Privacy Policy

Last updated: 2026-06-04

1. Who we are

Yahoogle is operated by AVBoost Agency. This policy explains how we collect, use, and protect data when you use Yahoogle to audit your sending domain's email deliverability compliance.

2. Data we collect

From you (the sender)

  • Account email address and authentication credentials (WorkOS).
  • Sending domain(s) you submit for audit.
  • ESP connection credentials — Mailchimp OAuth token (scope: reporting:read) or Brevo API key. All credentials are encrypted at rest.
  • Billing information processed by Stripe (we do not store raw card data).

From DNS resolution and ESP APIs

  • Public DNS records for your domain: SPF TXT record, DKIM public key (selector you specify), DMARC TXT record, BIMI DNS record. These are public records — no authentication required.
  • Email headers from messages you submit for List-Unsubscribe analysis.
  • 14-day aggregate complaint rate from your Mailchimp or Brevo account, via reporting:read scope only. We do not access subscriber lists, contact emails, campaign content, or any personally-identifiable data about your subscribers.

Managed unsubscribe endpoint (Standard plan)

  • When a subscriber triggers your managed RFC 8058 unsubscribe endpoint, we log a token hash (not the raw JWT) and a normalized action event to the audit ledger. The raw token is never logged. Unsubscribe events are proxied to your ESP and are not retained beyond the audit ledger (30-day rolling window).

3. How we use data

  • To run DNS, header, and complaint-rate audits for your domain(s).
  • To generate letter grades (A–F) and registrar-specific DNS fix copy.
  • To operate the managed unsubscribe endpoint and proxy unsubscribe events to your ESP.
  • To display scorecard history and trend data in your dashboard.
  • To operate billing, support, and service notifications.

4. Data storage and security

  • All data stored in EU (Hetzner Falkenstein, Germany).
  • Row-level security enforced per account (tenant) in Postgres. All yahoogle_* tables use FORCE ROW LEVEL SECURITY.
  • ESP credentials encrypted at rest.
  • SSRF-guarded DNS scanner — no internal network access.
  • Unsubscribe endpoint: raw JWT token path never logged (token hash + normalized error kind only).
  • HTTPS enforced on all endpoints.

5. Data retention

  • Full audit scan detail: retained while your account is active, deleted 90 days after account closure.
  • Aggregated scorecard statistics (no PII): retained indefinitely for trend display.
  • Unsubscribe event ledger: 30-day rolling window.
  • Account data: retained until you request deletion.

6. Third-party services

  • Mailchimp — complaint rate data via reporting:read OAuth scope. Governed by Mailchimp's privacy policy.
  • Brevo — complaint rate data via API key. Governed by Brevo's privacy policy.
  • WorkOS — authentication. Governed by WorkOS's privacy policy.
  • Stripe — payment processing. Governed by Stripe's privacy policy.

7. Your rights (GDPR)

You may request access to, correction of, or erasure of your data at any time. Email [email protected]. We will respond within 30 days.

8. Cookies

We use a session cookie for authenticated dashboard access only. No advertising or tracking cookies.

9. Contact

Questions about this policy: [email protected]