Legal

Privacy Policy

Last updated: June 1, 2026

This Privacy Policy explains how MachineCert (“MachineCert”, “we”, “us”) collects, uses, and protects information when you use our websites, products, and services. MachineCert is a certificate lifecycle management and machine identity platform operated by LogMeOnce.

This document is provided for general information and is not legal advice. Final published terms should be reviewed by counsel.

01Information we collect

  • Account and contact information you provide (name, business email, company, role).
  • Product usage and telemetry needed to operate and secure the service.
  • Certificate metadata you bring into the platform — subject, issuer, validity, key type, chain, and host. We do NOT collect or store private keys.
  • Standard log, device, and cookie data described in our Cookie Policy.

02How we use information

  • To provide, operate, secure, and improve the MachineCert platform.
  • To communicate with you about your account, support, and service updates.
  • To meet legal, regulatory, and contractual obligations.
  • We do not sell your personal information.

03Certificate data handling

  • MachineCert processes certificate metadata only. Private keys never leave your environment.
  • For on-premises, private cloud, and air-gapped deployments, data residency follows your chosen deployment model.
  • Discovery agents transmit metadata over encrypted channels and do not exfiltrate secrets.

04Data sharing & subprocessors

  • We share data only with subprocessors necessary to deliver the service, under contract and confidentiality.
  • A current list of subprocessors is maintained and available on request via the Trust Center.
  • We may disclose information where required by law.

05Security

  • Data is encrypted in transit (TLS 1.3) and at rest (AES-256).
  • Access is governed by least-privilege controls and audit logging.
  • See the Trust Center for our full security and infrastructure practices.

06Data retention

  • We retain information for as long as needed to provide the service and meet legal obligations, then delete or anonymize it.
  • You may request export or deletion of your data subject to applicable law and contractual terms.

07Your rights

  • Depending on your jurisdiction (including GDPR and CCPA), you may have rights to access, correct, delete, or port your data, and to object to certain processing.
  • To exercise these rights, contact us using the details below.

08International transfers

  • Where data is transferred across borders, we rely on appropriate safeguards such as standard contractual clauses.

09Changes to this policy

  • We may update this policy from time to time. Material changes will be communicated, and the “last updated” date will reflect the revision.

10Contact

  • Questions about privacy? Reach us through the Contact page or your account team.
Privacy PolicyTerms of ServiceData Processing AddendumCookie PolicyTrust Center