Security & Privacy

At VanityCert, we understand that trust is our most important asset. We are committed to protecting your data and ensuring the security of your domains and SSL certificates.

This page provides an overview of our security practices.

How We Protect Your Data

General Data Protection

Your organizational data, user information, and domain configurations are stored in a secure, encrypted database. We follow industry best practices to ensure your data is protected from unauthorized access.

API Key Security

API keys are the password to your account and should be treated as such. To ensure their security:

• One-Time Display: API keys are shown to you only once upon creation. We do not store them in plaintext.
• Secure Storage: We store a cryptographically secure hash of your API key in our database. When you make an API call, we compare the hash of the key you provide with the hash we have stored.
• Your Responsibility: It is your responsibility to keep your API keys secure. Do not commit them to version control or expose them in client-side code.

SSL Certificate and Private Key Security

The private keys for your SSL certificates are the most sensitive piece of information we handle. Their security is our top priority.

• Encrypted Storage: All private keys are generated and stored securely in an encrypted format.
• Automated Management: Our system manages the entire lifecycle of your certificates automatically, from issuance to renewal, without ever exposing your private key.

Data Privacy and GDPR

We are committed to handling your personal data responsibly and in compliance with all relevant privacy regulations.

• Limited Data Collection: We only collect the information necessary to provide our service.
• GDPR Compliance: We are committed to GDPR standards and provide tools for managing your data.

For a detailed overview of how we handle and process your data, please refer to our full Privacy Policy and Terms of Service.