Privacy Policy

Data We Collect

• Domain names you submit for certificate generation
• Temporary certificate data (private keys, certificates) during the issuance process
• Basic request metadata (IP address, timestamp) for rate limiting

Data Retention

• All certificate data (including private keys) is automatically purged within 24 hours of generation
• We do not store your certificates or keys permanently
• Rate limiting data is held in memory only and cleared on service restart

What We Retain for Analytics

We retain non-sensitive domain request metadata in an audit log indefinitely for usage analytics and service improvement. This metadata includes:

• Domain name requested (not private keys)
• Certificate type (single, wildcard, multi-domain)
• Country (derived from IP via Cloudflare, ISO country code only)
• Timestamp
• Success or failure status (and failure reason if applicable)

We never retain private keys, certificates, CA bundles, email addresses, IP addresses, or any other personal information beyond the 24-hour purge window described above. The metadata we retain contains no personally identifiable information and is used only to understand aggregate usage patterns, measure reliability, and prioritize which SSL-related content to create.

Data Sharing

• Domain names are shared with Let's Encrypt as part of the ACME protocol
• Issued certificates are logged to public Certificate Transparency logs
• We do not sell, share, or transfer your data to any other third party

Cookies & Tracking

We do not use cookies, analytics trackers, or any third-party tracking scripts.

Security

All communication with our service is encrypted via HTTPS. Private keys are transmitted over encrypted connections and automatically purged from our servers.

Contact

For privacy-related inquiries, please email privacy@freesslcert.net.