Privacy Policy

What data we collect

When you use Sovolink, we collect:

Account data: Name, email address, and hashed password when you register.

Email addresses submitted for verification: These are processed to determine deliverability. They are stored in hashed form after verification is complete. We do not store the plaintext email indefinitely after the job is finished.

Usage data: Number of verifications run, API call metadata (timestamps, status codes), and plan/billing information.

Device and session data: IP address, browser user-agent, and session tokens for authentication purposes.

Payment data: If you subscribe to a paid plan, payment is processed by Razorpay. Sovolink does not store your card details. We receive subscription status and invoice data from Razorpay.

How we use your data

We use collected data to:

- Perform email verification and return results to you
- Authenticate your account and maintain your session
- Calculate and enforce your monthly verification quota
- Process payments and manage your subscription via Razorpay
- Send transactional emails such as OTP codes and account notifications
- Improve the product by analysing aggregate usage patterns (not individual email data)
- Respond to support requests

We do not use your submitted email lists for any purpose other than performing verifications you request. We do not enrich, resell, or share your email data with third parties.

Data retention

Verification results: Retained for the lifetime of your account so you can download past results. You can delete individual bulk jobs from the dashboard.

Hashed email storage: Emails submitted for verification are stored in hashed form to track quota and prevent abuse. The hash cannot be reversed to recover the original address.

Account data: Retained until you request deletion.

Session data: Session tokens expire after 30 days of inactivity.

Billing data: Invoices and subscription records are retained for legal and accounting purposes for up to 7 years.

Third-party services

Sovolink uses the following third-party services:

Razorpay — Payment processing for subscriptions. Subject to Razorpay's Privacy Policy.

MongoDB Atlas — Database hosting. Data is stored on infrastructure operated by MongoDB, Inc.

SMTP provider — Used to send OTP and notification emails.

Vercel / Cloud hosting — The API is deployed on Vercel serverless infrastructure.

We do not use advertising trackers, third-party analytics services that observe individual behaviour, or social login providers.

Your rights

Depending on your jurisdiction, you may have the following rights:

Access: Request a copy of the personal data we hold about you.

Correction: Ask us to correct inaccurate information.

Deletion: Request deletion of your account and personal data. Note that hashed email data and billing records subject to legal retention may not be immediately deleted.

Data export: Request a machine-readable export of your verification history.

Opt-out of marketing: If we ever send marketing emails, you can unsubscribe using the link in any email.

To exercise any of these rights, email us at privacy@sovolink.com.

Cookies

Sovolink uses minimal cookies:

session_token — A secure, HttpOnly cookie that identifies your authenticated session. Required for the product to function.

We do not use advertising, tracking, or third-party analytics cookies.

Contact for privacy requests

For any privacy-related questions or to exercise your rights, contact us at:

Email: privacy@sovolink.com

We aim to respond within 10 business days. If you have a complaint about how we handle your data, you may also lodge a complaint with your local data protection authority.