Terms and Conditions of the SSLmentor Project
for the online sale of SSL/TLS, Code Signing, and S/MIME certificates, products, and services through the website located at www.sslmentor.com and www.sslmentor.eu.
Contents
- General Provisions
- Conclusion of the Contract and Payment Terms
- Rights and Obligations for SSL/TLS, Code Signing, and S/MIME Certificates
- Withdrawal from the Contract and Order Cancellation (Storno)
- Privacy Policy and Cookies
- Choice of Law and Dispute Resolution
- Final Provisions
I. General Provisions
- These General Terms and Conditions (hereinafter referred to as the "Terms and Conditions") of Web security s.r.o., with its registered office at Nové sady 988/2, 602 00 Brno, Czech Republic, Identification Number: 06927351, registered in the Commercial Register maintained by the Regional Court in Brno, Section C, Insert 105154 (hereinafter referred to as the "Seller"), regulate the mutual rights and obligations of the contracting parties arising in connection with or on the basis of a purchase contract or a service contract (hereinafter referred to as the "Contract") concluded between the Seller and the Customer through the online store at www.sslmentor.com and its language mutations.
- SSL/TLS certificates, S/MIME certificates, Code Signing certificates, and related services constitute digital content or a digital service delivered electronically.
- Definition of Customers:
- Company, Entrepreneur (B2B): A person who purchases products or services for the purpose of their business activity (must provide the Company ID / VAT ID in the order).
- Consumer (B2C): Any individual who, outside the scope of their business activity or independent profession, concludes a contract with the Seller or otherwise deals with them. Provisions regarding consumer rights apply only if the buyer is a consumer under the Civil Code.
- These Terms and Conditions form an integral part of the concluded Contract. By accepting these terms, the Customer confirms that they have familiarized themselves with these Terms, as well as with all components published at the unified address /ssl/tc-terms-and-policy, which form an indivisible whole with these Terms and Conditions:
- Money-Back Guarantee
- Privacy Policy
- Terms and Rules of Individual Certification Authorities (DigiCert, Sectigo, Certum)
- Administrative Procedures and Fees
II. Conclusion of the Contract and Payment Terms
- The web interface contains information about certificates and services, including prices, which are standardly stated excluding VAT. The total price, including the applicable VAT rate, is displayed in the order form before the order is completed.
- The presentation of services on the website is for informational purposes only, and the Seller is not obliged to conclude the Contract.
- To place an order, the Customer fills out the order form (identification of the domain, applicant, contact details, billing details, etc.).
- Completion of the Order: The order is submitted by clicking on the button which clearly indicates the obligation to pay ("New Order with payment obligation" or its international equivalent). The contractual relationship is established upon the confirmation (acceptance) of the order sent by the Seller to the Customer's email address.
- Where the transaction is subject to the reverse charge mechanism, the Customer shall be solely responsible for assessing, reporting, and accounting for any local VAT, sales tax, or import duties in their respective country in accordance with applicable local tax legislation.
III. Rights and Obligations for SSL/TLS, Code Signing, and S/MIME Certificates
- SSL/TLS, Code Signing, and S/MIME certificates serve to secure data and verify identity. Their issuance is subject to the rules and validation (verification) by the respective Certification Authority (DigiCert, Sectigo, Certum, and others as specified at /ssl/tc-terms-and-policy).
- The Seller is not a certification authority and cannot influence the decision of the certification authority to issue, reject, suspend, or revoke a certificate.
- The non-issuance of a certificate by the certification authority due to the Customer's failure to meet validation conditions or for reasons arising from the rules of the certification authority shall not be considered a defect in the provided service.
- The Customer is obliged to fully cooperate during the validation process and ensure the cooperation of the certificate applicant.
- The Customer is responsible for the accuracy of all data entered into the order, particularly for the correct entry of the domain name and identification data. Incorrectly entered data may lead to the rejection of the certificate by the certification authority or the need to issue a new certificate; any associated costs shall be borne by the Customer.
- The Customer is responsible for the secure storage of the private key. The loss or compromise of a private key does not constitute a defect in the provided service.
- The Seller bears no responsibility for damages resulting from the expiration of a certificate. The Customer is obliged to monitor the validity of the certificate and ensure its timely renewal.
- The Seller is not liable for damages caused by improper installation of the certificate, incorrect server configuration, loss of the private key, or violation of the certification authority's terms.
- The total liability of the Seller for damages arising in connection with the provided services is limited to the amount of the price paid by the Customer for the specific certificate or service from which the damage arose. This limitation shall not apply in the event of damage caused intentionally or through gross negligence by the Seller.
- The Customer is obliged to continuously monitor the email address provided in the order and follow the instructions sent by the Seller. Failure to follow instructions or failure to read the information delivered to the specified email address may lead to a delay in the validation, issuance, or management of the certificate, for which the Seller bears no responsibility.
- The Certification Authority may revoke (cancel) the certificate at any time for the following reasons:
- violation of the certification authority's rules and conditions,
- requirements by the CA/B Forum,
- a security incident,
- key compromise,
- detection of false data.
- The Customer may request the Seller to revoke the certificate at any time, for example, in the event of a private key compromise. Revocation is an irreversible process – once performed, the certificate immediately ceases to be trusted and cannot be restored. The Customer is not entitled to a refund of the paid price based on the revocation.
- Multi-year Orders: According to international rules, the maximum validity of a trusted certificate is limited. Multi-year certificates are therefore issued for the maximum allowable period with subsequent free renewals (so-called REISSUE) until the prepaid period is exhausted. The Customer is obliged to provide the cooperation necessary for the re-issuance (Reissue) or new validation of the certificate. The prepaid period cannot be shortened, and refunds for unused periods cannot be claimed.
- If the offered product allows it, the Customer can perform a free certificate renewal, a so-called REISSUE, in the administration area at any time during the validity of the order.
- The Seller communicates with the Customer exclusively electronically. The Seller provides the Customer with an online administration platform for management. The Seller may temporarily restrict the operation of the administration platform for maintenance purposes.
IV. Withdrawal from the Contract and Order Cancellation
- Digital Content and Exclusion from Withdrawal: SSL/TLS certificates, Code Signing certificates, S/MIME certificates, and related services are provided as digital content or digital services delivered electronically. The Customer explicitly requests the commencement of validation and the provision of the service before the expiry of any statutory withdrawal or cooling-off period applicable under the laws of their country of residence, and acknowledges that once the certificate has been issued, any statutory right to withdraw from the contract without giving a reason is lost in accordance with applicable law on digital content and services.
- Money-Back Guarantee: Beyond the scope of statutory rights, the Seller provides a 30-day money-back guarantee for selected certificates. The exact rules and the list of supported certificates/authorities are available in the "Money-Back Guarantee" document at /ssl/tc-terms-and-policy.
- Cancellation by the Seller: The Seller has the right to cancel the order if the certification authority refuses to issue the certificate due to technical, administrative, or security reasons.
- Cancellation for Customer Inactivity: If the Customer fails to provide cooperation, does not submit documents for validation, and the certificate is not issued within 60 days of the order, the Seller has the right to withdraw from the Contract and cancel the order. In such a case, the Customer will be charged an administrative fee specified at /ssl/tc-terms-and-policy.
- If the Seller refunds a payment to the Customer in cases where it does so on the basis of its voluntary Money-Back Guarantee or for other reasons not imposed by legal regulations, it is entitled to deduct the actual transaction fees charged by the payment gateway provider or payment service provider from the refunded amount.
V. International Clauses and Limitation of Liability (Global)
- Sanctions & Export Control: The Seller does not provide services, products, or certificates to individuals, companies, organizations, or countries that are subject to international sanctions imposed by the European Union, the United Nations (UN), or the United States of America (OFAC sanctions lists). If a violation of this clause is detected, the order will be cancelled immediately without any right to a refund.
- Limitation of Liability (for markets outside the EU): To the maximum extent permitted by applicable law, the Seller shall not be liable for any indirect, incidental, special, punitive, or consequential damages, loss of profits, loss of data, or business interruption (downtime) arising out of the use or inability to use the certificate, or as a result of any error or failure on the part of third parties (certification authorities). The Seller's total financial liability for any claims under the contract is limited to the amount verifiably paid by the customer for the specific certificate.
VI. Privacy Policy and Cookies
- The protection of the Customer's personal data is ensured in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council (GDPR). Due to the international nature of the services, the Customer acknowledges that data required for validation is transferred to certification authorities outside the EU (e.g., USA).
- The complete terms of personal data processing are separated from these Terms and Conditions and are available in a standalone document "Privacy Policy" at /ssl/tc-terms-and-policy.
- The use of cookies on the website is governed by the active consent of the user granted via the cookie banner on the website in accordance with EU legislation.
VII. Choice of Law and Dispute Resolution
- The Contract and all legal relationships arising from it are governed by the laws of the Czech Republic. The venue for disputes (excluding consumer disputes) is Brno, Czech Republic.
- Consumer Protection (EU/World): If the Customer is a consumer, the choice of Czech law does not deprive them of the protection afforded to them by provisions of the law of the country of their habitual residence, from which it is not possible to deviate by contract.
- Alternative Dispute Resolution (ADR):
- For Customers from the European Union (EU): In the event of a dispute that cannot be resolved directly, a consumer from the European Union has the right to turn to the competent alternative dispute resolution (ADR) body in their country of habitual residence. The current list of approved alternative dispute resolution bodies in individual member states can be found on the official website of the European Commission.
- Customers outside the EU may seek dispute resolution through applicable local consumer protection or arbitration bodies in their country of residence.
VIII. Final Provisions
- If any provision of these Terms and Conditions becomes invalid or ineffective, it shall not affect the validity of the remaining provisions.
- In the event of a conflict between these Terms and Conditions and the terms of the certification authority, the rules of the respective certification authority shall prevail in relation to the issuance, management, and revocation of the certificate.
- The Contract concluded through the online store is archived by the Seller in electronic format and is not publicly accessible.
- These Terms and Conditions come into effect on the day of their publication and replace all previous versions.
These Terms and Conditions are effective from July 1, 2026.
As of this date, all previous versions lose their validity.
