Skip to content

Security & compliance

We treat the lists you verify as sensitive data. This page summarizes how that data is handled.

  • In transit: all API and dashboard traffic is served over HTTPS/TLS.
  • At rest: uploaded lists and results are encrypted at rest.
  • Retention: verification data is retained for [retention period] and can be deleted on request. Bulk files can be removed from the dashboard at any time.
  • We don’t sell your data or use your lists to build shared databases.
  • Scope access with per-environment API keys and team roles.
  • Rotate or revoke keys immediately if one is exposed.
  • Use the publishable widget key (not your secret key) in any browser code.

VerifyMaill is built to support [GDPR / applicable] obligations. A Data Processing Agreement (DPA) is available on request.

For a DPA, security questionnaire, or details of current certifications, contact team@verifymaill.com.

Found a security issue? Please email team@verifymaill.com with details so we can investigate. Please don’t disclose it publicly until we’ve had a chance to respond.