Privacy Policy

1. Introduction

At UserCheck, we are committed to protecting your privacy and ensuring the security of your personal information. This policy outlines our practices for collecting, using, maintaining, protecting, and disclosing your data when you use our services.

2. Information We Collect

2.1 Personal Information

We collect minimal personal information necessary to provide our services, including:

• Name and email address for account management
• Payment information for Pro plan subscriptions (processed securely through a third-party payment processor)

2.2 Usage Data

We collect anonymized usage data to improve our services, including:

• Aggregated statistics on service usage
• Non-identifiable technical information (e.g., browser type, operating system)

2.3 Cookies

We use essential cookies to maintain your session and preferences. You can control or disable non-essential cookies through your browser settings.

2.4 Domain and Email Data

This data is stored and used to improve disposable email detection, prevent abuse, and power features such as analytics and usage dashboards. We retain this data securely and do not share it with third parties.

2.5 Request Logging

We log API requests, including IP addresses and user agents, for security, compliance, and service improvement purposes. These logs are anonymized after 30 days.

3. How We Use Your Information

We use your information to:

• Provide and improve our services
• Process transactions
• Respond to inquiries
• Send essential service-related communications

We do not use your data for marketing purposes without explicit consent.

4. Legal Basis for Processing (GDPR Specific)

We process your data based on:

• Contractual necessity (for providing our services)
• Legitimate interests (for improving our services and ensuring security)
• Your consent (where applicable)
• Legal obligations

5. Data Sharing and Third-Party Services

We do not sell or rent your personal information. We may share anonymized, aggregated data with trusted partners for analytics purposes. Our third-party service providers (e.g., hosting providers) are bound by strict data processing agreements compliant with GDPR.

6. Security Measures

We implement industry-standard security measures, including:

• End-to-end encryption for data in transit and at rest
• Regular security audits and penetration testing
• Strict access controls and employee training
• Data storage within the EU to ensure GDPR compliance

7. Data Retention

We retain domain and email data submitted to our API to continuously improve detection accuracy and monitor for abuse. This data may be stored indefinitely, unless deletion is requested. Personal account data is deleted or anonymized when no longer needed.

8. Your Data Protection Rights

Under GDPR, you have the right to:

• Access your personal data
• Rectify inaccurate data
• Erase your data (right to be forgotten)
• Restrict or object to processing
• Data portability

You can request deletion of previously submitted email or domain data by contacting [email protected].

9. Data Breach Notification

In the event of a data breach, we will notify affected users and relevant authorities within 72 hours, as required by GDPR.

10. International Data Transfers

We process and store data within the EU. If data is transferred outside the EEA, we ensure appropriate safeguards are in place (e.g., Standard Contractual Clauses).

11. Children's Privacy

Our services are not intended for children under 16. We do not knowingly collect data from children.

12. Changes to This Policy

We may update this policy periodically. We will notify you of significant changes via email or a prominent notice on our website.

13. Contact Us

For privacy-related inquiries or to exercise your data rights, contact our Data Protection Officer at [email protected] or Lõõtsa tn 2a, 11415 Tallinn, Estonia.