EU GDPR Compliance

EmailFinder.xyz is fully compliant with the EU General Data Protection Regulation (GDPR).

Role & Scope

As per GDPR, EmailFinder is classified as a Data Processor.

We handle two categories of personal data:

  • User Data — information from people who sign up and use our platform.
  • User Customer Data — information uploaded by users (e.g., email lists) for processing.

1) User Data

This covers people who create an account on EmailFinder and use our free or paid features.

Sign‑Up Data

  • Email Address — verified via double opt‑in (verification code required before use).
  • Username — chosen by the user.
  • Password — chosen by the user and stored securely for authentication.

We use this data to verify accounts, send password reset or magic login links, and provide core services. We retain it only as long as needed to deliver the service.

Billing Information & Payments

Billing Information

To complete purchases, users provide billing details for invoicing and compliance:

  • First Name (required)
  • Last Name (required)
  • Company Name (optional)
  • Billing Address (required)
  • Country, State, Pincode (required)
  • Email (required, for invoices)
  • GST Number (optional, India only)

For high‑value transactions, we may request KYC (e.g., Government ID, proof of card ownership) to prevent fraud.

Payment Information

We do not collect or store payment details (card numbers, bank info). All payments are processed by trusted gateways (e.g., PayPal, Paddle, Razorpay):

  • Either via a secure redirect to the gateway website, or
  • In a secure pop‑up hosted by the gateway.

For optional manual payments, users may email a transaction ID for verification. EmailFinder never uses this to authenticate payments on a user’s behalf.

2) User Customer Data

This is data uploaded by customers for processing (typically CSV files):

  • Email Addresses
  • Additional Data (e.g., first/last name, address) if provided by the user
  • Technical & Result Data generated after processing

How We Handle It

  • Storage & Processing — stored only to process and return results.
  • No Selling/Sharing — we do not sell or share this data with third parties.
  • Additional Data — retained solely to return alongside results for convenience.
  • Technical Results — emails are classified as Clean, Dirty, or Unknown using our algorithms.
  • Global Cache — certain technical results may be cached to avoid unnecessary reprocessing.

To access or delete uploaded data, email [email protected].

Server & Data Location

  • Main servers are located in Germany, Europe.
  • During processing, temporary infrastructure and internet nodes may be involved.
  • Such transient data exists only for processing and is removed afterward.

How to Make a GDPR Request

For data access, correction, or deletion:

  • If you’re a user, contact us from your registered signup email.
  • If you’re the owner of a specific email address, contact us from that address.

Email: [email protected]

Company Details

CompanySymbolist Technology Private Limited
RegistrationMaharashtra, India
Incorporation Date27 July 2020
CINU72900MH2020PTC342689
GST27ABECS0569G1Z8
Registered Address 255, Ground floor, Jai Hind CO.OP.HSG. SOC., R3 Wing, Mahatma Phule Nagar, Khartan Road, Thane – 400 601

Contact Us

Questions about this GDPR compliance page or our data practices?

Write to [email protected].