Compliance & Certifications
How EmailsThreatScan protects your data through regulatory compliance, industry standards, and transparent governance.
UK GDPR
General Data Protection Regulation
We are fully compliant with the UK General Data Protection Regulation. You have the right to access, rectify, erase, port, and object to processing of your personal data at any time.
Google API Services
User Data Policy & Limited Use
Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
AI Zero-Training Guarantee
Commercial Enterprise API Commitment
We pay for Commercial Enterprise API access for every analysis — Free and Paid — guaranteeing your email data is never used to train public AI models.
UK ICO Oversight
Information Commissioner's Office
We operate under the regulatory oversight of the UK Information Commissioner's Office. You have the right to lodge a complaint directly with the ICO at any time.
Security Measures
Technical safeguards protecting your data
Encryption In Transit
TLS 1.2/1.3 on all connections
Encryption At Rest
AES-256 for stored data & tokens
Password Hashing
Adaptive algorithms resistant to brute-force
OAuth 2.0 Tokens
Minimal-scope, revocable, encrypted at rest
Rate Limiting
Per-IP and per-user abuse prevention
Webhook Signing
HMAC-SHA256 payload verification
Corporate Governance
Our legal entity and oversight
UK Registered Company
Purple Box (UK) Ltd
Company No. 08212295
Privacy Policy
How we handle your data
Terms of Service
Usage rights & obligations
FAQ
Common questions answered
© 2026 Purple Box (UK) Ltd trading as EmailsThreatScan. All rights reserved.
77 Commercial Street, London, England, E1 6BD