Privacy Policy

Your privacy is important to us. This policy explains how we collect, use, and protect your information.

Effective Date: January 1, 2025 Last Updated: May 16, 2026
SSL Encrypted

1 Overview

Issue Badge ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our certificate management platform.

Our Privacy Principles

  • We collect only what we need to provide our services
  • We never sell your personal information
  • You have control over your data
  • We use industry-standard security measures

2 Information We Collect

Personal Information

Information you provide directly:

  • • Name and email address
  • • Organization details
  • • Payment information (processed securely by payment providers)
  • • Certificate recipient information
  • • Profile photo (optional)

Usage Information

Information collected automatically:

  • • IP address and device information
  • • Browser type and operating system
  • • Pages visited and features used
  • • Certificate creation and verification logs
  • • API usage statistics

Third-Party Information

Information from integrated services:

  • • OAuth profile information (if you sign in with Google/GitHub)
  • • Analytics data from Google Analytics
  • • Customer support interactions

3 How We Use Your Information

Service Delivery

  • • Create and manage certificates
  • • Process payments
  • • Provide customer support
  • • Send service notifications

Service Improvement

  • • Analyze usage patterns
  • • Develop new features
  • • Optimize performance
  • • Conduct research

Communication

  • • Service updates
  • • Security alerts
  • • Marketing (with consent)
  • • Feature announcements

Security & Compliance

  • • Prevent fraud
  • • Enforce terms of service
  • • Comply with legal obligations
  • • Protect user rights

4 Information Sharing

We Never Sell Your Data

We do not sell, trade, or rent your personal information to third parties. Your data is only shared as described below.

We may share information with:

Service Providers

Trusted partners who help us operate our platform (e.g., payment processors, email services, hosting providers)

Certificate Recipients

Information necessary for certificate verification (as specified by certificate issuers)

Legal Requirements

When required by law, court order, or to protect our rights and safety

Business Transfers

In connection with mergers, acquisitions, or asset sales (with notice to users)

5 Data Security

We implement comprehensive security measures to protect your information:

Technical Measures

  • • 256-bit SSL encryption
  • • Encrypted data storage
  • • Regular security audits
  • • DDoS protection
  • • Secure API endpoints

Operational Measures

  • • Access controls
  • • Employee training
  • • Incident response plan
  • • Regular backups
  • • Vendor assessments

Note: While we use industry-standard security measures, no method of transmission over the internet is 100% secure. We continuously work to protect your information but cannot guarantee absolute security.

6 Data Retention

We retain your information only as long as necessary to provide our services and fulfill the purposes outlined in this policy.

Active Accounts

Data is retained as long as your account is active and for legitimate business purposes.

Deleted Accounts

Personal data is deleted within 90 days of account closure, except where retention is required by law.

Certificate Data

Certificate records may be retained indefinitely for verification purposes, as agreed during issuance.

Legal Compliance

Some data may be retained longer to comply with legal obligations or resolve disputes.

7 Your Rights & Choices

You have several rights regarding your personal information:

Access

Request a copy of your personal data

Correction

Update or correct inaccurate data

Deletion

Request deletion of your data

Objection

Object to certain data processing

Portability

Export your data in a portable format

Opt-out

Unsubscribe from marketing emails

To exercise any of these rights, please contact us at support@issuebadge.com or through your account settings.

8 Cookies & Tracking

We use cookies and similar tracking technologies to improve your experience on our platform.

Essential Cookies

Required for platform functionality, security, and user authentication. Cannot be disabled.

Analytics Cookies

Help us understand how users interact with our platform to improve services.

Preference Cookies

Remember your settings and preferences for a personalized experience.

You can control cookies through your browser settings. Note that disabling certain cookies may limit platform functionality.

9 Children's Privacy

Issue Badge is not intended for use by children under 16 years of age. We do not knowingly collect personal information from children under 16. If we become aware that we have collected personal information from a child under 16, we will take steps to delete such information promptly.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us at privacy@issuebadge.com.

10 International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place:

International Transfers

We use appropriate safeguards including Standard Contractual Clauses for international data transfers.

Data Localization

Where required by law, we store data within specific geographic regions.

11 Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements.

How We'll Notify You

  • Email notification for significant changes
  • Dashboard notification when you log in
  • Updated "Last Updated" date at the top

12 Google Workspace API & Limited Use Policy

This section applies specifically to users of IssueBadge for Google Workspace (our Google Sheets and Google Forms add-on listed on the Google Workspace Marketplace).

IssueBadge's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Google user data we access

When you install IssueBadge in Google Sheets or Google Forms, the add-on requests OAuth permission to access the following data — and only for the purposes listed below:

  • Google Drive (drive, drive.file): Copy starter certificate templates into your Drive, save generated certificate PDFs to your Drive, and create the IssueBadge Log spreadsheet for audit history. We never read files we did not create.
  • Google Slides™ (presentations): Render certificate templates by replacing {{placeholder}} text with your data and export each result as a PDF.
  • Google Sheets (spreadsheets.currentonly): Read recipient names, emails, and certificate field values from the spreadsheet you have open. Limited to the active file only.
  • Google Forms (forms.currentonly): Read the questions and incoming responses of the form you have open, so we can map fields and auto-send certificates on submission. Limited to the active form only.
  • Gmail (script.send_mail): Send the generated certificate PDF as an email attachment from your own Gmail account to your recipients. We never read your inbox.
  • User email (userinfo.email): Detect your signed-in email so we can record it in the audit log and email you sample certificates on request.

How we use Google user data — Limited Use compliance

✓ We do

  • • Use data only to provide the certificate-generation features you requested
  • • Process data entirely inside your own Google account using Google Apps Script
  • • Store template copies, generated PDFs, and the audit log in your own Google Drive
  • • Let you uninstall the add-on at any time to revoke all access

✗ We never

  • • Transfer Google user data off your Google account to our servers
  • • Sell, rent, or share Google user data with third parties
  • • Use Google user data for advertising or to build ad profiles
  • • Use Google user data to train AI or machine-learning models
  • • Allow humans to read your data, except (a) with your explicit consent, (b) to fix a security issue, (c) to comply with applicable law, or (d) for anonymized aggregate operational metrics

Where data lives

IssueBadge for Google Workspace runs entirely inside your Google account using Google Apps Script. The add-on does not contact any IssueBadge server. Your spreadsheet contents, form responses, recipient lists, and generated certificate PDFs are written to your own Google Drive and your own Gmail — IssueBadge does not transmit any of this data to systems we operate.

Revoking access

You can revoke IssueBadge's access to your Google account at any time at myaccount.google.com/permissions. After revocation, IssueBadge will no longer be able to access your Google data; existing certificates and log entries in your Drive remain yours and are unaffected.

13 Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, we're here to help:

Privacy Team

support@issuebadge.com
Response within 48 hours

Data Protection Officer

support@issuebadge.com
For privacy inquiries

Mailing Address

Issue Badge Privacy Team

Your Privacy Matters

We're committed to protecting your data and respecting your privacy choices.

Manage Privacy Settings