CertGuard Logo
CertGuard

Privacy Policy

Last Updated: November 13, 2025

1. Introduction

CertGuard ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our SSL certificate monitoring and website uptime monitoring service (the "Service").

By using CertGuard, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our Service.

2. Information We Collect

2.1 Information You Provide to Us

When you register for an account or use our Service, we collect:

  • Account Information: Email address, name, password (encrypted)
  • Billing Information: Payment details processed securely through Stripe (we do not store credit card numbers)
  • Profile Information: Organization name, subscription tier, preferences
  • Contact Information: Information you provide when contacting support

2.2 Monitoring Data You Configure

To provide our monitoring services, we collect and process:

  • Domain Names and URLs: Websites and domains you choose to monitor
  • SSL Certificate Data: Certificate expiry dates, issuers, fingerprints, serial numbers, subject alternative names, and chain information
  • Website Performance Data: Response times, HTTP status codes, uptime metrics, IP addresses
  • Alert History: Records of alerts sent, acknowledgments, and incident logs
  • Integration Configurations: Webhook URLs, Slack channels, Microsoft Teams webhooks, email addresses for notifications

2.3 Automatically Collected Information

When you access our Service, we automatically collect:

  • Usage Data: Pages visited, features used, time spent, actions performed
  • Device Information: Browser type, operating system, device type, IP address
  • Authentication Data: Supabase authentication tokens and session management (handled by Supabase)
  • Log Data: Server logs including timestamps, API calls, error messages

2.4 AI Chat Interactions

If you use our AI chatbot support feature, we collect your questions, conversation history, and responses to improve our service. Chat data is associated with your account and may be reviewed for quality assurance and training purposes.

3. How We Use Your Information

We use your information to:

  • Provide, operate, and maintain our monitoring services
  • Monitor your SSL certificates and websites as configured by you
  • Send you alerts and notifications about certificate expiry, downtime, and performance issues
  • Process your payments and manage your subscription
  • Respond to your support requests and customer service inquiries
  • Send you important service updates, security alerts, and administrative messages
  • Improve our Service based on usage patterns
  • Detect, prevent, and address technical issues, fraud, and security vulnerabilities
  • Comply with legal obligations and enforce our Terms and Conditions

4. How We Share Your Information

We Never Sell Your Data

CertGuard will never sell, rent, or trade your personal information to third parties for their marketing purposes.

We only share your information in the following circumstances:

  • Service Providers: We share data with trusted third-party service providers who help us operate our Service:
    • Supabase (database and authentication hosting)
    • Vercel (application hosting)
    • Stripe (payment processing)
    • Microsoft Graph (email delivery for alerts)
    • Google Gemini/OpenAI (AI chat assistance)
  • Integrations You Configure: When you set up integrations, we send monitoring data to:
    • Slack (if you configure Slack notifications)
    • Microsoft Teams (if you configure Teams notifications)
    • Webhooks (to URLs you specify)
    • Email addresses you provide
  • Legal Requirements: We may disclose your information if required by law, subpoena, court order, or government regulation, or to protect our rights, property, or safety.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.
  • With Your Consent: We may share your information for purposes not listed here with your explicit consent.

5. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: All data transmitted between your browser and our servers is encrypted using TLS/SSL
  • Password Protection: Passwords are hashed and encrypted using bcrypt
  • Access Controls: Limited employee access to personal data on a need-to-know basis
  • Database Security: Our database is hosted on secure infrastructure with regular backups
  • Regular Audits: We conduct security reviews and vulnerability assessments
  • Incident Response: We have procedures in place to respond to security breaches

However, no method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

6. Data Retention

We retain your information for as long as necessary to:

  • Provide you with our Service while your account is active
  • Comply with legal obligations (e.g., billing records for tax purposes - retained for 7 years)
  • Resolve disputes and enforce our agreements

Account Deletion: When you delete your account, we will remove your personal information within 30 days, except for data we are legally required to retain.

7. Your Privacy Rights

Depending on your location, you may have the following rights:

Access and Portability

You can access and export your account data, monitoring configurations, and history through your dashboard.

Correction

You can update your account information, email, and preferences at any time in your account settings.

Deletion

You can delete your account at any time. Contact support@certguard.au to request complete data deletion.

Opt-Out

You can opt out of marketing emails by clicking "unsubscribe" in any email. You cannot opt out of service-related notifications (e.g., SSL expiry alerts - that's the purpose of our service!).

Object to Processing

You can object to certain data processing by contacting us, though this may limit your ability to use the Service.

To exercise any of these rights, please contact us at privacy@certguard.au. We will respond within 30 days.

8. Authentication and Session Management

We use Supabase for user authentication and session management. Supabase uses secure, HTTP-only cookies to maintain your login session. These cookies are essential for the Service to function and cannot be disabled.

We do not use tracking cookies, advertising cookies, or third-party analytics cookies. The only cookies used are those required by Supabase for authentication purposes.

9. Third-Party Services and Links

Our Service may contain links to third-party websites, services, or integrations (Slack, Microsoft Teams, etc.). We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies before providing them with your information.

10. Children's Privacy

CertGuard is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately at privacy@certguard.au.

11. International Data Transfers

CertGuard is based in Australia. Your information may be transferred to and processed in countries outside your country of residence. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable data protection laws.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by email or through a prominent notice on our Service at least 30 days before the changes take effect. Your continued use of the Service after changes become effective constitutes acceptance of the updated Privacy Policy.

13. GDPR and Data Protection Compliance

For users in the European Economic Area (EEA) and United Kingdom:

  • Legal Basis: We process your data based on contract performance, legal obligations, and legitimate interests
  • Data Controller: CertGuard is the data controller for your personal information
  • Right to Complain: You have the right to lodge a complaint with your local data protection authority
  • Data Protection Officer: For GDPR inquiries, contact dpo@certguard.au

14. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information we collect and how we use it
  • Right to delete personal information (subject to exceptions)
  • Right to opt-out of the sale of personal information (we do not sell your data)
  • Right to non-discrimination for exercising your privacy rights

To exercise these rights, contact us at privacy@certguard.au with "California Privacy Rights" in the subject line.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Privacy Team: privacy@certguard.au

Data Protection Officer: dpo@certguard.au

General Support: support@certguard.au

Address: Australia

Your Consent

By using CertGuard, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and disclosure of your information as described herein.

CertGuard - Professional SSL Certificate & Website Monitoring