DMARC Dashboard Back to secure access

Legal

Privacy Policy

This Privacy Policy explains how Stefan Lenders, operating as Lenders-IT, handles personal data in connection with the DMARC Dashboard application.

Effective date: June 11, 2026

1. Data we process

Depending on how you use the application, the service may process account information, login and security data, IMAP mailbox connection details, DMARC aggregate report data, and technical logs generated to operate and secure the service.

  • User profile information such as name, email address, and account preferences.
  • Authentication and security data, including password hashes, two-factor settings, and passkey metadata.
  • IMAP account configuration, including encrypted mailbox credentials stored by the application.
  • DMARC report content imported from configured mailboxes, including sender domains, aggregate authentication results, and related metadata.
  • Operational logs used for troubleshooting, security monitoring, and service reliability.

2. Why we process data

Data is processed only as needed to authenticate users, connect to mailboxes, import DMARC reports, display analytics, secure accounts, and maintain the service.

3. How mailbox and DMARC data is used

The application reads messages from configured IMAP folders to identify DMARC aggregate reports. Relevant XML payloads are parsed and stored so the dashboard can present authentication and delivery insights. Messages may be moved to configured processed or error folders as part of mailbox housekeeping.

4. Security measures

Reasonable technical measures are used to protect stored data, including encrypted storage for sensitive credentials, authenticated access controls, and optional multi-factor authentication features.

5. Data retention

Data is retained only for as long as it is needed for service operation, reporting history, security, backup, or legal compliance. Retention periods may vary depending on account settings and operational requirements.

6. Sharing of data

Personal data is not sold. Data may be disclosed only when necessary to provide the service, comply with legal obligations, investigate abuse, or protect the rights, property, and security of the operator or users.

7. Your choices and rights

Subject to applicable law, you may request access to, correction of, or deletion of your personal data, and you may request additional information about how your data is handled.

8. Policy updates

This policy may be updated from time to time to reflect operational, legal, or product changes. The latest version will be published on this page.