Privacy statement

Overview

This policy was written and approved by MetaCert’s leadership team to explain clearly how we handle your data and to ensure transparency about our practices.

MetaCert Inc. is rebuilding its digital presence to reflect the same transparency, accountability, and precision that guide our security products. The websites metacert.com and metacertprotocol.com are legacy properties that will soon be retired and replaced by the content we are creating for developer.metacert.com. This new site will become the trusted source for MetaCert’s developer tools, documentation, and updates.

During this transition, every system, service, website plugin, and component of our online infrastructure is being audited and improved. Our goal is to remove unnecessary dependencies, strengthen security, and simplify data handling across our website. Every change is documented internally to maintain a verifiable record of updates across infrastructure and policies.

We invite anyone who reviews our site or privacy practices to contact us if they identify flaws, omissions, or opportunities for improvement. All credible submissions will be evaluated and acted upon. MetaCert values openness and welcomes external expertise as part of our ongoing commitment to privacy and transparency.

While the website codebase is being modernised, our production infrastructure and core services remain enterprise-grade, hardened, and compliant with security best practices. Only the public-facing website is under revision. All production systems that power MetaCert products continue to operate securely and independently from these updates.

About MetaCert

MetaCert Inc. is incorporated in Delaware, United States. We develop technologies that authenticate web resources and protect people from phishing and fraud. Our products classify URLs in real time into three categories: verified, not verified, and classified as dangerous.

MetaCert’s browser extensions and apps operate within sandboxed environments that prevent untrusted web pages from accessing or modifying extension data. Each product follows strict security isolation models based on the browser or operating system frameworks that host them.

MetaCert’s privacy principles are consistent across all products and platforms: minimise data collection, retain nothing unnecessary, and ensure transparency in how every component functions.

MetaCert currently operates two main products:

  1. Link Verifier – an Apple iOS app with integrated Safari and Action Extensions.
  2. Cryptonite – a desktop browser extension for Chromium-based browsers such as Chrome, Microsoft Edge, Brave, and Opera.

Each product has its own onboarding process, data handling method, and technical architecture.

Products

Link Verifier

Link Verifier enables members to check whether a link is verified, unverified, or classified as dangerous before opening it. It also allows members to maintain a personal local safe list of trusted websites or accounts. These locally saved entries ensure that verified destinations are recognised automatically when opened in Safari. The safe list is stored entirely on the member’s device, never transmitted to MetaCert, and cannot be accessed remotely.

Paul Walsh, MetaCert’s founder, co-founded the global standard for content labeling at the W3C – the very concept of describing and classifying user accounts and web pages. That early work laid the foundation for trust on the internet long before phishing became the dominant threat.

He was also one of the first high-profile individuals to be impersonated by hackers, an experience that shaped his understanding of how fragile trust could be online.

MetaCert also holds patents that remain licensed today by the world’s top security vendors. Even as the company has moved beyond traditional detection, those patents still underpin anti-phishing and anti-malware technology inside the mobile apps people use every day. The fact that competitors continue to license MetaCert’s IP speaks to the depth of its innovation and credibility in the industry.

Where others stopped at detection, MetaCert went further. The company pioneered the concept of Zero Trust for web links – the idea that every link should be treated as untrusted until explicitly verified as legitimate. This shift from reactive to preventative is the first real upgrade in internet security in more than twenty years.

Paul’s career has been defined by anticipating where trust breaks down online, and building the frameworks to restore it. MetaCert and Link Verifier represents the culmination of that work: extending Zero Trust to the last unprotected frontier of the internet, the link itself.

Download and installation

Link Verifier is available exclusively from the Apple App Store. Once downloaded, it automatically integrates with the Share Sheet, Action Extension, and Safari Extension frameworks built into iOS. These frameworks are maintained and controlled by Apple, ensuring that only approved and sandboxed extensions can run on the device.

  • Share Sheet: The Share Sheet is the system menu that appears when a member taps the “share” or “more options” icon on iPhones or iPads. It’s the same interface that allows people to send content through apps like Messages, Mail, WhatsApp, or social media platforms. Link Verifier is added to this menu as an available action.
  • Action Extension: This Apple framework allows apps to perform specific actions on selected content, such as text or links, within other apps – without ever gaining access to the wider app data. When a member chooses “Check with MetaCert” from the Share Sheet, only the selected link is passed to the extension for verification. No other information is shared.
  • Safari Extension: Within Safari, Link Verifier integrates directly into the browser’s share menu and can be used to check links on webpages. Safari extensions are sandboxed, meaning they operate in a restricted environment with no access to private browsing data, stored passwords, or message content.

Once installed, Link Verifier becomes available in most apps that support Apple’s Share Sheet or open links through standard iOS frameworks. These include Messages, Mail, Gmail, Outlook, WhatsApp, Telegram, Discord, LinkedIn, X (Twitter), Facebook, Messenger, Safari, Chrome, Brave, Edge, and Firefox, as well as other apps that allow link sharing.

How Link Verifier works

  • The extension activates only when a member explicitly selects a link and chooses to check it with MetaCert.
  • The selected URL is securely transmitted to MetaCert’s API, where it is verified against MetaCert’s registry of verified URLs.
  • The API returns a simple classification result: verified, not verified, or classified as dangerous.
  • No message text, email body, webpage content, or other metadata is sent with the lookup – only the URL.
  • The extension does not run in the background, perform automatic scanning, or monitor any activity.
  • Onboarding uses Apple’s secure authentication system. MetaCert never receives Apple ID data, passwords, or device identifiers.

Logging and metadata

MetaCert maintains limited technical logs of API requests for operational integrity.

  • Logs record only timestamp, request type, and classification result.
  • Logs do not include message data, Apple account information, IP addresses, or behavioural details.
  • Logs are not linked to any individual or device.

Data storage and security

All communication between the extension and MetaCert’s API is encrypted in transit using HTTPS/TLS. Our infrastructure is hosted in secure, access-controlled environments. MetaCert stores no personal or identifiable data from Link Verifier members.

The design of Link Verifier ensures that only the URL submitted for checking is processed. Everything else – including the safe list – remains local, private, and under the member’s exclusive control.

MetaCert applies restrictive content security policies (CSPs) across all extensions to prevent loading untrusted external resources. All inputs are sanitised and validated to protect against injection or cross-site scripting attacks.

Cryptonite

Overview

Cryptonite is a separate browser extension available for Chrome, Edge, Brave, Opera, and other Chromium-based browsers. It operates independently of Link Verifier, with its own onboarding, subscription, and payment process.

Information collected

To manage subscriptions and provide member access, MetaCert collects:

  • First name
  • Email address
  • Payment details (processed securely by Stripe)

Payments are handled by Stripe, which is certified to PCI DSS Level 1. MetaCert never stores or has access to full credit card numbers or banking information.

Member account data (name, email, and billing status) is securely stored to enable:

  • Dashboard login
  • Subscription and payment management
  • Extension activation and deactivation
  • We also record limited technical metadata such as the browser type and extension version to ensure compatibility and troubleshoot errors. This information is not linked to individual accounts.

URL lookups

Cryptonite uses the same classification model as Link Verifier: verified, not verified, and classified as dangerous.

  • URL lookups are processed in aggregated, anonymised batches.
  • Requests cannot be traced back to individuals or devices.
  • No webpage content, email data, or browsing history is accessed.
  • The extension never reads or stores message content in Gmail, Outlook, or any other service.

Dashboard, onboarding and authentication

Members can log into their dashboard to manage billing or subscription preferences. Authentication is encrypted and follows current web security standards.
Onboarding communications and updates for Cryptonite are sent using Mailchimp and SendGrid. Email addresses collected during signup are stored securely for account-related notifications and product updates.

When a member uninstalls Cryptonite, a Typeform feedback form may load. Completing this form is optional and voluntary. Responses are used to improve the product and are not linked to user accounts unless the respondent chooses to include identifying information such as their email address.

When a member cancels their subscription, associated personal data is deleted once it is no longer required for billing, support, or legal record retention.

Shared practices across MetaCert products​

No data resale

MetaCert does not sell, rent, or trade personal or behavioural data. Information is used only for legitimate operational and marketing purposes directly related to MetaCert products and services.

Data minimisation

Our systems are designed to collect only what is essential for verification, billing, and communications. Both products operate without persistent personal data beyond what is necessary for secure functionality.

Security and reliability

MetaCert’s infrastructure follows a Zero Trust security model: every system and request must be verified before it is trusted. All environments use encryption, continuous monitoring, and strict access control.

Breach notification

In the event of a data breach, MetaCert will notify affected individuals and relevant authorities without undue delay, following applicable laws including GDPR and US state data breach requirements.

Website analytics​

developer.metacert.com currently operates on a temporary WordPress environment with standard plugins such as Elementor, BetterDocs, and Template Library. These may load small external resources like fonts or scripts, which can expose minimal diagnostic data such as IP addresses to content delivery networks.

MetaCert does not intentionally use tracking cookies or analytics tools. Any incidental data processing is covered under each provider’s own privacy policy. We are progressively replacing such components with privacy-neutral alternatives.

Cookies that are strictly necessary for security or site functionality may still be deployed but never for profiling or advertising.

Legacy analytics: Historical use of tools such as Google Analytics or Wistia on older domains has been discontinued. These tools were used only for anonymous traffic measurement and never connected to MetaCert services, product telemetry, or user profiling. No tracking cookies are deployed without explicit consent.

Font and CDN dependencies: The current build may still load font assets from Google Fonts or other public CDNs. These requests are handled directly by the user’s browser and are being phased out in favour of locally hosted versions to remove third-party exposure.

Contact forms and communication

If you contact MetaCert via web forms or email links, your message may be relayed through MailTrap, a secure service used to manage form submissions and inbound contact messages from websites. MailTrap temporarily stores sender information (including email addresses when users do not choose Apple’s “Hide My Email” option) for delivery and logging purposes. This data is deleted in accordance with MailTrap’s retention settings once processed.

Messages sent to hello@metacert.com are stored in encrypted inboxes operated by Fastmail, which maintains compliance with modern privacy standards.

MetaCert may use collected email addresses to communicate product updates, security information, and promotional messages relating to MetaCert services. Recipients can unsubscribe from marketing communications at any time using the link provided in each email.

Hosting and subprocessors

MetaCert’s operational systems are hosted in secure environments managed by Microsoft Azure and Amazon Web Services (AWS) within the European Union. These providers maintain certifications including ISO 27001, SOC 2, and GDPR compliance frameworks.

Development and pre-production systems are managed separately and do not contain live user data. Access to any production system is limited to authorised MetaCert staff via multi-factor authentication.

Data originating in the European Union remains within the European Union. Access to production systems is restricted to authorised staff in the EU and United States only.

MetaCert’s known service providers at this stage are:

Microsoft Azure (EU) – primary infrastructure and API hosting.

GitHub – source code hosting, version control, and automated deployment pipelines for MetaCert software.

Amazon Web Services (EU) – redundancy, content hosting, and backups.

Stripe – subscription and payment processing.

Mailchimp – onboarding, product updates, and marketing communication.

SendGrid – transactional and onboarding email delivery.

MailTrap – handling of website contact forms.

Typeform – voluntary uninstall feedback collection.

All subprocessors are reviewed for security and compliance before use. No advertising networks, tracking pixels, or behavioural profiling tools are used.

Contact and feedback​

MetaCert welcomes collaboration in maintaining a transparent and trustworthy ecosystem. If you believe any aspect of our privacy practices can be improved, or you identify potential oversights, please contact our team at hello@metacert.com. Submissions are reviewed by our engineering and compliance teams.

For GDPR-related requests, including data access or deletion, please use the same address with “GDPR Request” in the subject line.

This statement will continue to evolve as we refine our systems. Each update will be timestamped for public reference.

For all data protection enquiries, you may also contact MetaCert’s primary supervisory authority, the Berlin Commissioner for Data Protection and Information Freedom (Berliner Beauftragte für Datenschutz und Informationsfreiheit), Friedrichstr. 219, 10969 Berlin, Germany.