Privacy Policy

Last Updated: May 2026

🛡️ Security Core: "Security by Design" is our foundational principle. We strictly protect your data security at all levels.

This Privacy Policy outlines openly and transparently how CertificateHub (www.certificatehub.space) processes and guarantees your information when you visit and utilize our free online SSL certificate application, validity verification, and diagnostic tools. We are firmly committed to minimization of data collection and zero-retention architecture.

1. Data Collection and Usage

We believe in strict data minimization. To facilitate automated, secure operations across our ecosystem, processing occurs as follows:

Zero Cloud Storage for Private Keys: During SSL generation and key matching processes, all cryptographic key pairs (Private/Public Keys) and CSR (Certificate Signing Request) entries are executed in temporary, isolated runtime memory. We NEVER store, inspect, or backup your private keys on our cloud environment or backend databases. Cryptographic data is cleared instantly from memory upon session closure.
Automated CA Validation: To deliver automated Let's Encrypt DV certificates, we transmit strictly minimal validation tokens and domain descriptors to the trusted CA (Certificate Authority) over standard automated ACME protocols.
IP Address Lookup: Inputted IP criteria analyzed during ASN broadcasting lookup, Reverse DNS (PTR) evaluation, or proxy identification are query parameters evaluated instantly. Your search history is never maintained, indexed, or tracked.
System Infrastructure Logs: Like most web utilities, our system automatically tracks standard non-identifiable access markers (such as user-agents, query timestamps, paths, and metadata used for security rate-limiting). This log is compiled strictly to prevent automated API abuse, mitigate DDoS vectors, and ensure high stability.

2. Third-Party Services

We work with vetted third-party vendors and industry protocols to accelerate platform optimization:

Let's Encrypt (ISRG): Our structural partner for certificate processing. Information required for domain token verification conforms entirely to Let's Encrypt official repository privacy standards.
Google Analytics & GTM: Deployed solely for telemetry data regarding anonymized traffic flows, enabling us to measure layout effectiveness. Cryptographic materials, secure parameters, or Personally Identifiable Information (PII) are fundamentally excluded.
CDN & Security Networks: Applied to accelerate delivery of front-end components (CSS, JS bundles) and establish perimeter shielding under unified global compliance criteria.

3. Cookies

We use lightweight, fundamental cookies to support basic interactions (such as archiving your preferred localization toggle). You retain absolute authority to disable cookies via native browser dashboards, which will not diminish your capacity to build valid keys via our tools.

4. Your Rights, Custody, and Responsibility

Because CertificateHub implements a strict "Zero Storage by Design" operational layout, you hold absolute, unmediated custody over all generated public credentials and private keys. We strongly recommend immediate backup and encryption of downloaded private keys in local physical directories to prevent web startup bottlenecks or service failures.

5. Policy Updates

We may refresh this Privacy Policy periodically to accommodate modifications in certificate standard guidelines or technical parameters. New iterations take effect upon immediate release, indicated visually via the "Last Updated" timestamp atop this layout. We encourage periodic review when handling highly critical tasks.