Privacy Policy

Overview

EmailValidatr ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard information when you use our email validation API service.

Our core principle: We never store email addresses. We are a privacy-first service designed to validate emails without compromising user data.

Information We Collect

Email Validation Requests

When you submit an email address for validation:

• We DO NOT store the email address. Email addresses are processed in memory only.
• We store only an MD5 hash of the email for usage tracking and deduplication purposes.
• MD5 hashes cannot be reversed to reveal the original email address.
• Validation results are cached temporarily (up to 24 hours) to improve performance.

API Usage Data

We collect:

• API key identifiers for authentication and usage tracking
• Request timestamps and counts for rate limiting
• IP addresses for security and abuse prevention
• General usage statistics (request counts, response times)

Contact Form Submissions

If you contact us through our contact form, we collect:

• Your name and email address
• The subject and content of your message
• IP address and browser information for security purposes

Payment Information

For paid subscriptions, payment processing is handled entirely by Stripe. We store only:

• Stripe customer ID (for subscription management)
• Subscription status and expiration date

We never have access to your full credit card number, CVV, or other sensitive payment details.

How We Use Information

• To provide email validation services
• To enforce usage limits and prevent abuse
• To improve our service performance and reliability
• To respond to your inquiries and support requests
• To process payments and manage subscriptions
• To comply with legal obligations

Data Security

We implement industry-standard security measures including:

• HTTPS encryption for all API communications
• Secure database connections and encrypted storage
• Rate limiting to prevent abuse
• Regular security audits and updates

Data Retention

• Email hashes: Retained for usage tracking purposes, rolling monthly
• Cached validation results: Up to 24 hours
• API keys: Until you request deletion or account termination
• Contact form submissions: Until resolved or 2 years, whichever is shorter

Third-Party Services

We use the following third-party services:

• Stripe: Payment processing (Stripe Privacy Policy)
• Gravatar: Profile image lookup (Automattic Privacy Policy)
• DNS Providers: For domain verification (Google Public DNS)

Your Rights

Depending on your location, you may have the following rights:

• Access: Request information about data we hold about you
• Deletion: Request deletion of your API key and associated data
• Portability: Request a copy of your usage data
• Objection: Object to certain processing activities

To exercise these rights, please contact us using the contact form on our website.

GDPR Compliance

For users in the European Economic Area (EEA), we comply with the General Data Protection Regulation (GDPR). Our lawful bases for processing include:

• Contract: Processing necessary to provide our services
• Legitimate Interest: Security, fraud prevention, and service improvement
• Consent: Where specifically obtained (e.g., marketing communications)

CCPA Compliance

For California residents, we comply with the California Consumer Privacy Act (CCPA). We do not sell personal information to third parties.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us through the contact form on our website.