← Back to DMARC Digest

Privacy Policy

Effective date: June 30, 2026  ·  Last updated: June 30, 2026

GDPR · CCPA · NIST SP 800-53 Compliant
Plain-language summary: You upload your DMARC XML reports. We parse them, generate a summary using AI, and produce a PDF. The files and PDF are deleted within 1 hour. We do not store, sell, or share your email routing data with anyone (except the AI model that generates the narrative — see below).

What We Process

What We Do Not Collect

Third-Party AI Processing

Aggregated statistics from your DMARC report (domain name, message counts, pass/fail rates, and anonymous sender IP data) are sent to Anthropic's Claude API to generate the narrative section of your report. Raw XML files are never sent — only structured summary data.

Anthropic's handling is governed by their Privacy Policy. If your reports contain sensitive internal IP infrastructure, consider reviewing Anthropic's API data use policy before uploading.

Data Retention

Your Rights (GDPR / CCPA)

Because we do not retain your uploaded data or link it to an identity, there is no persistent personal data to access or delete. Contact us if you have concerns — we will respond within 72 hours.

Security Controls

Compliance

Contact

Security issues or privacy concerns: privacy@dmarcdigest.app