General Data Protection Regulation (GDPR)

Effective: 6 December, 2019

The EU General Data Protection Regulation (GDPR) is the most comprehensive change to EU data privacy law in decades. It took effect on the 25th of May 2018. The Clearout team worked hard to prepare for GDPR and ensure we fulfill its obligations.

What is the GDPR?

The General Data Protection Regulation (GDPR) is a regulation in EU law on data protection and privacy for all individuals within the European Union. For EUR residents, the regulation aims to increase their control over their personal data. For businesses, the GDPR becomes a unifying regulation across the EU. On the 25th of May 2018, the GDPR took effect and replaced the 1995 Data Protection Directive.

ClearoutPhone is fully compliant with the GDPR

ClearoutPhone is fully compliant with the requirements of a data processor under the General Data Protection Regulation (GDPR) as thousands of customers across all industries have chosen our phone validation service. From day one, our primary goal was not only to offer you the best Phone Validation Service on the market but also to keep your data safe during the process.

Data Processing Addendum

If you are located in the EU, under Article 28 of the GDPR, you need a data processing addendum (DPA) signed with your sign-up. With our Data Agreement, we’ve made this procedure simple and have the contract ready to be signed, the DPA includes standard clauses and further information about our processes.

How ClearoutPhone is complying with the GDPR

Even though the GDPR only applies to data from EU residents, we took the decision to apply broadly the requirement of the regulation. This means that except in some rare cases, we don’t restrict any privacy-related feature based on the geographical location of a data subject.
Here are some of the actions we’ve taken to ensure we’re compliant:

Security

We take the security of the data we manage very seriously as our email validation & verification service is a trusted one for thousands of customers across all industries. Over the last few months, our architecture has been vastly upgraded: Our entire cluster is systematically behind a firewall. Double authentication is required for any connection. We’ve also subscribed to Cloudflare to provide a Web Application Firewall (WAF) and a systematic block from potential threats.

Data We Hold

We retain the data that we control for as long as is necessary or appropriate to fulfill the purpose for which the data was collected;
You may request access to, or deletion or correction of, the Personal Data that we hold about you by contacting us through the emails at [email protected]. If you request that we delete your Personal Data, we will remove you from our marketing lists but will continue to maintain certain Personal Data where we have an important legal, accounting, billing or auditing reason to do so.

Log retention

To improve, debug or prevent fraud on the service, we keep a variety of logs. We now make sure logs are destroyed at most 3 months after their collection date. We never use those logs for anything else than monitoring and debugging.

Data portability

The GDPR gives the right to any user to download any data that he provides to a service. This allows for easier migration to other services. We think this is a great idea and ClearoutPhone has always made it possible for the user to download their data.

Systematic pseudonymization of non-public data

Our phone number validation tool heavily pseudonymizes data to ensure the privacy of data subjects. Any attributes that don’t need to remain in its original form is truncated to remove any possibility to be linked back to a specific data subject.

Right of Change

Because we deal with publicly available web data, information removed from a website is also removed from our database. But if a data subject wishes to speed up the removal of any in our index, we offer a simple efficient way to claim the phone numbers. It is then possible to either update the data or entirely remove it.

Contact us

Any questions regarding this privacy statement or the privacy practices of the Company’s website, including anything regarding our Terms, should be directed to our email [email protected]