Certificate Expiration and Retention Window

Feature snapshot

Summary:
TrustedForm Certificates follow defined expiration and retention rules that determine how long a certificate remains available for operations (Retain, Verify, Insights) and how long retained copies are stored.

Key benefits:

• Understand exactly how long certificates remain usable.
• Identify when expiration is automatic and when extensions occur.
• Manage long-term storage through configurable retention policies.
• Reduce confusion about why a certificate may no longer be accessible.

Typical use cases:

• Determining whether a certificate can still be retained or verified.
• Troubleshooting why a certificate appears expired or unavailable.
• Ensuring long-term compliance with custom retention windows.
• Confirming expected behavior for submitted vs. unsubmitted leads.

How the certificate expiration and retention window works

Step-by-step instructions

1. Review the default expiration window.
   Certificates expire 3 days after creation unless they are extended.
   Once expired, the original certificate is deleted and can no longer be used for Retain, Verify, or Insights.

2. Understand when expiration is extended.
   If TrustedForm confirms that the consumer actively submitted the form, the certificate is extended to 90 days from the date of creation.

3. Account for automatic behavior.
   Approximately 80% of certificates (those acknowledged to contain submitted leads) are extended automatically.
   The extension process begins at least 15 minutes after the lead submission to ensure all activity is captured.

4. Be aware of scenarios where extensions may not occur.
   Certificates may fail to extend when:

   • The form format prevents the submit event from being captured.
   • The certificate is generated from a source like Facebook lead ads, which always uses a fixed 12-week retention window.
   • The submit event is not detected even though the user submitted the form.

5. Check how long retained certificates are stored.
   Once retained, certificates are stored for 5 years by default under your account’s retention policy.

6. Adjust retention policies if needed.
   To request a retention window shorter or longer than 5 years, contact ClientSuccess@activeprospect.com.

Expected result:
You’ll know exactly how long certificate operations are available and how long retained copies remain stored.

Why certificates may become unavailable

Certificates can become inaccessible for two separate reasons:

1. Expiration

   • If not retained, certificates are deleted after:
     • 3 days (default expiration)
     • 90 days (if submit event is detected)

2. Storage aging

   • Even retained certificates are permanently deleted once they exceed your account’s storage retention limit (default: 5 years).

After expiration, retained copies remain viewable but cannot be used for operations such as Retain, Verify, or Insights.

Retention policy settings & customization

• Every new account is configured with a 5-year storage retention policy.
• You can view your current retention setting in the Settings tab of your TrustedForm account.
• To request a customized retention period (longer or shorter than 5 years), contact:
  ClientSuccess@activeprospect.com

Caveats

• Certificate expiration cannot be used reliably to avoid purchasing aged leads.
• Certain form formats prevent Certify from detecting submit events.
• If a certificate isn’t extended, it doesn’t automatically mean a submission didn’t occur.
• Certificate extensions do not happen immediately; allow at least 1 hour after creation before assuming it will not extend.
• Facebook lead ads certificates always use a 12-week retention window.

Validation & monitoring

• Check for submit events:
  View a certificate’s Event Log and look for a "submitted form" event.
  Its presence indicates a successful submit event capture.

• Monitor expiration timestamps:
  Visit any certificate URL; the interface will show its scheduled deletion time.

Best practices

• Add Consent Tags to your submit button to help Certify capture submit events and extend certificates reliably.
• Wait at least one hour after certificate creation before checking whether an extension occurred.
• Have vendors or partners contact our support team if certificates fail to extend as expected.
• Retain certificates promptly if you need long-term visibility.

Troubleshooting

Frequently Asked Questions (FAQ)

How can I avoid reaching out to old leads that weren’t generated recently?
Check the lead age directly on TrustedForm Certificates.

How can I tell if Certify is detecting submit events?
Open a certificate → view the Event Log → search for "submitted form".

What can I do to ensure my certificates get extended?
Add Consent Tags to your submit button. If issues persist, contact our support team.

I just received a certificate and it says it will be deleted in 2 days. Is the feature working?
Wait at least one hour. If the extension hasn’t applied, have your vendor contact support.

Glossary