We treat your personal data like the toxic asset it is. The less of it we hold, the safer everyone is.
Encryption At Rest
All PII (name, address, DOB, phone, email) is stored in an isolated database with column-level AES-256 encryption. The keys are managed by AWS KMS and rotated quarterly.
Isolated PII Vault
Your sensitive fields never touch the main app database. They live in a separate vault behind a strict service boundary. The web app fetches a pseudonymous ID and only joins to PII when running a removal.
No Third-Party Sharing
We never sell, rent, or trade your data. The only third parties that see your PII are:
- The data brokers we are removing you from (so they can verify the request).
- Stripe (only the billing email and last 4 of card).
- Our infrastructure providers (AWS, encrypted in transit and at rest).
We do not run third-party analytics on signed-in pages. No Google Analytics on the dashboard. No Meta Pixel. Ever.
Jurisdiction
DeData Privacy Labs is a Delaware C-corp. Data is stored in AWS us-east-1 (Virginia). We comply with CCPA, CPRA, and the GDPR for EU residents.
Deletion
Hit Delete My Account in Settings. We purge PII within 30 days. Backups are encrypted and rotate out within 90 days.