DMARC (Domain-based Message Authentication, Reporting & Conformance) is an email authentication protocol defined in RFC 7489 that builds upon SPF and DKIM to provide protection against email spoofing and phishing attacks.

What are RUA and RUF reports?

RUA (Aggregate Reports) provide daily summaries of email authentication results, while RUF (Forensic Reports) provide real-time failure reports with message samples when DMARC authentication fails.

How does DMARC prevent phishing?

DMARC prevents phishing by authenticating email messages using SPF and DKIM, then applying policy actions (none, quarantine, or reject) to messages that fail authentication, preventing spoofed emails from reaching recipients.

Back to home

DMARC Shield

Privacy Policy

Last updated: 7/31/2025

1. Introduction

DMARC Shield ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our email security monitoring service.

2. Information We Collect

Account Information

Name and contact information (email address, company details)
Job title and company size (for service customization)
Account credentials (securely hashed passwords)
Subscription and billing information

Domain and Email Data

Domain names you add to our platform
DNS record configurations (SPF, DKIM, DMARC)
DMARC aggregate reports from your domains
Email authentication results and metadata
Sender IP addresses and reputation data

Usage Information

Log data (IP addresses, browser type, access times)
Feature usage and interaction patterns
Performance metrics and error reports
Support communications and feedback

3. How We Use Your Information

Service Delivery

Monitor your domains for DMARC compliance and threats
Generate reports and analytics dashboards
Provide threat intelligence and security recommendations
Send notifications about security events and policy failures

Account Management

Create and maintain your user account
Authenticate your access to the platform
Process billing and subscription management
Provide customer support and technical assistance

Service Improvement

Analyze usage patterns to improve our platform
Develop new features and security capabilities
Conduct research on email security trends
Optimize system performance and reliability

4. Information Sharing and Disclosure

We do not sell your personal information. We may share your information only in the following circumstances:

Service Providers: With trusted third-party vendors who assist in operating our service (hosting, analytics, customer support) under strict confidentiality agreements.

Legal Requirements: When required by law, regulation, or court order, or to protect our rights, property, or safety.

Business Transfers: In connection with a merger, acquisition, or sale of assets, with proper notice to users.

Aggregated Data: We may share anonymized, aggregated threat intelligence data to improve email security industry-wide.

5. Data Security

We implement comprehensive security measures to protect your information:

Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
Access Controls: Role-based access with multi-factor authentication
Infrastructure: SOC 2 compliant hosting with regular security audits
Monitoring: 24/7 security monitoring and incident response
Backup: Regular encrypted backups with disaster recovery procedures

6. Data Retention

Account Data: Retained while your account is active and for 90 days after deletion to allow for account recovery.

DMARC Reports: Stored for up to 2 years to provide historical analysis and trend identification.

Logs and Analytics: Retained for 1 year for security monitoring and service improvement purposes.

Threat Intelligence: Anonymized threat data may be retained indefinitely for security research purposes.

7. Your Privacy Rights

You have the following rights regarding your personal information:

Access: Request a copy of your personal data we hold
Correction: Update or correct inaccurate information
Deletion: Request deletion of your account and associated data
Portability: Export your data in a machine-readable format
Restriction: Limit how we process your information
Objection: Object to certain types of processing

To exercise these rights, contact us at business@dmarcshield.io.

8. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. We ensure appropriate safeguards are in place, including standard contractual clauses and adequacy decisions, to protect your data during international transfers.

9. Cookies and Tracking

We use cookies and similar technologies for:

Authentication and session management
Preference storage and user experience
Analytics and performance monitoring
Security and fraud prevention

You can control cookie settings through your browser preferences.

10. Third-Party Services

Our service may integrate with third-party providers for:

DNS and domain verification services
Threat intelligence feeds
Email delivery and notifications
Analytics and monitoring tools

These integrations are subject to their respective privacy policies.

11. Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware of such collection, we will delete the information immediately.

12. Changes to This Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes via email or through our platform. Your continued use of our service after changes become effective constitutes acceptance of the updated policy.

13. Contact Us

If you have questions about this Privacy Policy or our privacy practices, contact us:

Email: business@dmarcshield.io

Website: dmarcshield.io

For data protection inquiries, please include "Privacy Policy" in the subject line.

This Privacy Policy is designed to help you understand how DMARC Shield collects, uses, and protects your information. We are committed to maintaining the highest standards of data privacy and security.