Frequently Asked Questions

General

Billing & Plans

Technical

Security

Onboarding

General

Billing & Plan

Technical

Security

Privacy by Design means that we incorporate privacy at the initial design stages and throughout the lifecycle of our services. We strongly adhere to the principle of data minimisation, only processing and storing the data required to deliver our service.

At VerifyDMARC, your data is yours alone; we do not share your data with third parties that are not listed under sub-processors in our Privacy Policy, and automatically purge DMARC reports to protect your privacy. "Privacy by Design" is a foundational principle at VerifyDMARC that ensures privacy and data protection compliance from the outset of designing any new service or business process.

Here’s how we implement Privacy by Design in our operations:

Proactive not Reactive; Preventative not Remedial: We anticipate and prevent privacy-invasive events before they happen. Our privacy measures are embedded into the design and architecture of IT systems and business practices, rather than being tacked on as an afterthought.
Privacy as the Default Setting: We automatically protect user data by ensuring that the strictest privacy settings are applied by default, without any manual input required from the user. No action is required on your part to secure your privacy; it's built into the system from the top down.
Privacy Embedded into Design: Privacy is integrated into our technology platforms and business practices from the very beginning. This integration includes restricting access to personal data, using encryption, and ensuring secure data storage and transfer protocols.
Full Functionality – Positive-Sum, not Zero-Sum: Our approach to privacy by design does not imply compromises on user functionality. We aim for ‘win-win’ scenarios where both privacy and user functionality enhance each other without detracting from either.
End-to-End Security – Full Lifecycle Protection: We maintain the security and confidentiality of data from the moment it is collected, during processing, and even after the data has served its purpose. This includes implementing measures such as data minimisation and fast-tracked data deletion schedules to ensure data is only retained as long as needed.
Visibility and Transparency – Keep it Open: We are transparent about our data practices and privacy policies, ensuring users can access easily understandable information about how their data is used, stored, and protected. This transparency is evident in our Privacy Policy, which details our data handling practices.
User-Centric Privacy – User Privacy by Default: By adhering to the principle of data minimisation, we ensure that only the necessary data for delivering our services is processed. Your data remains your own; we do not share it with third parties unless mandated by law, and we employ automatic purging of DMARC reports to further protect your privacy.

By integrating these principles into every aspect of our technology and business practices, VerifyDMARC ensures that privacy is an essential and inherent part of the services we provide to you.

At VerifyDMARC, the security of your data and the integrity of our service operations are paramount. We recognise that effective security is a collaborative effort, hence we meticulously select and manage our third-party providers, including sub-processors, with whom we entrust personal data processing.

Here’s how we ensure our high standards of security are upheld:

Rigorous Selection Process: We employ a stringent selection process for all sub-processors and partners, ensuring that they adhere to high standards of data protection and security that are compatible with ours and meet regulatory requirements. This process includes comprehensive security assessments and reviews of their practices and policies.
Shared Responsibility Model: We operate under a shared responsibility model, which clarifies the security roles and responsibilities between VerifyDMARC and our third-party providers to prevent any gaps in compliance and protection. Our collaboration ensures that all facets of data handling, from collection to processing, meet our strict security criteria.
Regular Security Assessments and Audits: We conduct regular security assessments and audits of our third-party providers, including sub-processors, to ensure ongoing compliance with our security policies and standards. These reviews help us to identify and mitigate potential security vulnerabilities.
Contractual Obligations: Our agreements with third-party providers include strict data security and privacy clauses. They are contractually obligated to protect any customer data they handle and are subject to regular compliance checks to ensure their practices align with our security expectations.
Data Encryption and Secure Data Storage: We ensure that all data transmitted to and stored by our third-party providers is encrypted in transit and at rest. Providers like Amazon Web Services and Google are employed for their robust security measures that include extensive physical and electronic protection measures.
Incident Management: In the event of a security breach or failure by a third-party provider, our incident response plan includes immediate remediation actions and, if necessary, notification to affected users as outlined in our Privacy Policy.
Transparency: We maintain transparency about the sub-processors we use, as listed in our Privacy Policy. This list includes the functions and their location, ensuring our users know where and how their data is being handled.

By employing these practices, VerifyDMARC ensures that the security measures undertaken by our third-party providers are robust and align with our commitment to protect your data.

For detailed information about our sub-processors and their roles, please refer to the sub-processors section in our Privacy Policy.

FrequentlyAsked Questions

Find answers to common questions about VerifyDMARC.

General

What is DMARC?

How does VerifyDMARC help MSPs and IT teams?

Why do I need DMARC if I have SPF and/or DKIM?

Billing & Plan

Can I upgrade or downgrade my VerifyDMARC plan?

Can I change from a yearly plan to a monthly plan?

What happens if I reach my plan's email limit?

What is the difference between plans?

What are the benefits of choosing a yearly plan?

Do you support multiple accounts?

Technical

What features do you offer for domain management?

How do I set up DMARC with VerifyDMARC?

Security

What is "Privacy by Design" at VerifyDMARC?

How secure is VerifyDMARC?

How do you ensure data on the Dashboard is reliable?

How do you ensure the security of sub-processors?

Onboarding

What is the quickest way to onboard multiple domains?

Frequently
Asked Questions