QuoVadis Privacy Notice – Highlights – Digital Certificates and Signing Solutions

This QuoVadis (“QV” or “QuoVadis”) Privacy Notice Highlights provides a shorter summarized version of the full QuoVadis Privacy Notice, which can be found here. It relates to the services provided by us for the issuance of digital certificates and the provision of signing solutions.  We take your privacy seriously and will only use your personal data to deliver the products and services requested.

Who are we?

QuoVadis is an EU Qualified Trust Service Provider (TSP).  A list of QuoVadis companies and their contact details are provided here. All QuoVadis companies comply with the provisions of this Privacy Notice. The data controller in respect of our website is QuoVadis (Bermuda) Holding Ltd.

QV provides services using a group of wholly-owned subsidiaries. A list of the entities which form part of this group and are relevant to the provision of digital certificates and signing services can be found here.  All QuoVadis companies comply with the provisions of this Privacy Notice.

Who are our Privacy Officers?

Our Data Protection Officer is Aaron Olsen (email: dpo@digicert.com or privacy@quovadisglobal.com).  Our Privacy Officers are:

  • Main: Barry Kilborn
  • Deputy: Rolfe Gerritsen

What data is collected?

We collect the data necessary for the provision of the services.  This includes your name; email address, etc.  For more details on the data collected see here.

Who is collecting it?

We collect data directly from you or indirectly from those organisations who have entered into a contract with us (for example to request certificates for their employees).

How will it be used?

We use your personal data only for the provision of the products and services that we have contracted to provide.

Who will it be shared with?

We do not share your personal data with anyone save to deliver the agreed services (see next paragraph).

Personal data provided as part of our services such as the certificate content and in some cases registration data, may be shared within the QuoVadis Group in order to process the certificate. For full details of the types of transfers that take pace and the personal data involved see here.

We may share your personal data with DigiCert, Inc. (“DigiCert”), our parent company. One reason for this is that our systems are in the process of being integrated. Click here for the DigiCert Privacy Policy. Transfers to DigiCert are performed on the basis of intra-group agreements, which are based on the EU’s standard contractual clauses for export of personal data to third countries.

How is your data protected?

We use a combination of technical, administrative, organizational and physical safeguards to protect your personal data. Access to your personal data is restricted to those who are necessary for the delivery of the services.  These safeguards are tested as part of our annual audits and accreditations. For further details please see details of our accreditations.

Retention Periods

We retain all personal data only for so long as necessary to comply with our legal obligations. For further information see here.

Your Rights

We comply with all relevant Data Protection/ Privacy legislation. These provide a number of rights with regard to your personal data.

You have the right to request from us access to and rectification or erasure of your personal data, the right to restrict processing, object to processing as well as in certain circumstances the right to data portability.

If you have provided consent for the processing of your data you have the right (in certain circumstances) to withdraw that consent at any time, which will not affect the lawfulness of the processing before your consent was withdrawn.

You have the right to lodge a complaint with the appropriate Data Protection Authority if you believe that we have not complied with our legal obligations. For further information see here.

Please email privacy@quovadisglobal.com to make a request under these provisions. In order to help us deal with such request please provide details of the product/service that the request relates to, the relevant QuoVadis office/ contact person and any other details (such as customer number etc). Please note that we will perform steps to verify your identity before providing any information.

Automated Decision Making and Profiling

We do not use automated decisions in the processing of personal of data.

This Privacy Notice

The Privacy Notice was last updated on March 4, 2019.


If you have questions regarding this Privacy Notice, please contact us at dpo@digicert.com or privacy@quovadisglobal.com.