Cookie Policy

This policy explains what cookies are, which ones we use on the SSLs For Free platform, why we use them, and how you can control or remove them.

Last Updated: March 11, 2026  |  Effective Date: March 11, 2026

1. What Cookies Are

Cookies are small text files that are placed on your device (computer, smartphone, or tablet) when you visit a website. They are widely used to make websites work correctly, operate more efficiently, and to provide usage information to website operators.

Cookies serve several important functions:

  • Session Management: Keeping you logged in as you navigate between pages and remembering your preferences during a browsing session.
  • Personalization: Storing your settings and preferences so they persist across visits.
  • Analytics: Helping website operators understand how visitors interact with their site, which pages are most visited, and where users encounter difficulties.
  • Security: Helping to identify and prevent fraudulent activity and protect the integrity of the services you use.

Cookies can be session cookies (which are deleted when you close your browser) or persistent cookies (which remain on your device for a specified period or until you delete them). They can also be first-party cookies (set directly by our website) or third-party cookies (set by external services we use).

Similar technologies include web beacons (tiny transparent images embedded in pages or emails to track activity), local storage, and session storage. This policy covers all such technologies where applicable.

2. Types of Cookies We Use

SSLs For Free uses the following categories of cookies. We describe each category and the specific purpose it serves on our platform below:

We have designed our cookie use to be minimal and purposeful. We do not use advertising or tracking cookies for third-party ad targeting.

3. Essential Cookies

Essential cookies are strictly necessary for our Website and Services to function. Without these cookies, core features of the platform — such as logging in, generating SSL certificates, or submitting domain validation requests — would not work correctly.

Because they are essential, these cookies cannot be disabled through our cookie preference settings. You can disable them through your browser settings, but doing so may cause parts of the site to stop working.

Essential Cookies We Use

  • Session Cookie (PHPSESSID or equivalent):
    Purpose: Maintains your login session and preserves your state as you navigate through multi-step SSL certificate request forms.
    Type: Session cookie — deleted when you close your browser.
    Set by: SSLs For Free (first-party).
  • CSRF Protection Token:
    Purpose: Protects forms (such as domain validation requests, contact forms, and account forms) against Cross-Site Request Forgery (CSRF) attacks. This is a critical security measure.
    Type: Session cookie — deleted when you close your browser.
    Set by: SSLs For Free (first-party).
  • Cookie Consent Preference (cookie_consent):
    Purpose: Stores your cookie consent choice (accepted/declined) so we do not show the consent banner on every page visit.
    Type: Persistent — stored for 12 months.
    Set by: SSLs For Free (first-party).
  • Authentication Token (auth_token):
    Purpose: Securely identifies your authenticated account session after you log in, allowing you to access your certificate dashboard without re-entering credentials on each page.
    Type: Persistent — stored for the duration of your "remember me" preference (up to 30 days) or deleted upon logout.
    Set by: SSLs For Free (first-party).

4. Analytics Cookies

Analytics cookies help us understand how visitors use our Website and SSL tools. This data is used in aggregate form to improve the user experience, identify popular features, and understand where users encounter difficulties.

We use analytics cookies only with your consent, which you can provide or withdraw through our cookie consent banner or your browser settings.

Analytics Cookies We Use

  • Google Analytics (_ga, _ga_*, _gid):
    Purpose: Collects anonymized data about how users navigate our Website, including which pages are visited, how long users stay on each page, which SSL tools are used most, and the general geographic region of visitors.
    Type: Persistent. _ga is stored for up to 2 years; _gid is stored for 24 hours.
    Set by: Google (third-party). Governed by Google's Privacy Policy.
    IP Anonymization: We have enabled IP anonymization in our Google Analytics configuration, ensuring that no full IP addresses are transmitted to Google.

You can opt out of Google Analytics tracking across all websites by installing the Google Analytics Opt-out Browser Add-on.

5. Performance Cookies

Performance cookies help us optimize the speed, stability, and reliability of our platform. They collect information about how our Website and tools load and perform across different devices, browsers, and network conditions.

The data collected by performance cookies is used solely for technical optimization and is not linked to your personal identity.

Performance Cookies We Use

  • Cloudflare Performance & Security Cookies (__cflb, cf_clearance):
    Purpose: These cookies are set by Cloudflare, our Content Delivery Network (CDN) and DDoS protection provider. They help route traffic efficiently to the nearest server, reduce page load times, and distinguish legitimate user traffic from automated bots.
    Type: Session and persistent (duration varies, typically from session to 1 year).
    Set by: Cloudflare (third-party). Governed by Cloudflare's Privacy Policy.
  • Load Balancer Cookie:
    Purpose: Used internally to ensure your session is consistently directed to the same server during multi-step operations, such as the SSL generation wizard or domain validation flow.
    Type: Session cookie — deleted when you close your browser.
    Set by: SSLs For Free (first-party).

6. Managing Your Cookie Preferences

You have several options for controlling how cookies are used when you visit SSLs For Free:

6.1 Our Cookie Consent Banner

When you first visit our Website, a cookie consent banner will appear. You can use this banner to accept or decline non-essential cookies (analytics and performance cookies). Essential cookies cannot be disabled through this banner as they are required for the site to function.

You can update your preferences at any time by clearing your browser cookies and revisiting our Website (the banner will reappear), or by contacting us at privacy@sslsforfree.com.

6.2 Browser Settings

Most web browsers allow you to control cookies through their settings. You can configure your browser to:

  • Block all cookies.
  • Block only third-party cookies.
  • Delete all existing cookies.
  • Alert you before a cookie is stored.

Instructions for managing cookies in popular browsers:

  • Google Chrome: Settings → Privacy and Security → Cookies and other site data.
  • Mozilla Firefox: Settings → Privacy & Security → Cookies and Site Data.
  • Apple Safari: Preferences → Privacy → Manage Website Data.
  • Microsoft Edge: Settings → Cookies and site permissions → Cookies and site data.
Note: Blocking essential cookies through browser settings will impair the functionality of our SSL certificate platform, including the ability to log in, submit domain validation requests, and complete multi-step certificate generation.

6.3 Do Not Track

Some browsers support a "Do Not Track" (DNT) signal. We respect DNT signals where technically feasible. When a valid DNT signal is detected, we will not activate non-essential analytics or tracking cookies during that session.

7. Third-Party Cookies

Certain cookies on our platform are set by third-party services that we use to operate, analyze, and protect our Website. These third-party cookies are governed by the respective third party's own privacy and cookie policies, not by ours.

The third parties that may set cookies through our platform include:

  • Google LLC (Google Analytics)
    Purpose: Website analytics and usage reporting.
    Policy: Google Privacy Policy
  • Cloudflare, Inc.
    Purpose: CDN, performance optimization, DDoS protection, and bot detection.
    Policy: Cloudflare Privacy Policy

We carefully evaluate all third-party services before integrating them and require that they adhere to appropriate data protection standards. We do not permit third-party advertising networks to set tracking or behavioral targeting cookies on our platform.

If you access external links from our Website (for example, links to Let's Encrypt, ZeroSSL, or DigitalHubz), those external websites have their own cookie policies which we have no control over. We recommend reviewing the cookie policy of any external website you visit.

8. Updates to This Cookie Policy

We may update this Cookie Policy from time to time to reflect:

  • Changes to the cookies or technologies we use on our platform.
  • New third-party service integrations.
  • Changes in applicable cookie and data protection laws (such as updates to ePrivacy Directive or GDPR guidance).

When we make material changes, we will update the "Last Updated" date at the top of this page and, where required by law, re-request your consent for any new non-essential cookies. We encourage you to revisit this page periodically to stay informed about how we use cookies.

If you have any questions about our use of cookies or this Cookie Policy, please contact us:

For more details on how we handle your personal data more broadly, please refer to our Privacy Policy.