirements or our data processing practices. The latest version will always be available on this page, with the effective date indicated at the top. Continued use of our services after changes are posted constitutes acceptance of the revised policy.

11. Contact Information

We do not currently appoint a formal Data Protection Officer (DPO). However, you may contact us regarding any privacy or GDPR-related concerns via our contact form.

TLS Radar remains fully committed to safeguarding your privacy and ensuring transparency in all aspects of data processing.