Legal

Privacy Policy

Last updated: April 14, 2026

This Privacy Policy explains how Postelist, operated by Mailliberty (“we”, “us”, or “our”), collects, uses, and protects personal data when you use our email verification service (the “Service”). We act as a data controller for account data and as a data processor for the email addresses you submit for verification.

1. Information We Collect

Account information. When you create an account, we collect your name, email address, and, where you sign in through a third-party identity provider such as Google, the identifier and profile fields that provider returns.

Verification data.When you submit an email address for verification, we transmit that address to the address’s provider of record in order to determine deliverability. We retain the address, the verdict, the provider consulted, and a timestamp for operational, auditing, and accuracy purposes.

Billing information. Payments are processed by a third-party payment provider. We receive a transaction reference, the amount, and the last four digits of the instrument used; we do not store full card numbers.

Usage data. We automatically collect information about how you interact with the Service, including IP address, browser type, device identifiers, request timestamps, and pages viewed.

2. How We Use Information

  • To provide, maintain, and improve the Service.
  • To process verifications you submit and return results to you.
  • To process payments, issue receipts, and prevent fraudulent or abusive transactions.
  • To communicate with you about your account, changes to the Service, and security advisories.
  • To monitor and improve classification accuracy using aggregated, de-identified signals.
  • To comply with legal obligations and enforce our Terms.

3. Legal Bases (UK / EEA)

Where the UK GDPR or EU GDPR applies, we rely on the following legal bases: performance of a contract (to provide the Service you have requested); legitimate interests (to secure, maintain, and improve the Service); consent (where you have opted in, for example to marketing emails); and compliance with legal obligations.

4. Sharing and Disclosure

We do not sell personal data. We share personal data only with:

  • Mailbox providers—to perform the verification you have asked for. Only the address being verified is transmitted.
  • Service providers—hosting, payment processing, and authentication providers acting under contract and bound to use the data only for the purposes we specify.
  • Legal authorities—where we are required to do so by law, court order, or valid legal process.
  • Successors—in connection with a merger, acquisition, or sale of assets, subject to continuity of this Policy’s protections.

5. Retention

Account data is retained for as long as your account is active and for a reasonable period afterwards to resolve disputes and comply with legal obligations. Verification logs are retained for up to twenty-four (24) months, after which addresses are deleted or irreversibly hashed.

6. Security

We apply administrative, technical, and physical safeguards designed to protect personal data, including encryption in transit, restricted access, and segmented production networks. No method of transmission or storage is perfectly secure; we cannot guarantee absolute security.

7. International Transfers

Postelist operates infrastructure in multiple jurisdictions. Where personal data is transferred out of the UK or EEA, we rely on appropriate safeguards, including the UK International Data Transfer Addendum and the EU Standard Contractual Clauses.

8. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, delete, or port your personal data; to object to or restrict certain processing; and to withdraw consent where processing is based on consent. To exercise any of these rights, contact us at privacy@postelist.com. You also have the right to lodge a complaint with a supervisory authority, such as the UK Information Commissioner’s Office.

9. Cookies and Local Storage

We use cookies and browser local storage to keep you signed in, to remember preferences, and to measure use of the Service. Strictly necessary cookies are set without consent; analytic or preference cookies are set only where your consent is required and given. You can clear cookies at any time from your browser settings, though doing so may affect functionality.

10. Children

The Service is not directed at children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

11. Changes to this Policy

We may update this Policy from time to time. Material changes will be reflected by updating the “Last updated” date and, where appropriate, by notice to account holders. Continued use of the Service after the effective date constitutes acceptance of the revised Policy.

12. Contact

Privacy enquiries should be sent to privacy@postelist.com.