Privacy Policy

Last updated: January 2, 2026

1. Introduction

Verkh, LLC ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our DMARC monitoring and email authentication platform.

By using Verkh, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, company name when you create an account
  • Domain Information: Domain names you add to monitor
  • Payment Information: Billing details processed by our payment provider (we do not store full card numbers)
  • Communications: Messages you send to us via support channels

2.2 Information Collected Automatically

  • DMARC Reports: Aggregate and forensic reports sent to your Verkh-provided email address
  • DNS Records: Public DNS records for domains you monitor
  • Usage Data: How you interact with our platform (pages visited, features used)
  • Device Information: Browser type, IP address, device identifiers

3. How We Use Your Information

We use collected information to:

  • Provide and maintain our DMARC monitoring services
  • Process DMARC reports and display authentication status
  • Send alerts about authentication failures or DNS changes
  • Generate remediation recommendations
  • Process payments and manage subscriptions
  • Respond to support requests
  • Improve our platform and develop new features
  • Send service-related communications
  • Comply with legal obligations

4. Legal Basis for Processing (GDPR)

For users in the European Economic Area (EEA), we process personal data based on:

  • Contract Performance: To provide services you've requested
  • Legitimate Interests: To improve our services and prevent fraud
  • Consent: For marketing communications (where applicable)
  • Legal Obligation: To comply with applicable laws

5. Data Sharing

We do not sell your personal information. We may share data with:

  • Service Providers: Cloud hosting (Cloudflare), payment processing, analytics
  • Partners: If you use Verkh through a reseller/partner, they may access your account data
  • Legal Requirements: When required by law or to protect our rights
  • Business Transfers: In connection with mergers, acquisitions, or asset sales

6. Data Retention

We retain your data for as long as your account is active or as needed to provide services. DMARC report data is retained according to your plan's data retention limits (30 days to unlimited). After account deletion, we may retain certain data for up to 90 days for legal and audit purposes.

7. Your Rights

7.1 GDPR Rights (EEA Users)

You have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate personal data
  • Erasure: Request deletion of your personal data
  • Portability: Receive your data in a portable format
  • Restriction: Limit how we process your data
  • Object: Object to certain types of processing
  • Withdraw Consent: Where processing is based on consent

7.2 CCPA Rights (California Residents)

California residents have the right to:

  • Know: What personal information we collect and how it's used
  • Delete: Request deletion of your personal information
  • Opt-Out: Opt out of the sale of personal information (we do not sell data)
  • Non-Discrimination: Not be discriminated against for exercising your rights

7.3 Exercising Your Rights

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days (or 45 days for CCPA requests).

8. Data Security

We implement industry-standard security measures including:

  • Encryption in transit (TLS) and at rest
  • OAuth-based authentication
  • Role-based access control
  • Regular security assessments
  • Cloudflare's enterprise-grade infrastructure

9. International Data Transfers

Your data may be processed in countries outside your residence. We use Cloudflare's global network, which may involve data transfers to various jurisdictions. We ensure appropriate safeguards are in place for international transfers, including Standard Contractual Clauses where required.

10. Children's Privacy

Verkh is not intended for use by individuals under 16. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately.

11. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date. Continued use of Verkh after changes constitutes acceptance of the updated policy.

12. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us at:

Verkh, LLC

Email: [email protected]

For GDPR-related inquiries, you may also lodge a complaint with your local supervisory authority.