Terms of Service

1.Agreement to These Terms

By creating an account, accessing, or using the Service in any way, you agree to be bound by these Terms and by our Privacy Policy, which is incorporated here by reference. If you do not agree to these Terms, you must not access or use the Service.

You represent that you are at least 16 years old and have the legal capacity to enter into this agreement. If you are using the Service on behalf of a company, organization, or other entity, you represent that you are authorized to bind that entity to these Terms, and "you" refers to both you and that entity.

These Terms apply to spamcipher.com, our applications, our APIs, our integrations, and all related products and services that link to or reference them.

2.The Service

SpamCipher is an email deliverability intelligence platform. Depending on your plan, the Service may include email address validation, an email finder, domain health checks, DMARC, blacklist, and sender-reputation monitoring, and spam content analysis, together with API access and integrations with third-party services.

The Service provides signals, analysis, and recommendations to help you improve email deliverability. It does not guarantee that any message will be delivered, that any address is valid, or that any result is correct, because deliverability and verification are inherently probabilistic. You are responsible for the decisions you make based on the Service.

3.Accounts

To use most features you must register for an account. You agree to provide accurate, current, and complete information and to keep it up to date. You are responsible for all activity that occurs under your account.

You are responsible for safeguarding your login credentials and any API keys or tokens issued to you. You must keep them confidential and must not share them. Notify us promptly at [email protected] if you suspect any unauthorized access to or use of your account. We are not liable for any loss arising from unauthorized use of your account caused by your failure to protect your credentials.

4.Acceptable Use

You agree to use the Service lawfully and responsibly. You must not, and must not permit anyone else to:

• Use the Service to send, facilitate, or support spam, unsolicited bulk email, or any unsolicited messaging;
• Upload, submit, or process email lists or contact data that you do not have a lawful basis, permission, or required consent to process;
• Use the Service for any illegal, infringing, deceptive, harassing, or otherwise harmful purpose, or to process unlawful or infringing content;
• Reverse engineer, decompile, scrape, or attempt to derive the source code of the Service, or use the Service to build or populate a competing product or database;
• Resell, sublicense, rent, lease, or otherwise share access to the Service except as expressly permitted in writing by us;
• Introduce malware, viruses, or any malicious or disruptive code into the Service;
• Attempt to gain unauthorized access to the Service, other accounts, or our systems or networks;
• Probe, scan, overload, interfere with, or disrupt the integrity or performance of the Service or its infrastructure; or
• Violate any applicable anti-spam or data-protection law, including CAN-SPAM, Canada's Anti-Spam Legislation (CASL), and the GDPR and ePrivacy rules.

We may investigate suspected violations and may suspend or terminate access for conduct we reasonably believe violates these Terms or applicable law.

5.Your Data and How We Handle It

This section summarizes how we handle the data you give us and the data we collect when you use the Service. Our Privacy Policy contains the full detail and controls in case of any conflict on data-handling matters.

What we collect

We collect: your account information (such as name, email, and company details); billing information processed through Stripe (we do not store full payment card numbers); the email lists and contact data you submit to be validated, found, or processed ("Customer Data"); the domains and sending IPs you add for monitoring; the DMARC aggregate reports you route to us; OAuth tokens and the authorized data from any accounts you connect; and usage, device, and log data generated when you use the Service.

How we keep it

We store Customer Data encrypted and retain it only as long as needed to provide your results. You can delete uploaded lists and results at any time from your account, and we delete uploaded lists within 30 days unless you ask us to keep them longer. We keep account and billing data while your account is active and for a limited period afterward to meet legal, tax, and accounting requirements. We protect data using TLS in transit, encryption at rest, and access controls limiting who can reach systems and data.

Who we share it with

We do not sell personal data. We use trusted sub-processors that process data only on our instructions and under contract, including Stripe (payments), Google Cloud Platform (hosting), Cloudflare (CDN, DNS, and security), email and deliverability infrastructure providers (deliverability testing), and AI providers (limited data only, contractually prevented from training their models on it, and never used for advertising). We may also disclose data where required by law or to protect rights and safety, and in connection with a business transfer such as a merger or acquisition.

Connected mailboxes for Inbox Warm-up

Inbox Warm-up gradually builds the sending reputation of a mailbox you connect by sending a small, controlled volume of warm-up messages from that mailbox, on your behalf, to the seed inboxes we operate. You can connect a Google (Gmail / Google Workspace), Microsoft (Outlook / Microsoft 365), or any standard IMAP/SMTP mailbox, using either OAuth or an app-specific password — whichever you prefer.

However you connect, SpamCipher uses that access solely to send these warm-up messages. With Google, OAuth requests only the “Send email on your behalf” permission (the https://www.googleapis.com/auth/gmail.send scope); with Microsoft it requests only SMTP.Send; app-password connections are used only to authenticate an SMTP send. None of these grant read access — we never read, scan, index, store, or otherwise access the contents of your mailbox for any other purpose. Whether each warm-up message reaches the inbox or spam is determined on our own receiving seed inboxes, not in your mailbox. You can adjust, pause, disable, or disconnect warm-up at any time, which revokes our access and stops all sending. Separately, optional reputation monitoring may use Google’s read-only postmaster.readonly scope to read aggregate Gmail Postmaster statistics for domains you own (statistics only, never message content).

Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. For both Google and Microsoft data we do not sell or transfer the data, do not use it for advertising, do not allow humans to read it except with your consent, for security, to comply with law, or in aggregated and anonymized form, and do not use it to train generalized AI or machine-learning models. OAuth tokens and any stored mailbox credentials are encrypted at rest. You can revoke access at any time from your Google or Microsoft account, or by disconnecting the mailbox inside SpamCipher. The specific data we access and how we protect it is described in our Privacy Policy.

Ownership and roles

As between you and us, you own your Customer Data. You grant us the limited, non-exclusive rights necessary to host, process, and transmit Customer Data solely to provide the Service to you. For Customer Data, you act as the data controller and we act as the data processor under our Data Processing Agreement, which is available to business customers on request and which (together with our GDPR commitments) governs that relationship.

6.Your Responsibilities and Warranties

You represent and warrant that you have the lawful basis, rights, and any consent required to submit and process the lists, contacts, domains, and other data you put through the Service, and that doing so does not violate the rights of any third party.

You agree to comply with all laws that apply to your use of the Service, including anti-spam laws such as CAN-SPAM and CASL and data-protection laws such as the GDPR and ePrivacy rules. You are solely responsible for how you interpret and use the results the Service provides, including any decision to send, suppress, or retain email addresses.

7.Fees, Billing, and Refunds

Paid plans are billed through Stripe. The fees, billing frequency, and any usage limits applicable to your plan are presented at the time of purchase. By subscribing, you authorize us and Stripe to charge your payment method on a recurring basis until you cancel.

Subscriptions automatically renew at the end of each billing period unless you cancel before the renewal date. Fees are stated exclusive of taxes, and you are responsible for any applicable sales, use, VAT, or similar taxes.

Except where required by applicable law or expressly stated in a specific guarantee, paid subscription fees are non-refundable, including for partial billing periods and unused features. You may cancel at any time; cancellation takes effect at the end of the current billing period, and you retain access until then.

8.Free Tools and Beta Features

We may offer free tools and beta, preview, or early-access features. These are provided "as is" and "as available", may be incomplete or change at any time, and may be modified, limited, or withdrawn without notice. We make no warranties or commitments regarding free tools or beta features, and any service levels or support obligations do not apply to them.

9.Intellectual Property

The Service, including all software, technology, models, content, designs, logos, and trademarks, is owned by SpamCipher or its licensors and is protected by intellectual property laws. We grant you a limited, revocable, non-exclusive, non-transferable, non-sublicensable license to access and use the Service for your internal business purposes, subject to these Terms.

You retain all ownership of your Customer Data. If you provide us with feedback, suggestions, or ideas about the Service, you grant us a perpetual, irrevocable, royalty-free right to use them without restriction or obligation to you.

10.Third-Party Services and Integrations

The Service may integrate with or link to third-party products and services, including Google and Microsoft mailboxes you connect through OAuth. Your use of any third-party service is governed by that third party's own terms and privacy policy, and we are not responsible for third-party services, their availability, or their handling of your data. Where you connect Google or Microsoft services, your use is also subject to those providers' applicable terms. See Your Data and How We Handle It for the scopes we request and how we use connected-mailbox data.

11.Confidentiality

Each party may receive non-public information from the other that is marked or reasonably understood to be confidential ("Confidential Information"). The receiving party will use Confidential Information only to perform under these Terms, will protect it with at least reasonable care, and will not disclose it to third parties except to its personnel and service providers who need it and are bound by similar obligations.

Confidential Information does not include information that is or becomes public through no fault of the receiving party, was already known to it without a duty of confidentiality, is independently developed, or is rightfully obtained from a third party. A party may disclose Confidential Information if required by law, provided it gives reasonable advance notice where permitted.

12.Disclaimers

The Service is provided on an "AS IS" and "AS AVAILABLE" basis. To the fullest extent permitted by law, we disclaim all warranties, whether express, implied, or statutory, including the implied warranties of merchantability, fitness for a particular purpose, title, and non-infringement.

We do not warrant that the Service will be uninterrupted, secure, or error-free, or that any result, score, or recommendation will be accurate or complete. Email deliverability and address verification are probabilistic and depend on factors outside our control. You use the Service and rely on its results at your own risk.

13.Limitation of Liability

To the fullest extent permitted by law, neither party will be liable for any indirect, incidental, consequential, special, exemplary, or punitive damages, or for any loss of profits, revenue, data, goodwill, or business opportunities, arising out of or relating to the Service or these Terms, even if advised of the possibility of such damages.

To the fullest extent permitted by law, our total aggregate liability arising out of or relating to the Service or these Terms will not exceed the total amount you paid us for the Service in the twelve (12) months immediately before the event giving rise to the claim. Some jurisdictions do not allow certain limitations, so some of these limits may not apply to you to the extent prohibited by applicable law.

14.Indemnification

You agree to defend, indemnify, and hold harmless SpamCipher and its officers, employees, and agents from and against any claims, liabilities, damages, losses, and expenses, including reasonable legal fees, arising out of or related to: (a) the data you submit or process through the Service; (b) your use of the Service; or (c) your violation of these Terms or of any applicable law or third-party right.

We will provide reasonable cooperation in the defense of any such claim, at your expense, and you will not settle any claim in a way that imposes liability or obligations on us without our prior written consent.

15.Term, Suspension, and Termination

These Terms apply for as long as you use the Service. You may stop using the Service and close your account at any time. Either party may terminate this agreement on notice as permitted here.

We may suspend or terminate your access to all or part of the Service, with or without notice, if you breach these Terms, fail to pay fees when due, or use the Service in a way that we reasonably believe is abusive, unlawful, or harmful to us, other users, or third parties.

On termination, your right to use the Service ends and we will delete or return your data in accordance with our Privacy Policy and, where applicable, our Data Processing Agreement. Provisions that by their nature should survive termination — including those on Customer Data ownership, intellectual property, confidentiality, disclaimers, limitation of liability, indemnification, and dispute resolution — will survive.

16.Changes to the Service and These Terms

We may modify, enhance, or discontinue features of the Service from time to time. We may also update these Terms. If we make material changes, we will give reasonable notice, for example by email to your account address or through an in-product notice, before they take effect.

Your continued use of the Service after a change takes effect means you accept the updated Terms. If you do not agree to the changes, you must stop using the Service and may close your account.

17.Governing Law and Dispute Resolution

These Terms are governed by the laws of the State of Delaware, USA, without regard to its conflict-of-laws rules.

If a dispute arises, you agree to first try to resolve it informally by contacting us at [email protected], and we will try in good faith to resolve it with you. If we cannot resolve a dispute within a reasonable period, it will be settled by binding individual arbitration rather than in court, except as provided below.

To the fullest extent permitted by law, you and SpamCipher agree to bring claims against each other only in an individual capacity and not as a plaintiff or class member in any purported class or representative proceeding (the "class-action waiver"). This arbitration agreement does not prevent either party from seeking injunctive or other equitable relief in court to protect its intellectual property or confidential information, or from bringing an eligible claim in small-claims court.

Depending on where you live, you may have non-waivable rights under your local law; nothing in this section limits any rights that cannot be waived under the law that applies to you.

18.General

These Terms, together with our Privacy Policy and any Data Processing Agreement or order form between us, are the entire agreement between you and SpamCipher regarding the Service and supersede any prior agreements on that subject.

• Assignment: You may not assign or transfer these Terms without our prior written consent. We may assign them in connection with a merger, acquisition, financing, or sale of assets.
• Severability: If any provision is held unenforceable, the remaining provisions stay in full force, and the unenforceable provision will be limited or replaced to the minimum extent necessary.
• Waiver: Our failure to enforce any provision is not a waiver of our right to do so later.
• Force majeure: Neither party is liable for delays or failures caused by events beyond its reasonable control, such as natural disasters, outages, acts of government, or failures of third-party infrastructure.
• Notices: We may send notices to the email address associated with your account, and you are responsible for keeping it current.
• Electronic communications (E-Sign): You consent to receive communications from us electronically, and you agree that electronic agreements, notices, and records satisfy any legal requirement that they be in writing.

Contact

If you have questions about these Terms, contact us at:

• Legal and terms: [email protected]
• Privacy and data requests: [email protected]
• General support: [email protected]