Skip to main content
All CollectionsBasics
Anymail finder GDPR measures
Anymail finder GDPR measures

We've updated our terms and privacy policy to include a data processing addendum for GDPR compliance.

Updated over 9 months ago

AMF Internet Services Limited (Anymail finder) is a processor and a controller. The individual or organisation (‘Customer’), as a data controller, in continuing to use the service, agrees to a data processing addendum (DPA) with us as the processors of personal data of a ‘Data Subject’.

Under this DPA, Anymail finder is solely responsible for processing personal data as part of its service to the Customer and in accordance with the Customers instructions.

This DPA shall remain in force until the Terms and conditions have expired or been terminated, and Anymail finder no longer is in the possession of the Customer’s Customer Data.

Data security

Anymail finder is committed to ensuring the secure processing of data. Our servers are based in a secure AWS data centre in North Virginia.

Anymail finder will continuously implement and update technical and organizational security measures to prevent loss and unlawful processing of personal data.

Opt-outs and ‘right to be forgotten’

Anymail finder already has a blacklist service to allow Data Subjects to remove their domain from Anymail finder customer requests. The request is processed immediately.

A individual Data Subject is able to contact us to ‘delete’ their record from inside the system. The data deletion is processed within 48 hours.

Data shared with third parties

We might share our data with third parties including AWS (hosting), Intercom (chat support), Xero (accounts), Stripe (payments), Google (analytics)

Any third parties we work with must be GDPR compliant. Will will not share data with any entity who cannot demonstrate this.

Data of a Data Subject stored by Anymail finder

As of May 2018, the data we return and retain for EU subjects has changed.

We no longer allow "domain only" searches for EU domains (i.e. with a European extension, or registered to a European business or person), and never store emails found for these domains in our public database.

On top of that, we only search for emails in the European Union when one of our partners provides us with a "most common pattern" for that domain, then validate the email we find. As such, our service within the EU has shifted to providing the most common pattern for the domain we are provided with and validating the matched email instead of searching for the email through other means.

Email search results performed within the EU will remain accessible through your account and deleted at your request or when the account is deleted.

If the owner of an email address asks us to remove their email, searches containing it will also be removed from your account.

What Customer Data do we store?

When the Customer creates an account, we store information such as their name, email address, phone number in our data center. The same data is also collected for all the Customer team members invited to that Anymail finder account. If a Customer chooses to upload files then we’d process those files and retain that data for the Customer with the option to delete them available within the interface.

Deletion of Customer Data

The Customer data is stored for as long as necessary to provide the service and its features to the Customer. Customer data will be deleted after expiry or termination of the relevant account with Anymail finder. The Customer may request the Customer data to be deleted and this request will be processed within 48 hours.

Privacy policy, DPO and breaches

We've updated our privacy policy including assigning a data protection officer (DPO) and the procedure for notifying customers of any breach. We'll notify Customers of any major changes to the privacy policy.

Did this answer your question?