๐ Security & Privacy
Email validation without compromising user privacy.
TempMailChecker is built for businesses that take data protection seriously.
๐งพ What data we process
TempMailChecker only needs the domain part of an email to determine if it's disposable.
When you call our API:
We internally convert this request to:
We never store, log, or inspect the full email address.
๐ What we do NOT collect
We do not store:
- Full email addresses
- Usernames / first name / last name
- IP addresses
- User agent strings
- Referrer headers
- Request contents beyond the domain
- Email content of any kind
We also do not share data with any third parties.
๐ง What we DO store
To enforce daily quotas fairly and detect abuse, we store:
| Data | Reason |
|---|---|
| API key hash | Identify your account securely |
| Email (from signup form only) | Send onboarding + limit alerts |
| Request count per day | Reset quota at midnight UTC |
We do not store request history.
๐ API key security
- API keys are hashed (bcrypt) before storage
- Keys are never logged
- Keys are never shown again after creation
- You can regenerate your key instantly at any time
๐ Logging
API request logs contain zero sensitive information.
A typical request log looks like:
No emails. No domains. No metadata tied to your users.
๐ Transport security
- HTTPS enforced (TLS 1.2+)
- HTTP requests are permanently redirected to HTTPS
- HSTS enabled
๐ GDPR / CCPA Friendly
Because we don't store personal data, TempMailChecker is naturally compliant with:
*Email validation context only
No DPA is required, because no personal data is retained.
๐งฏ Data retention
We retain only:
| Data | Retention |
|---|---|
| API usage counters | Reset daily |
| API signup email | Until deletion request |
You can delete your account fully at any time.
๐ก Responsible Disclosure
Found a vulnerability?
Email us at security@tempmailchecker.com โ we respond within 24 hours.
Bug bounties will be added after public launch.
๐ง Summary
For non-technical decision-makers:
| Concern | Status |
|---|---|
| Do you store full emails? | โ No |
| Can you see my users? | โ No |
| Do you sell or share data? | โ Never |
| Is everything encrypted? | โ Yes |
| Is TempMailChecker GDPR-compliant? | โ Yes |
| Do we need a DPA? | โ No personal data stored |
Block disposable emails without storing user data.
Get your free API key โ 100 requests/day, no credit card.
๐ Get Free API Key