GDPR Compliance Policy

Updated Oct 22, 2024

Introduction

VerifiedEmail, LLC ("VerifiedEmail", "we", "us", "our") is committed to fulfilling our responsibilities under the European Union’s General Data Protection Regulation ("GDPR"). As a data controller and processor, we are committed to the lawful collection, retention, use, and protection of personal data from EU data subjects. VerifiedEmail is also registered with the EU-US Data Privacy Framework (DPF) Program.

Our primary goal is to deliver the industry's leading email verification system while ensuring the utmost security of your data. The data we handle is used strictly for providing our email verification services and is protected by advanced encryption, maintaining strict data security and integrity throughout all processes.

Principles of Data Processing

Our data processing adheres to GDPR principles, ensuring:

  • Lawfulness, Fairness, and Transparency: Data is processed legally, fairly, and transparently in relation to the data subject.
  • Purpose Limitation: Data is collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
  • Data Minimization: Adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
  • Accuracy: Data is accurate and kept up to date; every reasonable step must be taken to ensure that personal data that is inaccurate, considering the purposes for which they are processed, is erased or rectified without delay.
  • Storage Limitation: Data is kept in a form which permits identification of data subjects for no longer than necessary for the purposes for which the personal data are processed.
  • Integrity and Confidentiality: Data is processed in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

Data Subject Rights

  • Right to Access: Data subjects have the right to access their personal data and information about how this data is being processed.
  • Right to Rectification: Data subjects have the right to correct inaccurate or incomplete data.
  • Right to Erasure (Right to be Forgotten): Data subjects can request the deletion of their data when it is no longer necessary.
  • Right to Restrict Processing: Data subjects may request that processing of their data be restricted.
  • Right to Data Portability: Data subjects can request their data in a structured, commonly used, and machine-readable format.
  • Right to Object: Data subjects can object to the processing of their personal data.
  • Rights in Relation to Automated Decision Making and Profiling: Data subjects have the right to not be subject to a decision based solely on automated processing.

Data Protection Measures

We implement stringent technical and organizational measures to protect personal data against unauthorized access, alteration, or destruction.

Data Breach Response

Our procedures include immediate breach detection, reporting, and investigation to mitigate any potential impacts.

Data Protection Officer (DPO)

Contact details for our DPO, responsible for overseeing GDPR compliance, are available for inquiries.

Personal Data We Collect

  • Account Data: Names, addresses, email addresses.
  • Service Usage Data: We may keep records of your interactions with our Services to improve functionality and user experience. This includes tracking how you use our Services and which features you interact with.
  • Correspondence Data: We may process information contained in or relating to any communication that you send to us directly, such as emails or messages and are stored to help resolve any issues you might have and to improve customer service.. The Correspondence Data may include the communication content and metadata associated with the communication.
  • Payment Data: All payments and payment information on our site is handled through FastSpring which is fully PCI DSS compliant. PCI DSS is the global standard for safeguarding financial transaction data. No customer financial information is ever stored within our computer systems.
  • Authentication Data: Usernames, passwords, and other data used for verifying user identity.
  • Other Information: Any other information users choose to provide.

Using Personal Data

We might use your personal data:

  • To create and manage your account, authenticate users, communicate with users, to fulfill and manage your orders, payments, returns, provide customized services, ensure the security of our site, manage our customer relationships, and comply with legal obligations.
  • To communicate with you about any updates, promotions, to perform analytics on service usage patterns, assess the effectiveness of our marketing campaigns, and conduct market research.
  • For any other purpose, with your consent only.

Sharing Personal Data

  • To comply with legal requirements or protect our rights.
  • With affiliates, business partners, and service providers when necessary to provide services.
  • In the event of a business transfer, such as a merger or acquisition.

We do not sell, rent, or trade your personal information with third parties for their promotional purposes.

Data Retention

Personal data is retained only as long as necessary to fulfill the purposes for which it was collected or as required by law. Still, we will quickly honor your data request removal anytime.

Data uploaded by you to the VerifiedEmail system will be deleted after 60 days from the time of upload, unless deleted sooner by the user.

International Data Transfers

Operating internationally, and providing you with relevant services through our resources and servers around the globe, it is essential that we transfer your Personal Information across borders. Your Personal Information is processed on the computer servers in the United States of America on which our Services are hosted. In some cases, we may transmit your Personal Information to third party data processors only for the purposes set forth in this Privacy Statement.

In compliance with applicable data protection laws, we have implemented standard contractual clauses to ensure the lawful cross-border transfer of personal information.

Changes to this Policy

We may update this policy and will notify users of significant changes through our website or via email.

Contact Information

For any questions or concerns about our GDPR compliance, please contact us at hello@verified.email.