Privacy Policy

Last Updated: April 15, 2019


Validity Holdings, Inc. and its subsidiaries, including Validity, Inc. (“Validity,” “We,” “Our,” “Us”) we respect your privacy rights and value your trust. This Privacy Policy describes how we collect, receive, use, store, share, transfer, and process your personal information, as well as your rights in determining what we do with the information that we collect or hold about you.

This Privacy Statement (“Privacy Policy”) governs the personal information Validity collects in connection with the use of Validity’s products, applications, and services (“Service Offerings”). By using the Service Offerings, you accept and agree to the practices that this Privacy Policy describes.


When you use the Service Offerings, we may collect and use personal information about you, as well as other information “Personal Information” may include your name, email address, and other similar information that can be used to identify you. We also may collect usage information, which is information generated automatically as you navigate through the Service Offerings. More specifically, we may collect:

  • Details of your access to the Service Offerings. Some parts of our Service Offerings use cookies and other technologies to collect information about your general internet usage. See the section below titled “How We Use Tracking Technologies” to learn more.
  • Information that you provide directly to us by filling in forms on our Service Offerings, including your name, email address, street address, telephone number, or other information.
  • Information provided when you communicate with us for any reason, including information you provide in any emails to us.


We use the information we collect from you primarily to enable us to provide our Service Offerings, based on your consent, to perform Validity’s business purpose, or otherwise on Validity’s legitimate interest in providing andmaking such Service Offerings available to you in the best possible manner. In addition, your information may be used for the following purposes:

  • To identify repeat visitors to our Service Offerings and to customize our content for each individual visitor; 
  • To register customer
  • To manage relationship with customer
  • To improve the content of our Service Offerings and its associated services and products;
  • To deliver interest-based content to you, including marketing and advertising material;
  • To carry out research on customer demographics, interests and behaviors; and
  • To administer our Service Offerings, including by monitoring and analyzing traffic and usage patterns.

If we ask you to provide your personal information, we will advise you upon collection whether the provision of your personal information is mandatory. If we ask for personal information through one of our registration pages, you will have the option of not providing the information, in which case you may still be able to access other portions of the Site, although you may not be able to access the Services Offerings in its entirety. If you have any questions or would like more information regarding the legal basis on which we collect your personal information, please contact us at [email protected]


We and our vendors, consultants, agents, and other service providers (collectively, “Service Providers”) may collect and store your usage information in log files as well as through the use of cookies, web beacons, pixel tags, embedded scripts, and other tracking technologies now and hereafter developed (“Tracking Technologies”). We use Tracking Technologies to, among other things, better serve you with more tailored information for our services, and for those of third parties, facilitate your ongoing access to and use of the Site, and collect and store information about your use of the Service Offerings.

A “cookie” is a small computer file that is sent to your computer when you visit a website. When you visit the website again, the cookie allows that site to recognize your browser. Cookies may store user preferences and other information. You can reset your browser to refuse all cookies or to indicate when a cookie is being sent. We make removing our cookie easy for any user who wishes to do so. Users that do not want our personalized advertisements should email [email protected] with the subject “COOKIES AND WEB BEACON REMOVAL.”

Do Not Track
Certain browsers like Internet Explorer, Firefox and Safari offer a “Do Not Track” or “DNT” option that sends a signal to websites visited by the user about the user’s browser DNT preference setting. Because uniform standards for “Do Not Track” have not been established, Validity does not process or respond to “Do Not Track” signals.


We understand and comply with all responsibilities outlined in the General Data Protection Regulation. To the extent we process any personal information on your behalf,
Validity protects all information provided as outlined in this Privacy Policy and Data Processing Addendum.


We participate in and have certified compliance with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework. We are committed to subjecting all personal information received from European Union (EU) member countries and Switzerland, respectively, in reliance on each Privacy Shield Framework, to the Framework’s applicable Principles. To learn more about the Privacy Shield Frameworks, and to view our certification, visit the U.S. Department of Commerce’s Privacy Shield List.

We are responsible for the processing of personal data it receives, under the Privacy Shield Framework, and subsequently transfers to a third party acting as an agent on its behalf. Validity complies with the Privacy Shield Principles for all onward transfers of personal data from the EU and Switzerland, including the onward transfer liability provisions.

With respect to personal information received or transferred pursuant to the Privacy Shield Framework, Validity is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at

Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.


In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. We may also disclose your personal information as required
by law, such as to comply with a subpoena or other legal process, when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.


We place great importance on the security of all personal information associated with our customers. We use commercially suitable physical, electronic, and managerial procedures to safeguard and secure the information we collect. These procedures
include, but are not limited to, firewalls, encryption, intrusion detection, and Service Offerings monitoring. We also limit access to any personal information we receive to authorized personnel that need access in order to perform their jobs.
However, no data protection procedures are entirely infallible. As a result, while we strive to protect your personal information, we cannot guarantee that it will be 100% secure.


We may collect and retain any information learned as a part of the provision of the Services Offerings and will use this information to improve system performance, provide fraud management services, and protect users of the Services Offerings.

  • Authentication and Fraud Detection: In order to help protect you from fraud and misuse of your personal information, we may collect information about you and your interactions with our Service Offerings. We may also evaluate your computer, mobile phone or other access device to identify any malicious software or activity.
  • Mobile Privacy: We may offer you the ability to connect with our sites, or use of our applications, services, and tools using a mobile device, either through a mobile application or via a mobile optimized website. The provisions of this Policy apply to all such mobile access and use of mobile devices. This Privacy Policy will be referenced by all such mobile applications or mobile optimized websites.

When you use our mobile applications, or access one of our mobile optimized sites, we may receive information about your location and your mobile device, including a unique identifier for your device. Most mobile devices allow you to control or disable location services in the device's settings menu. If you have questions about how to disable your device's location services, we recommend you contact your mobile service carrier or the manufacture of your particular device.


We may share your personal information with trusted third parties or our affiliates to:

  • Assist us in providing our services to you, including by acting on our behalf to send postal mail and email, remove repetitive information from mailing lists, analyze data, provide marketing assistance, process credit card payments, and provide website assistance;
  • Compile statistics and reports regarding our audience and the visitors of our Service
  • Offerings and services; or
  • Deliver interest-based emails.

Such third parties have access to Personally Identifiable Information as needed to perform their functions, but they are not allowed to use it for other purposes. We do not sell or rent Personally Identifiable Information collected through our Service Offerings to anyone.

Amazon Web Services (“AWS”) provides cloud hosting solutions to Validity. Validity stores information on data subjects obtained (as a Controller) and information on data subjects supplied by Controllers (as a Processor) in AWS facilities. AWS is considered a sub-processor of Validity and, as such, AWS has a Data Processing Addendum (DPA) outlining AWS’ obligations in place.

If you wish to not have your personal information used or disclosed to third-parties you may opt-out by sending us an email to [email protected] or [email protected].

Other Circumstances: We may disclose your personal information to third parties if we have a good faith belief that disclosure is necessary to:

  • Comply with applicable laws, regulations, legal process (such as a subpoena), or enforceable government request; or
  • Protect against harm to our rights, property, or safety, our visitors, or the public as required or permitted by law; or
  • Fulfill our obligations as part of any actual or proposed purchase, merger or acquisition of any part of our business, provided that use of such Personally Identifiable Information shall be limited to those purposes disclosed in this Privacy Policy.


The transmission of data from the Service Offerings occurs in the United States (“US”). By using the Service Offerings, you are consenting to the transfer of your personal information to the US. We only engage in transfers of personal data outside the European Economic Area (“EEA”) to a country whose data protection laws have not been approved by the European Commission as providing adequate protection for data subjects’ rights if there is an adequate level of protection for the rights of data subjects. For example, since Validity is headquartered in the United States (US), Validity entities in the EEA may need to send your personal information to our servers located in the US for legitimate business purposes. In assessing adequacy, we consider general adequacy criteria and legal adequacy criteria. If our assessment of the ‘general adequacy criteria’ reveals that, in the particular circumstances of the case, the risk to the rights of data subjects associated with the transfer is low, we may consider that an exhaustive analysis of the ‘legal adequacy criteria’ may not be necessary. If a high risk is identified, then a more comprehensive investigation of the legal adequacy criteria would be carried out. The criteria we consider in making the assessment is as set out below:

General Adequacy Criteria:

• The nature of the personal data;
• The purposes for which the data is intended to be processed;
• The period during which the data is intended to be processed;
• The country or territory of origin of the information
contained the data;
• The country or territory of the final destination of the information;
• Any security measures taken in respect of the data in the country or territory of destination.

Legal Adequacy Criteria:

• The law in force in the country or territory in question;
• The international obligation of the recipient country or territory;
• The rules or codes of practice which govern the processing of personal data in the third country.
• If adequacy is established by way of our assessment, then we would proceed with the transfer of the data. If adequacy is not established by way of our assessment, then we would seek to enter into a contractual relationship with the data
controller or data processor in question to ensure that the security of the data is maintained to our required standards before any transfer takes place.


We may retain your information for as long as your account is active or as needed to provide you services, comply with our legal obligations, resolve disputes and enforce our agreements.


Our Service Offerings are designed and intended for those who are at least 18 years old. By using our Service Offerings, you affirm that you are at least 18 years of age or older. We are not liable for any damages that may result from a visitor’s misrepresentation of age. No one under age 13 is authorized to submit any information, including Personally Identifiable Information, on our Service Offerings or website. Under no circumstances may anyone under age 13 use our Service Offerings. Parents or legal guardians of children under age 13 cannot consent to these terms on their behalf.


We implement a variety of security measures to maintain the safety of your personal information when you register for a Validity account or supply us with data for verification purposes. All credit card information provided during sign-up is transmitted via Transport Layer Security (TLS) technology and encrypted in our payment gateway providers' database. This information is only accessible by those with special access rights to such systems. Anyone with this access is required to keep this information confidential. Any credit card information supplied will be kept on file in order to process future payments rendered. Credit card information may be deleted at any time should you choose to stop such services by sending a written request to [email protected]


You may access, correct, or request deletion of the personal information we collect about you at any time by contacting us [email protected] Please put “REVIEW MY INFORMATION” in the subject line. We will respond to your request within a reasonable timeframe. If your information has been shared with a third party, as described elsewhere in this Privacy Policy, then that third party has received its own copy of your data. If you have been contacted by one of these third parties and wish to correct or delete your information, please contact them directly.

European Union Residents
If you are a European citizen, you have the right to request that we:

  • Provide you with information regarding whether we process your data, including any details related to such processing;
  • Correct any inaccurate data we may have about you without undue delay;
  • Complete any incomplete information that we may have about you;
  • Under certain circumstances, erase your personal information without undue delay;
  • Under certain circumstances, be restricted from processing your data;
  • Under certain circumstances, furnish you with the personal data which you provide us within a structured commonly used and machine-readable format.

Where we process your information solely on the basis of your consent, European citizens have the right to withdraw consent to our processing at any time. This will not affect the lawfulness of our processing before the withdrawal. European citizens also have the right to lodge a complaint with their data protection supervisory authority at any time.

The exercise of the above rights may be subject to certain conditions and we may require further information before we can respond to your request.
California Residents

If you reside in California, you have the right to ask us one (1) time each year if we have shared personal information with third parties for their direct marketing purposes. At the present time we do not release information to third parties for
marketing purposes. To make a request, please send us an email [email protected]. Please put “SHINE THE LIGHT INQUIRY” in the subject line.

You may opt out of receiving promotional communications from us by using the unsubscribe link within each email, updating your email preferences within your Service Offering account settings menu, or by contacting us at [email protected] to have your contact information removed from our promotional email list or registration database. Even after you opt out from receiving promotional messages from us, you will continue to receive transactional messages from us regarding our Service Offering.

We update the Privacy Policy from time to time, so please review it regularly. If we materially change our Privacy Policy, we will notify you by posting a notice during the log-in process. Your continued use of the Service Offerings will be deemed your agreement that your information may be used in accordance with the new Privacy Policy. If you do not agree with the changes, then you should stop using the Service Offerings and notify us that you do not want your information used in accordance with the changes.


We welcome any questions, comments, or concerns you may have regarding this Privacy Policy. Please do not hesitate to contact us as follows:

Validity, Inc.
Attn: Legal Department
200 Clarendon Street
Boston, MA 02116
(888) 724-9755
[email protected]



BriteVerify email verification ensures that an email address actually exists in real-time


The #1 global data quality tool used by thousands of satisfied Salesforce administrators


The only real-time integrated duplication blocker used by Salesforce administrators


The most productive user experience in the Salesforce ecosystem



Leading the industry in preventing duplicate records when importing massive lists or trade show contacts

Return Path

World-class deliverability and unique applications to optimize email marketing programs

Trust Assessments

A revolutionary new solution for assessing Salesforce data quality


Validity for Email

Increase inbox placement and maximize subscriber reach with clean and actionable data

Validity for Data Management

Simplify data management with solutions that improve data quality and increase CRM adoption

Validity for Sales Productivity

Give your sales team back hours per day with tools designed to increase productivity and mitigate pipeline risks in real-time