Privacy Policy

Introduction

CertPulse ("we", "us", "our", or "Company") operates as a certificate lifecycle intelligence platform. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you use our website and services, including all related applications, software, and tools.

Please read this Privacy Policy carefully. By accessing or using CertPulse, you acknowledge you have read, understood, and agree to be bound by all the terms of this Privacy Policy. If you do not agree with our policies and practices, please do not use our Services.

Information We Collect

Information You Provide Directly

When you create an account, subscribe to our services, or communicate with us, we collect information such as your name, email address, organization name, phone number, mailing address, billing information, and any other details you voluntarily provide. This includes data you enter when configuring certificate monitoring, setting up integrations with certificate authorities, or submitting support requests.

Certificate and Infrastructure Data

Our platform collects and processes certificate metadata including domain names, certificate fingerprints, issuance dates, expiration dates, issuer information, subject alternative names (SANs), and public key details. We also collect information about your infrastructure endpoints, including IP addresses, hostnames, ports, and TLS protocol versions for the purpose of continuous certificate monitoring and validation.

Automatically Collected Information

When you interact with our website and services, we automatically collect certain information including your IP address, browser type and version, operating system, referral source, pages visited, time spent on pages, and click patterns. We use cookies, web beacons, and similar tracking technologies to collect this information.

How We Use Your Information

We use the information we collect for multiple purposes:

• Service Delivery — To provide, maintain, and improve our certificate monitoring and renewal services, including troubleshooting, technical support, and account management.
• Monitoring and Analytics — To conduct continuous TLS handshake validation, certificate chain verification, and expiration tracking across your infrastructure. All analysis is performed server-side; raw certificate data never leaves our secure infrastructure.
• Communication — To send you service-related announcements, certificate expiration alerts, renewal reminders, security notifications, and responses to your inquiries.
• Compliance and Legal — To comply with applicable laws, regulations, legal processes, and legitimate government requests. To establish, exercise, or defend legal claims.
• Fraud Prevention — To detect, investigate, and prevent fraudulent transactions, abuse, and unauthorized access to our platform.

Information Sharing and Disclosure

We do not sell, rent, lease, or otherwise disclose your personal information to third parties for their marketing purposes. However, we may share information in the following circumstances:

• CA Integrations — When you authorize CertPulse to interact with certificate authorities (Let's Encrypt, DigiCert, Sectigo, etc.), we transmit domain ownership proof and certificate metadata to those CAs as necessary to complete renewal requests.
• Service Providers — We engage third-party service providers who assist us in providing our Services (e.g., hosting providers, payment processors, analytics providers). These providers are contractually bound to use your information only as necessary to provide services to us.
• Legal Compliance — We may disclose information when required by law, court order, or government authority, or when we believe in good faith that disclosure is necessary to protect our legal rights, your safety, or the safety of others.
• Business Transfer — In the event of a merger, acquisition, asset sale, bankruptcy, or other business transition, your information may be transferred as part of that transaction. We will notify you of any such change and any choices you may have.

Data Retention

We retain your personal information for as long as necessary to provide our Services and fulfill the purposes outlined in this Privacy Policy. Certificate metadata and monitoring history are retained for 90 days by default, with extended retention available for audit and compliance purposes. Account information is retained until you request deletion or your account is terminated. After account termination, we retain information as required by law or for legitimate business purposes (e.g., fraud prevention).

Security Measures

We implement comprehensive security measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include encryption of data in transit (TLS/SSL) and at rest (AES-256), access controls limiting data exposure to authorized personnel only, regular security audits and penetration testing, and compliance with SOC 2 Type II standards. However, no security system is impenetrable. We cannot guarantee absolute security of your information.

Your Privacy Rights

Depending on your jurisdiction, you may have certain rights regarding your personal information:

• Access — You have the right to request access to the personal information we hold about you.
• Correction — You have the right to request that we correct inaccurate or incomplete personal information.
• Deletion — You have the right to request deletion of your personal information, subject to certain legal exceptions.
• Data Portability — You have the right to request a copy of your information in a portable, machine-readable format.
• Withdrawal of Consent — Where we process information based on your consent, you have the right to withdraw that consent at any time.

To exercise any of these rights, contact us at [email protected] with the subject line "Privacy Rights Request" and specify your request.

International Data Transfers

CertPulse operates from the United States. Your information may be transferred to, stored in, and processed in the United States and other countries, which may have data protection laws different from your country of residence. By using our Services, you consent to the transfer of your information to countries outside your country of residence, which may have different privacy rules and standards.

Third-Party Links

Our website may contain links to third-party websites and services that are not operated by us. This Privacy Policy does not apply to third-party websites, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services before providing your information.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

CertPulse Privacy Team
Email: [email protected]
Phone: +1-415-555-0198
Mailing Address: 123 Market St, San Francisco, CA 94105