Data Processing Addendum
Last updated: March 23, 2026
1. Introduction
This Data Processing Addendum (“DPA”) forms part of the Terms of Service between you (“Controller”) and mails.expert (“Processor”).
This DPA governs the processing of personal data in connection with the use of the mails.expert email validation service.
By using the service, you agree to this DPA.
2. Roles of the Parties
For the purposes of applicable data protection laws, including the General Data Protection Regulation (GDPR):
You act as the Data Controller
mails.expert acts as the Data Processor
You determine the purposes and means of processing personal data.
mails.expert processes personal data solely on your behalf and in accordance with your instructions.
3. Scope of Processing
mails.expert processes personal data only to provide the service.
This includes:
Receiving email addresses submitted for validation
Performing technical checks (DNS, SMTP, domain validation)
Returning validation results
mails.expert does not send emails to validated addresses and does not contact data subjects.
4. Types of Data and Data Subjects
Types of Personal Data
Email addresses
Technical metadata (IP address, logs, request data)
Categories of Data Subjects
Your customers
Your users
Any individuals whose email addresses are submitted
5. Instructions
mails.expert processes personal data only in accordance with your documented instructions, as provided through the use of the service.
You are responsible for ensuring that such instructions comply with applicable data protection laws.
6. Confidentiality
mails.expert ensures that any personnel with access to personal data are subject to confidentiality obligations.
Access to data is limited to what is necessary for service operation.
7. Security Measures
mails.expert implements appropriate technical and organizational measures to protect personal data.
These measures include:
Encryption in transit (HTTPS/TLS)
Access control and least privilege
Logging and monitoring
Infrastructure security and updates
8. Subprocessors
mails.expert may engage subprocessors to provide the service, including:
Hosting and infrastructure providers
Payment providers
Analytics providers
mails.expert ensures that subprocessors are bound by data protection obligations consistent with this DPA.
9. International Transfers
Personal data may be processed outside the European Economic Area (EEA).
Where required, mails.expert implements appropriate safeguards for such transfers.
10. Data Retention and Deletion
mails.expert retains personal data only as long as necessary to provide the service and comply with legal obligations.
Upon request, mails.expert will delete or anonymize personal data, unless retention is required by law or for security purposes.
11. Assistance to Controller
mails.expert will provide reasonable assistance to the Controller in fulfilling obligations under GDPR, including:
Responding to data subject requests
Ensuring data security
Handling data breaches
12. Data Breach Notification
In the event of a personal data breach, mails.expert will:
Take appropriate measures to mitigate the impact
Notify the Controller without undue delay, where required
13. Audits
mails.expert may provide reasonable information regarding data processing practices upon request.
Formal audits may be subject to reasonable limitations.
14. Liability
Each party is responsible for compliance with its respective obligations under applicable data protection laws.
15. Changes
mails.expert may update this DPA from time to time.
Continued use of the service constitutes acceptance of the updated version.
16. Contact
For any data protection inquiries: