No subscription50 free credits to start. Buy more only when you need them.

See pricing →
cleanmylist
Privacy

The short version, with the long version below.

Last updated May 18, 2026

The short version: we never sell your data, never share it with third parties for marketing, never use your lists to train models. Raw lists are encrypted at rest and purged 30 days after a verification run completes. Below is the long version with the specifics.

What we collect

When you use CleanMyList, we collect three categories of information: account information, list content, and usage metadata.

  • Account information. Name, email, company, billing details. Required to provision your workspace.
  • List content. The email addresses you submit to be verified, plus any optional metadata you attach.
  • Usage metadata. Logs of API calls, latency, errors, and the engine version used to produce each verdict.

How we use it

List content is used solely to produce the verdict you requested and to compute aggregate signals (in hashed form) that feed our accuracy benchmarking. We do not use list content for advertising, lead generation, or model training. We do not contact addresses on your lists for any reason.

How long we keep it

Raw list content is purged 30 days after a verification run completes. After purge, only the hashed signals required for accuracy benchmarking remain, and they cannot be reversed to recover the original address. You can request earlier purge in-app or by email.

Account data retention

We retain account information for as long as your workspace is active, and for up to 90 days after cancellation to support audits and reactivation. After 90 days, we anonymize account records.

GDPR + CCPA

You can request access to, correction of, or deletion of any personal data we hold about you. We respond to verified requests within 30 days. Our standard Data Processing Addendum is on file and shipped to customers on request from security@cleanmylist.io.

Security

Data is encrypted in transit (TLS 1.3) and at rest (AES-256). Access to production data is restricted to a named on-call rotation with hardware-key authentication. We support data residency in the United States, European Union, and United Kingdom — your choice per workspace.

  • Annual third-party penetration testing.
  • Continuous static analysis and dependency scanning.
  • Bug bounty program — responsible disclosure to security@cleanmylist.io.

Subprocessors

We use a small number of subprocessors to operate the service. The current list is published at cleanmylist.io/subprocessors and updated 30 days before any addition. You can subscribe to changes by email.

Cookies

We use cookies for authentication and a privacy-preserving analytics tool that does not track individuals across sites. We do not use third-party advertising cookies. Cookie preferences can be managed in your account settings.

Contact

Privacy questions or data requests: privacy@cleanmylist.io. Security questions: security@cleanmylist.io.

Stop guessing. Start cleaning.

Try it free on 50 emails. No credit card, no sales call, no catch.

Clean your list freeTalk to us first