Transparency, ethical sourcing, and regulatory compliance aren't just checkboxes for us — they're foundational to how we operate. Here's how we protect your campaigns and your prospects' privacy.
EU data protection
US email marketing law
California privacy rights
Verified & guaranteed
Our data practices are designed to meet the requirements of all major data protection regulations.
We process B2B contact data under GDPR's legitimate interest provisions (Article 6(1)(f)), which permits processing for direct marketing to business professionals when balanced against individual rights.
All data we provide is intended for use in campaigns that comply with CAN-SPAM. We recommend and support clients in following all required practices for lawful commercial email.
We support California consumers' rights under CCPA and provide mechanisms for residents to exercise their data rights, including the right to know, delete, and opt out.
Transparency in how we collect, process, and deliver B2B contact data.
All data is sourced from publicly available business information, opted-in databases, corporate directories, public filings, and professional networks. We never purchase data from questionable or unverified sources.
We collect only business-relevant information — corporate email addresses, work phone numbers, job titles, and company details. We do not collect or sell personal data such as home addresses, personal emails, or sensitive information.
Our database is continuously updated and reverified. Outdated records are removed, job changes are tracked, and email addresses are revalidated to maintain 95%+ accuracy and minimize unwanted contacts.
We maintain a global suppression list. If any individual requests removal, they are permanently excluded from all future data deliveries. Opt-out requests are honored promptly, typically within 48 hours.
We provide compliant, verified data. Clients are responsible for using data in accordance with applicable laws — including adding unsubscribe links, identifying themselves accurately, and honoring opt-outs in their campaigns.
We don't retain data indefinitely. Records that can no longer be verified or have been inactive beyond our threshold are removed from the database to keep it current, accurate, and compliant.
If your information appears in our database, you have the following rights.
Request a copy of any personal data we hold about you. We'll respond within 30 days with full details of what's stored.
If any data is inaccurate or outdated, request a correction and we'll update our records promptly.
Request permanent deletion of your data from our database. Once removed, you won't appear in any future data deliveries.
Object to processing of your data for direct marketing. We'll cease processing immediately upon receiving your request.
Request your data in a portable, machine-readable format so you can transfer it to another service.
Request that we limit how your data is processed while a concern is being investigated or resolved.
We take security seriously — both for the data we hold and the data we deliver to clients.
All data is stored on encrypted servers with AES-256 encryption at rest and TLS 1.2+ encryption in transit.
Role-based access ensures only authorized team members can view or process data. Multi-factor authentication required.
Data is delivered via secure, password-protected files or encrypted channels. No data is transmitted over unprotected connections.
We conduct regular internal security audits and data accuracy reviews to maintain the highest standards.
All team members undergo data protection training covering GDPR, CAN-SPAM, and secure data handling procedures.
In the unlikely event of a data breach, we follow a documented incident response plan including notification within 72 hours.
If you have questions about our data practices, want to exercise your data rights, or need compliance documentation for your procurement team, our compliance team is ready to help.
