Privacy Policy

Last updated: April 22, 2026

Data We Collect

When you create an account, we store:

• Email address — for authentication (magic link login)
• IP address at registration — for anti-abuse (max 3 accounts per IP)
• API key — stored as a SHA-256 hash (we cannot read your key)
• Credit balance and purchase history

Email Verification

Email addresses submitted for verification are processed in real time and are not stored after the request completes. Each verification is fresh — no results are cached or retained.

Operational Metrics

To monitor service quality (latency, error rates, deliverability patterns per recipient domain), we retain aggregated technical logs for up to 90 days. These logs never contain submitted email addresses — only the recipient domain (e.g. gmail.com), the result code (deliverable / undeliverable / catch-all / unknown), the response time, and technical status codes. This data is used exclusively for internal monitoring and has no commercial purpose.

Cookies

We use a single httpOnly session cookie (mp_session) for authentication. No tracking cookies, no analytics, no third-party cookies.

Third-Party Services

• Stripe — payment processing. Stripe handles all card data. We never see or store your card number. See Stripe's privacy policy.
• Resend — transactional emails (magic links, payment confirmations).

We do not use Google Analytics, advertising pixels, or any tracking service.

Data Retention

• Account data: kept as long as your account exists
• Verification data: not stored — processed in real time only
• Operational metrics: aggregated technical logs (no email addresses), up to 90 days
• Server logs: standard web server logs, not shared or exploited

Your Rights (GDPR)

You have the right to access, rectify, or delete your personal data. To exercise these rights, contact us at contact@mailprobe.dev.

Data Controller

Iris Digital — SIREN 524 317 872, France