EmailVer

GDPR Compliance

How EmailVer protects your data rights under the General Data Protection Regulation.

Last updated: March 25, 2026

1. Our Commitment to GDPR

EmailVer is committed to complying with the General Data Protection Regulation (GDPR). We respect your privacy and give you control over your personal data. This page explains how we handle data in accordance with GDPR requirements.

2. Data Controller and Processor

When you use EmailVer to verify your own email lists, we act as a data processor on your behalf. You (our customer) are the data controller and are responsible for ensuring that the email addresses you submit for verification were collected with proper consent.

3. Lawful Basis for Processing

We process personal data under the following lawful bases:

  • Contract: To provide the email verification services you have requested
  • Legitimate interest: To improve our services, prevent fraud, and ensure security
  • Consent: For marketing communications, which you can opt out of at any time
  • Legal obligation: To comply with applicable laws and regulations

4. Your Rights Under GDPR

As a data subject in the EU/EEA, you have the right to:

  • Access: Request a copy of the personal data we hold about you
  • Rectification: Request correction of inaccurate or incomplete data
  • Erasure: Request deletion of your personal data ("right to be forgotten")
  • Restriction: Request restriction of processing of your data
  • Portability: Request your data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interests or direct marketing
  • Withdraw consent: Withdraw your consent at any time where processing is based on consent

To exercise any of these rights, please visit our contact page. We will respond within 30 days.

5. Data Protection Measures

  • All data is encrypted in transit using TLS/SSL and at rest
  • Access to personal data is restricted to authorized personnel only
  • We conduct regular security assessments and audits
  • We maintain a data breach notification procedure in compliance with GDPR Article 33

6. Data Retention

Email lists uploaded for verification are automatically deleted within 30 days of processing. Account data is retained for as long as your account is active. Upon account deletion, all personal data is removed within 30 days, except where retention is required by law.

7. International Data Transfers

If your data is transferred outside the EU/EEA, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) approved by the European Commission.

8. Data Processing Agreement

Enterprise customers who require a Data Processing Agreement (DPA) can reach out via our contact pageto request one.

9. Contact

For GDPR-related inquiries or to exercise your data rights, please visit our contact page.