WITNESSED.cc

Legal

Privacy Policy

Last updated: April 2026

The short version

We record only what's needed to verify that a business email was sent: the sender's domain, the recipient's domain, the timestamp, and a hash of the DKIM signature. We never see, store, or process the content of your emails. Adding the address is an explicit, voluntary act — nothing is collected without your deliberate action.

What we collect

When you Bcc seal@witnessed.cc on an email, we record:

  • Sender domainthe domain portion of your From address (e.g. acme.com)
  • Recipient domainthe domain of the primary recipient
  • Timestampwhen the email was received by our system
  • DKIM signature hasha one-way hash used to verify authenticity; the original signature is discarded

What we never collect

The following are discarded immediately upon receipt and never stored:

  • Email subject line
  • Email body
  • Attachments
  • Personal names, addresses, or contact information
  • Any content from your email

No human at Witnessed ever reads your emails. This is enforced architecturally — email content never reaches our database.

How we use this data

The data we collect is used solely to:

  • Build and display the public page for your domain at witnessed.cc/b/yourdomain
  • Compute the verified business history metrics shown on that page
  • Power the verification record that proves your business has been operational over time

We do not sell data, share it with third parties for advertising, or use it for any purpose other than the above.

Consent model

Adding the address is an explicit, voluntary act on each individual email (or a one-time mail-flow rule you configure). You are in full control of which emails contribute to your record. There is no passive collection — Witnessed only receives data when you deliberately include the address as a recipient.

Public records

These pages are public by design. The domain name, event count, and first-seen date are visible to anyone who visits the page at witnessed.cc/b/yourdomain. This is the product — the public proof of business activity. If you do not want a public record for your domain, do not include the address on any email.

Lawful basis for processing

Under the EU General Data Protection Regulation (GDPR), we rely on the following lawful bases:

  • Legitimate interests (Art 6(1)(f))building and maintaining a verified business history that allows senders to prove their domain has been operating over time, and allows recipients to evaluate that proof. We consider this interest proportionate because we store only domain-level metadata and offer a frictionless opt-out.
  • Explicit act of the senderadding the address is a deliberate action (per-email or via a one-time mail-flow rule). Nothing is collected passively.

Your rights

If you control a domain that appears in our records — as sender or as recipient — you can exercise the following rights at any time, self-serve, via witnessed.cc/rights:

  • Access (Art 15)download everything we hold about your domain as a signed JSON export
  • Erasure (Art 17)permanently delete every record referencing your domain, as sender and as recipient
  • Object / opt out (Art 21)block future ingestion without deleting the existing record
  • Rectification (Art 16)the data is observational and rarely wrong; if you believe a specific record is inaccurate, contact us
  • Portability (Art 20)the JSON export is structured and machine-readable
  • Restriction (Art 18)email us to pause processing while a dispute is resolved

Ownership of the domain is proven via a DNS TXT record — the same mechanism used to verify sender authenticity. We answer rights requests within 30 days, as required by Art 12(3).

Data retention and deletion

Your domain's history is retained for as long as the service operates, because the historical nature of the record is the product. You may purge all records at any time via witnessed.cc/rights. Erasure is permanent and irreversible.

Sub-processors

We use a small set of vendors to operate the service. Each is bound by a Data Processing Agreement and processes data only on our instructions:

  • Vercel Inc.application hosting and edge network
  • Neon Inc. (Vercel Postgres)encrypted database storage
  • Cloudflare, Inc.email routing (SMTP catch-all → Worker → our API)

We do not share data with any other third party. We do not use analytics, advertising, or fingerprinting services of any kind.

International transfers

Where data is processed outside the European Economic Area, we rely on the European Commission's Standard Contractual Clauses and the EU-US Data Privacy Framework for our US-based sub-processors. You can request a copy of these safeguards by contacting us.

Right to lodge a complaint

If you are in the EU/EEA and believe we have processed your data unlawfully, you have the right to lodge a complaint with your national supervisory authority. A list is maintained by the European Data Protection Board at edpb.europa.eu/about-edpb/about-edpb/members_en.

Infrastructure and security

Data is stored on Vercel Postgres (Neon), encrypted at rest and in transit. Access is restricted to the application layer. No employee has direct database access in production.

Changes to this policy

If we make material changes, we will update the date at the top of this page. Continued use of the service after changes constitutes acceptance.

Contact

Questions about this policy: hello@witnessed.cc