Skip to main content
LEGAL

Privacy Policy

Last updated: December 2024

1. Introduction

Dockt ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our certificate validation platform and services.

We are based in the European Union and comply fully with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

2. Information We Collect

Account Information

  • Name and email address
  • Company name and business details
  • Billing and payment information

Certificate Data

  • Certificate images and documents you upload for validation
  • Extracted certificate information (holder name, certificate type, validity dates)
  • Validation results and history

Usage Data

  • Log data (IP address, browser type, access times)
  • Device information
  • Feature usage and interaction data

3. How We Use Your Information

We use the collected information for:

  • Providing and improving our certificate validation services
  • Processing transactions and sending related information
  • Sending administrative communications
  • Responding to your inquiries and support requests
  • Analyzing usage patterns to improve our platform
  • Complying with legal obligations

4. Legal Basis for Processing (GDPR)

Under the GDPR, we process your personal data based on:

  • Contract: Processing necessary to provide our services to you
  • Legitimate Interest: Improving our services and preventing fraud
  • Consent: Where you have given explicit consent (e.g., marketing)
  • Legal Obligation: Compliance with applicable laws

5. Data Storage and Security

Your data is stored on secure servers located within the European Union. We implement appropriate technical and organizational measures to protect your personal data, including:

  • Encryption of data in transit and at rest
  • Regular security assessments and audits
  • Access controls and authentication measures
  • Employee training on data protection

6. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required by law. Certificate validation data is retained for the duration of your account plus 7 years for compliance purposes.

7. Your Rights

Under the GDPR, you have the following rights:

  • Access: Request a copy of your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Portability: Receive your data in a portable format
  • Restriction: Request limitation of processing
  • Objection: Object to certain types of processing
  • Withdraw Consent: Withdraw consent at any time

To exercise these rights, contact us at privacy@dockt.eu.

8. Third-Party Services

We may share your information with trusted third parties who assist in operating our platform:

  • Cloud hosting providers (EU-based)
  • Payment processors (PCI-DSS compliant)
  • Analytics services (anonymized data only)
  • Customer support tools

All third-party processors are bound by data processing agreements and GDPR compliance requirements.

9. International Transfers

We primarily store and process data within the EU. If any data transfer outside the EU is necessary, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date. Significant changes will be communicated via email.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us:

Dockt

Brussels, Belgium

Email: privacy@dockt.eu

You also have the right to lodge a complaint with your local data protection authority.