Privacy Policy

IsThisValid.com (“we”, “our”, or “us”) operates a free suite of verification tools, including an email validator, a URL safety checker, a text / SMS scam detector, and a phone number checker. This Privacy Policy explains what information we collect when you use our site, how we use it, and the rights you have over your data.

We are committed to processing as little personal data as possible. We do not require accounts, logins, or registrations to use this service.

Email addresses you submit. When you enter an email address into the validation tool, that address is sent to our server solely to perform the requested validation check. We do not log or permanently store submitted email addresses. However, to avoid redundant calls to paid third-party verification APIs, a cryptographic hash (SHA-256) of a normalised version of the submitted email address may be cached in Upstash Redis for up to 7 days. This hash is one-way and cannot be used to reconstruct the original email address. The cache entry stores only the verification result (deliverable / undeliverable / disposable) alongside the hash; the raw address is never written to Redis.

URLs you submit. When you enter a URL into the URL checker, that URL is sent to our server and forwarded to the Google Safe Browsing API solely to perform a safety check. We do not store submitted URLs after the check is complete.

Text messages you submit. When you paste a text or SMS message into the scam detector, that message text is sent to our server and forwarded to the Anthropic API (see Third-Party Services below) for AI analysis. We do not permanently store the raw message text. A cryptographic hash (SHA-256) of a normalised version of the message may be cached in Upstash Redis for up to 24 hours to avoid redundant API calls for identical inputs; the hash is one-way and cannot be used to reconstruct the original message.

Phone numbers you submit. When you enter a phone number into the phone checker, that number is sent to our server for validation. If our AbstractAPI integration is enabled, the number is forwarded to AbstractAPI solely to retrieve carrier and line-status data. We do not permanently store submitted phone numbers. To avoid redundant calls to paid carrier APIs, only a cryptographic hash (SHA-256) of the E.164-normalised number may be cached in Upstash Redis for up to 30 days. This hash is one-way and cannot be used to reconstruct the original number. The cache entry stores only the carrier and line-type result; the raw number is never written to Redis.

Server logs. Like all web servers, our hosting provider (Vercel) may retain standard HTTP access logs (IP address, browser type, referring URL, timestamp) for up to 30 days for security and debugging purposes. These logs are governed by Vercel's Privacy Policy.

Cookies and local storage. We store a single cookie-consent preference in your browser's localStorage to remember whether you have accepted our cookie policy. We do not use any first-party tracking cookies ourselves.

Google AdSense. We may display advertisements served by Google AdSense in the future. If and when advertising is enabled, Google may use cookies and similar technologies to serve ads based on your prior visits to this or other websites. Google's use of advertising cookies enables it and its partners to serve ads based on your visit to our site and/or other sites on the Internet.

You may opt out of personalised advertising by visiting Google Ad Settings or www.aboutads.info. For more information, see Google's advertising policies.

Anthropic API (Claude AI). Text and SMS messages you submit to the scam detector are forwarded to the Anthropic API for AI-powered analysis. Anthropic processes this data as a subprocessor on our behalf. By default, Anthropic does not use API inputs to train its models and does not retain submitted content beyond the duration of the API request. For details, see the Anthropic Privacy Policy.

Google Safe Browsing API. URLs you submit to the URL checker are forwarded to the Google Safe Browsing API to detect known phishing and malware sites. Google processes this data as a subprocessor. See the Google Privacy Policy for details.

AbstractAPI (Phone). When our AbstractAPI integration is enabled, phone numbers you submit to the phone checker are forwarded to AbstractAPI solely to retrieve carrier name, line type, ported status, and line-active information. AbstractAPI processes this data as a data processor on our behalf. For details, see the AbstractAPI Privacy Policy.

Upstash Redis. We use Upstash Redis to enforce rate limits and to cache results for the email validator, phone checker, and AI text analysis tool. Email verification results are cached as one-way SHA-256 hashes with a 7-day TTL. Phone carrier results are cached as one-way SHA-256 hashes with a 30-day TTL. AI analysis results are cached as one-way SHA-256 hashes with a 24-hour TTL. No personally identifiable information is written to Upstash in a form that can be reconstructed. See the Upstash Privacy Policy.

ZeroBounce API. When our ZeroBounce integration is enabled (preferred provider), email addresses you submit may be forwarded to the ZeroBounce email verification API solely to perform SMTP deliverability verification. ZeroBounce processes this data as a data processor on our behalf. For details, see the ZeroBounce Privacy Policy.

Emailable API. If our Emailable integration is enabled, email addresses you submit may be forwarded to the Emailable email verification API (Emailable Privacy Policy) solely to perform deliverability verification. Emailable processes this data as a data processor on our behalf. No other data is shared.

Our site may set the following cookies or local storage entries:

You can disable cookies at any time via your browser settings. Disabling advertising cookies will not affect the core functionality of our validation tools.

If you are located in the European Economic Area, United Kingdom, or California, you have the following rights regarding your personal data:

• Access — you can request a copy of any personal data we hold about you.
• Deletion — you can request deletion of your personal data. Because we do not permanently store any submitted data (email addresses, URLs, messages, or phone numbers) in a recoverable form, there is typically nothing to delete. If Vercel access logs contain your IP address, those are governed by Vercel's data retention policy (up to 30 days).
• Opt-out of sale — we do not sell personal data to third parties.
• Object to processing — you can withdraw consent for advertising cookies at any time via the cookie banner or your browser settings.
• Portability — you can request a copy of any personal data we hold in a structured, machine-readable format, where technically feasible.
• Rectification — you can request correction of any inaccurate personal data we hold about you.
• Lodge a complaint — you have the right to lodge a complaint with your local data protection authority (DPA) if you believe we have processed your personal data unlawfully.

To exercise any of these rights, contact us at [email protected].

This service is not directed at children under the age of 13 (or 16 in the EEA). We do not knowingly collect personal data from children. If you believe a child has submitted personal data to us, please contact us immediately at [email protected].

We do not permanently store email addresses, phone numbers, URLs, or text messages entered into any of our tools. Email verification results are cached as one-way SHA-256 hashes in Upstash Redis for up to 7 days; the hash cannot be used to recover the original address. Phone carrier results are cached as one-way SHA-256 hashes for up to 30 days; the hash cannot be used to recover the original number. A short-lived cache entry (24-hour TTL) derived from a one-way hash of submitted text messages may also be retained in Upstash Redis solely to avoid redundant AI calls; it cannot be used to recover the original text. Server access logs retained by Vercel are deleted within 30 days. Cookie consent preferences stored in your browser persist until you clear your browser storage.

Affiliate links. Some pages on IsThisValid.com display affiliate links to third-party products or services, such as email validation and online security tools. If you click an affiliate link and make a purchase, we may earn a commission at no additional cost to you. Affiliate links are shown contextually after certain tool results and are always labeled as such.

We do not share any personal data or submitted information with affiliate partners. Affiliate links are provided for convenience and do not constitute an editorial recommendation. For questions about affiliate links, contact us at [email protected].

We may update this Privacy Policy from time to time. The “Last updated” date at the top of this page will reflect any changes. Continued use of the site after changes constitutes acceptance of the updated policy.

For privacy-related questions or requests, contact us at: [email protected]