← Back to Home
Privacy Policy
This Privacy Policy describes how A1-Soft Company collects, uses, and protects your personal information when you use the A1Queue platform.
Last Updated: April 2026
Your Privacy Matters: A1-Soft Company is committed to protecting your privacy and handling your personal data with transparency and care. This policy explains what information we collect, why we collect it, how we use it, and the choices you have regarding your data.
1. Information We Collect
We collect various types of information in connection with the A1Queue service. The categories of data we collect include:
1.1 Account Information
When you create an account, we collect the following personal information:
- Full Name: Your first and last name as provided during registration.
- Email Address: Your email address, used for account authentication, communications, and notifications.
- Organization Name: If applicable, the name of your company or organization.
- Password: A hashed version of your password (we never store passwords in plain text).
- Account Preferences: Your notification settings, display preferences, and language selection.
1.2 Domain and Server Information
To provide our SSL certificate management services, we collect:
- Domain Names: The domain names you register for SSL certificate management, including subdomains and wildcard domains.
- Server IP Addresses: The IP addresses of servers where the desktop agent is installed or certificates are deployed.
- Machine IDs: Unique identifiers generated by the desktop agent application for each server or machine, used to associate certificates with specific installations.
- Server Configuration Data: Information about your web server environment, including IIS site names, binding configurations, operating system version, and installed web server software.
- Certificate Metadata: Details about issued certificates, including issuance dates, expiration dates, certificate types, Subject Alternative Names (SANs), and renewal history.
1.3 Payment Information
When you make a purchase or subscribe to a paid plan:
- Payment Method: Your payment method details are collected and processed by our payment processor, Lemon Squeezy. We do not directly store your credit card numbers or full payment card details on our servers.
- Billing Information: Your billing name, billing address, and transaction history.
- Transaction Records: Records of purchases, subscription changes, and refund requests.
1.4 Usage and Technical Data
We automatically collect certain technical and usage information when you interact with our Service:
- IP Addresses: Your IP address when accessing the web platform or when the desktop agent communicates with our servers.
- Browser Information: Browser type, version, language, and operating system when accessing the web platform.
- Access Logs: Timestamps, pages visited, actions performed, API calls made, and error logs.
- Device Information: Device type, screen resolution, and other technical characteristics of the device used to access the Service.
- Agent Telemetry: Operational data from the desktop agent, including certificate operation results, error reports, and performance metrics.
1.5 Communication Data
When you contact us for support or provide feedback:
- Support Tickets: The content of your support requests, emails, and any attachments you provide.
- Feedback: Any feedback, suggestions, or reviews you submit.
2. How We Use Your Data
We use the information we collect for the following purposes:
2.1 Service Delivery
- To create, maintain, and secure your account.
- To process SSL/TLS certificate requests, issuance, installation, and renewal.
- To facilitate domain validation challenges with Certificate Authorities.
- To monitor certificate status and send expiration and renewal notifications.
- To associate certificates and configurations with your registered servers via Machine IDs.
- To provide customer support and respond to your inquiries.
2.2 Service Improvement
- To analyze usage patterns and identify areas for feature improvement.
- To diagnose technical issues, debug errors, and optimize performance.
- To develop new features, products, and services based on aggregate usage data.
- To conduct internal analytics and generate statistical reports (using anonymized or aggregated data where possible).
2.3 Communication
- To send essential service notifications, including certificate expiration alerts, renewal confirmations, and security notices.
- To send account-related communications, such as billing confirmations, password resets, and account status updates.
- To send product updates and announcements about new features (with your consent where required by law).
2.4 Security and Fraud Prevention
- To detect, prevent, and respond to unauthorized access, fraud, abuse, and security threats.
- To enforce our Terms of Service and protect the rights and safety of our users and third parties.
- To comply with legal obligations and respond to lawful requests from government authorities.
3. Data Storage and Security
3.1 Data Storage
Your data is stored on secure servers and databases operated by A1-Soft Company and our authorized hosting providers. Our primary data storage infrastructure is designed with redundancy and reliability in mind. We may store data in multiple geographic locations to ensure availability and performance.
3.2 Security Measures
We implement commercially reasonable technical and organizational security measures to protect your personal data, including:
- Encryption in Transit: All data transmitted between your browser or desktop agent and our servers is encrypted using TLS/SSL protocols.
- Encryption at Rest: Sensitive data stored on our servers, including private keys (if stored), is encrypted at rest using industry-standard encryption algorithms.
- Access Controls: Strict role-based access controls limit who within our organization can access personal data, based on the principle of least privilege.
- Password Hashing: User passwords are stored using strong, salted cryptographic hashing algorithms. We never store passwords in plain text.
- Regular Security Audits: We conduct periodic security reviews and vulnerability assessments of our infrastructure and application code.
- Incident Response: We maintain an incident response plan to promptly address and mitigate any data security incidents.
3.3 Private Key Handling
Important: SSL/TLS private keys generated by the desktop agent are primarily stored locally on your server. If you choose to use our key backup feature, encrypted copies of private keys may be stored on our servers. We strongly recommend managing your own private key backups and limiting the storage of private keys on third-party systems whenever possible.
3.4 No Absolute Guarantee
While we implement robust security measures, no method of electronic storage or transmission over the Internet is 100% secure. We cannot guarantee absolute security of your data and shall not be held liable for any unauthorized access that occurs despite our reasonable security efforts.
4. Third-Party Services
Our Service integrates with and relies upon several third-party services. Each of these services has their own privacy policies governing the data they collect and process:
4.1 Let's Encrypt
We use Let's Encrypt as our primary Certificate Authority for issuing SSL/TLS certificates. When you request a certificate through our Service, certain information is shared with Let's Encrypt, including your domain name(s) and information necessary for domain validation. Let's Encrypt maintains its own privacy policy, which governs their handling of this data. Let's Encrypt also maintains publicly accessible Certificate Transparency logs that record issued certificates. Please review Let's Encrypt's Privacy Policy for details.
4.2 Lemon Squeezy
We use Lemon Squeezy as our payment processing provider. When you make a purchase, your payment information is collected and processed by Lemon Squeezy. We receive only limited transaction information (such as transaction ID, amount, and status) from Lemon Squeezy. Your payment card details are stored and processed by Lemon Squeezy in compliance with PCI DSS standards. Please review Lemon Squeezy's Privacy Policy for details on their data practices.
4.3 Google Analytics
We use Google Analytics to analyze website traffic and usage patterns on our web platform. Google Analytics collects information such as your IP address (which may be anonymized), browser type, referring pages, pages visited, and time spent on each page. This data is used in aggregate form to understand how users interact with our Service and to improve the user experience. Google Analytics uses cookies to collect this information. Please review Google's Privacy Policy for more information. You may opt out of Google Analytics by installing the Google Analytics Opt-Out Browser Add-on.
4.4 Other Third-Party Services
We may integrate with additional third-party services for purposes such as email delivery, error tracking, performance monitoring, and customer support. We evaluate the privacy practices of third-party providers before integration and require that they handle data in accordance with applicable privacy laws. A current list of sub-processors is available upon request.
5. Cookies and Tracking Technologies
5.1 Types of Cookies We Use
| Cookie Type |
Purpose |
Duration |
| Essential Cookies |
Required for authentication, session management, and core functionality of the platform. The Service cannot function properly without these cookies. |
Session / Up to 30 days |
| Preference Cookies |
Store your settings and preferences, such as language selection, display mode, and notification preferences. |
Up to 1 year |
| Analytics Cookies |
Collect anonymized usage data to help us understand how users interact with the Service and identify areas for improvement (e.g., Google Analytics). |
Up to 2 years |
| Security Cookies |
Help detect and prevent fraudulent activity, unauthorized access attempts, and other security threats. |
Session / Up to 90 days |
5.2 Managing Cookies
Most web browsers allow you to control cookies through their settings. You can configure your browser to block or delete cookies, or to alert you when a cookie is being set. Please note that blocking essential cookies may prevent you from using certain features of the Service. Instructions for managing cookies can typically be found in your browser's help documentation.
5.3 Do Not Track
Some browsers support a "Do Not Track" (DNT) signal. Our Service does not currently respond to DNT signals. However, you can manage your tracking preferences through cookie settings and analytics opt-outs as described above.
6. Data Retention
6.1 Retention Periods
We retain your personal data only for as long as necessary to fulfill the purposes described in this Privacy Policy, or as required by applicable law. The specific retention periods depend on the type of data:
- Account Information: Retained for the duration of your active account and for up to two (2) years after account closure or deletion, unless a longer retention period is required by law.
- Certificate and Domain Data: Retained for the duration of your account and for up to one (1) year after account closure, to support auditing and historical record-keeping.
- Transaction and Billing Data: Retained for up to seven (7) years after the transaction date, as required for tax, accounting, and legal compliance purposes.
- Access and Server Logs: Retained for up to ninety (90) days for security monitoring and troubleshooting purposes, after which they are automatically purged or anonymized.
- Support Communications: Retained for up to three (3) years after the last interaction, to maintain a record of support history and resolutions.
- Analytics Data: Aggregated and anonymized analytics data may be retained indefinitely for statistical analysis purposes.
6.2 Data Deletion
When data is no longer needed, we securely delete or anonymize it using industry-standard methods. Deletion requests are processed in accordance with the procedures described in Section 8 (Your Rights).
7. International Data Transfers
A1-Soft Company is based in Kuwait. If you access the Service from outside Kuwait, your data may be transferred to, stored, and processed in Kuwait or other countries where our servers or third-party service providers are located. These countries may have data protection laws that differ from those in your jurisdiction.
When we transfer personal data internationally, we take appropriate safeguards to ensure that your data is protected in accordance with this Privacy Policy and applicable data protection laws. These safeguards may include contractual protections (such as standard contractual clauses) and ensuring that our service providers maintain adequate security measures.
8. Your Rights
Depending on your jurisdiction, you may have the following rights with respect to your personal data:
8.1 Right of Access
You have the right to request a copy of the personal data we hold about you. We will provide this information in a structured, commonly used, and machine-readable format within thirty (30) days of receiving your verified request.
8.2 Right to Correction
You have the right to request that we correct any inaccurate or incomplete personal data we hold about you. You can update most account information directly through your account settings. For other corrections, please contact us at support@queue.a1-soft.com.
8.3 Right to Deletion
You have the right to request the deletion of your personal data, subject to certain exceptions. We may retain certain data where we have a legal obligation to do so, where it is necessary for the performance of a contract, or where we have a legitimate interest that overrides your request. Upon receiving a valid deletion request, we will:
- Delete your account and associated personal data from our active systems within thirty (30) days.
- Remove your data from backup systems within ninety (90) days.
- Provide confirmation of deletion upon completion.
8.4 Right to Data Portability
You have the right to receive your personal data in a portable format and to request that we transfer it to another service provider, where technically feasible.
8.5 Right to Object
You have the right to object to the processing of your personal data for certain purposes, including direct marketing. If you object to processing for direct marketing, we will cease such processing promptly.
8.6 Right to Restrict Processing
You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data or object to processing based on legitimate interests.
8.7 Exercising Your Rights
To exercise any of the above rights, please contact us at support@queue.a1-soft.com with a clear description of your request. We may ask you to verify your identity before processing your request. We will respond to verified requests within thirty (30) days, or within the timeframe required by applicable law.
9. Children's Privacy
The A1Queue service is not intended for use by individuals under the age of sixteen (16) years old. We do not knowingly collect, use, or disclose personal information from children under 16. If we become aware that we have inadvertently collected personal data from a child under 16, we will take reasonable steps to promptly delete such data from our systems.
If you are a parent or guardian and believe that your child has provided personal information to us without your consent, please contact us at support@queue.a1-soft.com, and we will work to delete the information promptly.
10. GDPR Compliance
If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, the following additional provisions apply to you under the General Data Protection Regulation (GDPR) and related legislation:
10.1 Legal Basis for Processing
We process your personal data on the following legal bases:
- Contract Performance: Processing necessary for the performance of the contract between you and A1-Soft Company (i.e., providing the Service as described in our Terms of Service).
- Legitimate Interests: Processing necessary for our legitimate interests, such as improving the Service, ensuring security, and preventing fraud, provided these interests are not overridden by your fundamental rights and freedoms.
- Consent: Where we rely on your consent for specific processing activities (such as marketing communications), you have the right to withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
- Legal Obligation: Processing necessary for compliance with a legal obligation to which A1-Soft Company is subject.
10.2 Data Protection Officer
For GDPR-related inquiries, you may contact our data protection team at support@queue.a1-soft.com. We are committed to addressing any concerns you may have regarding our data protection practices.
10.3 Supervisory Authority
If you are located in the EEA, you have the right to lodge a complaint with a supervisory authority in the EU member state where you reside, where you work, or where the alleged infringement occurred, if you believe that our processing of your personal data violates the GDPR.
10.4 Data Protection Impact Assessments
Where required by the GDPR, we conduct Data Protection Impact Assessments (DPIAs) to evaluate and mitigate risks associated with the processing of personal data, particularly for new processing activities or technologies that may pose a high risk to the rights and freedoms of data subjects.
11. Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will:
- Update the "Last Updated" date at the top of this page.
- Post a notice on our website or within the Service dashboard for a reasonable period.
- For significant changes, send an email notification to the email address associated with your account.
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your data. Your continued use of the Service after any changes to this Privacy Policy constitutes your acceptance of the updated policy.
12. Contact Information
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
A1-Soft Company
Email: support@queue.a1-soft.com
Website: A1Queue
For data protection and GDPR-specific inquiries, please include "Privacy Request" or "GDPR Request" in the subject line of your email to help us route your request appropriately.