Privacy Policy

Last updated: December 2025

At CertWatch, we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our SSL certificate monitoring service.

Information We Collect

Account Information

When you create an account, we collect:

  • Email address
  • Name (optional)
  • Organization name
  • Password (encrypted)

Certificate Data

When you add domains to monitor, we collect and store certificate metadata including:

  • Domain names and subdomains
  • Certificate expiration dates
  • Certificate issuer information
  • Certificate chain details
  • Public key information

Important: We never collect or store private keys. All certificate data we collect is publicly available information that can be obtained by connecting to your servers.

Usage Data

We automatically collect certain information when you use our service:

  • Log data (IP address, browser type, pages visited)
  • Device information
  • Usage patterns and feature interactions

How We Use Your Information

We use the information we collect to:

  • Provide and maintain our certificate monitoring service
  • Send you alerts about certificate expirations and issues
  • Process your transactions and manage your account
  • Improve and optimize our service
  • Communicate with you about updates, security alerts, and support
  • Comply with legal obligations

Data Storage and Security

Your data is stored securely using industry-standard encryption. We use the following measures to protect your information:

  • Encryption at rest and in transit (TLS 1.3)
  • Secure password hashing
  • Regular security audits
  • Access controls and authentication

Third-Party Services

We use the following third-party services to provide our service:

  • Supabase - Database and authentication
  • Vercel - Hosting and deployment
  • Resend - Email delivery for notifications

Each of these providers has their own privacy policy and maintains appropriate security measures.

Data Retention

We retain your data for as long as your account is active or as needed to provide you with our services. If you delete your account, we will delete your personal data within 30 days, except where we are required to retain it for legal purposes.

Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and associated data
  • Export your data in a portable format
  • Opt out of marketing communications

Cookies

We use essential cookies to maintain your session and preferences. We also use analytics cookies to understand how our service is used. You can control cookie preferences in your browser settings.

Children's Privacy

Our service is not intended for children under 13. We do not knowingly collect personal information from children under 13.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last updated" date.

Contact Us

If you have any questions about this Privacy Policy, please contact us at: