🎉 Exclusive launch of   logo AI-Powered Email Verification — 18 Nov at BTS 2025 Event   |   Meet us at booth no #S98
Login Get Started For Free
Coming Soon sign up

Endbounce GDPR Privacy Policy

Effective Date: August 6, 2025

Welcome to Endbounce ("Endbounce," "we," "us," or "our"). This Privacy Policy is specifically designed to inform you about how we collect, use, store, and share your personal data in compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679.

By accessing or using our services, visiting our website (www.endbounce.com), or interacting with us, you acknowledge and agree to the practices described in this Privacy Policy.

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at support@endbounce.com.

1. Data Controller Information


2. Principles of Data Processing


We process your personal data in accordance with the following GDPR principles:

  • Lawfulness, fairness, and transparency: Data is processed lawfully, fairly, and in a transparent manner.
  • Purpose limitation: Data is collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
  • Data minimization: Data collected is adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
  • Accuracy: Data is accurate and, where necessary, kept up to date.
  • Storage limitation: Data is kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
  • Integrity and confidentiality: Data is processed in a manner that ensures appropriate security, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organisational measures.
  • Accountability: We are responsible for, and able to demonstrate compliance with, the above principles.

3. Legal Basis for Processing Personal Data

We process your personal data only when we have a valid legal basis under GDPR. The legal bases we rely on include:

  • Performance of a Contract (GDPR Article 6(1)(b)):
    • To create and manage your account.
    • To provide access to our email validation services.
    • To process transactions and facilitate verifications related to your account.
  • Legitimate Interests (GDPR Article 6(1)(f)):
    • To respond to your inquiries and provide customer support.
    • To send administrative information and communicate about service updates.
    • To personalize content, conduct analytics, and improve our services and user experience.
    • To promote our services (where consent is not required, and our interests do not override your rights).
    • To collect, process, and share publicly available B2B contact information to facilitate professional networking and business opportunities, ensuring compliance with applicable laws and providing opt-out mechanisms.
  • Compliance with a Legal Obligation (GDPR Article 6(1)(c)):
    • To comply with legal obligations, court orders, or governmental requests.

      • When you use Endbounce services, we may have access to information contained in your email contact lists and, where relevant for service functionality, email content.

      • Data Access and Use: We access your contact lists to facilitate email validation and other related services. We may process email content only to provide services such as email tracking, analytics, and automation features if explicitly enabled by you.
      • Data Security: Only authorized personnel have access to your contact lists and email content, and solely for purposes of providing support and improving our services. Your data is stored securely using industry-standard encryption and security protocols.
      • User Control: You can export your contact lists and email data at any time through your account settings. You can also modify or delete contacts from your account as needed.

      10. Data Retention Periods

      We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for legal, accounting, or reporting requirements.

      • Data for Service Execution: As needed to provide services, and up to 3 years after account closure, unless a longer period is required by law (e.g., for dispute resolution, legal obligations).
      • Marketing Data: 3 years from the date of collection or your last active contact, unless you opt-out earlier.
      • Legal and Regulatory Compliance: Evidentiary data may be retained for the statutory limitation period (generally 5 years) for legal defense and compliance purposes.
      • Anonymized Data: We may retain anonymized or aggregated data indefinitely for statistical analysis and business purposes, as it no longer identifies you.

      11. Data Storage and International Transfers

      • Location of Data Storage: Our primary servers are located within the European Union (EU) and the United States. We use reputable cloud service providers that comply with applicable data protection regulations.
      • International Data Transfers: Personal data may be transferred to countries outside the European Economic Area (EEA), including the United States, which may not provide the same level of data protection as the EU.
      • Safeguards: For such transfers, we implement appropriate safeguards, primarily relying on Standard Contractual Clauses (SCCs) approved by the European Commission, or by relying on adequacy decisions where applicable.
      • Your Rights: You have the right to be informed about the transfer of your personal data to third countries and the safeguards in place. You may object to international transfers by contacting us.

      12. Security Measures for Data Protection

      We prioritize the security of your personal data and implement industry-standard technical and organizational measures to protect it from unauthorized access, disclosure, alteration, or destruction.

      • Technical Measures: Data encryption in transit (SSL/TLS) and at rest, firewalls, intrusion detection systems, regular security assessments, and secure coding practices.
      • Organizational Measures: Strict access controls to personal data (limited to authorized personnel on a need-to-know basis), employee training on data protection, and incident response procedures.
      • Incident Response: In the event of a data breach, we will notify affected individuals and relevant supervisory authorities as required by GDPR. We will take prompt action to mitigate any potential harm.
      • User Responsibilities: You are responsible for maintaining the confidentiality of your account credentials and for restricting access to your account. Please be vigilant against phishing and other unauthorized attempts to access your personal data.

      Disclaimer: While we strive to protect your personal data, no method of transmission over the Internet or electronic storage is completely secure. We cannot guarantee absolute security.

      13. Cookie Policy

      Our website uses cookies and similar technologies to enhance your experience and analyze usage. Please refer to our separate [Cookie Policy] for detailed information on what cookies are, how we use them, and your choices regarding cookie management.

      14. Privacy Policy Changes

      We reserve the right to update or modify this Privacy Policy at any time to reflect changes in our practices, legal requirements, or for other operational reasons.

      • Notification of Changes: We will notify you of significant changes via our website or email at least 30 days before they take effect. The "Effective Date" at the top of this Privacy Policy indicates when the policy was last revised.
      • Your Continued Use: Your continued use of our services after the effective date constitutes your acceptance of the revised Privacy Policy. We encourage you to review this Privacy Policy periodically.

      15. Children's Privacy

      Our services are not intended for individuals under the age of 16. We do not knowingly collect personal data from children under 16. If you are a parent or guardian and believe your child has provided us with personal data, please contact us at support@endbounce.com, and we will take steps to delete such information promptly.

      16. Contact Us

      If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

      We are committed to addressing your inquiries and resolving any concerns about your privacy.