Last updated: May 6, 2026
By creating an account or signing in to ManageMyCert ("the Service"), you agree to the following terms.
The Service is operated by the ManageMyCert nonprofit team and is provided free of charge. We may accept donations and sponsorships but no feature is gated behind payment.
You retain ownership of all data you submit (domains, certificates, alert templates). We use it solely to provide the Service: monitoring, alerting, renewing and deploying certificates as you instruct.
If you provide SSH keys or notification gateway credentials (SMTP, Twilio, Slack), they are encrypted at rest with a per-deployment AES-256-GCM key and used only to connect to the hosts you have specified.
You may only monitor domains and deploy to hosts that you own or have explicit permission to operate. Domain ownership is verified via DNS challenge before monitoring starts, and re-verified periodically. Abuse of the Service to scan third-party infrastructure is prohibited.
The Service is provided "as is". While we work hard to detect and prevent expiry incidents, you remain responsible for the availability of your sites.
You may close your account at any time from Settings. We may suspend accounts that violate these terms.
Last updated: May 6, 2026
We collect: your email and Firebase UID; the domains you register; certificate metadata we observe; activity logs; and notification gateway settings you configure. We do not run third-party trackers, advertising pixels, or analytics that identify individual users. Aggregate, anonymous traffic stats may be collected for capacity planning.
For organizations needing a Data Processing Agreement, please email legal@managemycert.org with your company details and we'll send you a counter-signed DPA within two business days.
