Trust + Compliance
Every data point in Veysa carries source attribution by design. This isn't a compliance feature bolted on after launch. It's how the product works. The same transparency your reps use for prospecting is what your legal team uses for data subject requests.
Every email, phone, and title shows exactly which sources contributed and when. When a data subject makes a request, we provide named-source attribution from the same data your reps already see. This is structural, not a compliance add-on.
Core to the productOne email to our DPO triggers permanent deletion across our entire infrastructure, including every customer account that ever saw the record. A SHA-256 hashed suppression list prevents re-ingestion from any source, permanently.
Automated suppressionCompliant with UAE PDPL, GDPR, and UK GDPR. Legitimate interest basis with full source transparency. EU-region data centres for EU/UK data processing.
Every email is verified via SMTP probe before it appears in your account. Confidence scores and named-source attribution on every field.
Public /opt-out page for data subjects. Automated request processing with status tracking. Deletion confirmed within 30 days.
Standard DPA available to any customer. DPO at dpo@veysa.ae. Sub-processor list available on request.
Your data stays in the EU, encrypted, and isolated from every other customer.
TLS 1.2+ on all traffic. HSTS enforced. API endpoints require authentication. Webhooks are HMAC-signed for integrity.
EU-region data centres for application and database hosting. Credentials encrypted at rest with AES-256. No customer data in application logs.
CSP headers, X-Frame-Options, rate limiting (120 req/min). Session cookies: secure, httpOnly, sameSite=lax. API docs hidden in production.
Tenant-isolated data model. Customers access only their revealed contacts. Global company graph is read-only. No cross-tenant data leakage by design.
Company data from UAE government registries is refreshed on crawl cycles. Contact data is retained while the customer account is active. On account deletion, all tenant data is permanently removed.
Data breach notification within 72 hours. Affected customers notified directly. Post-incident review published to affected parties.
Yes. Veysa is compliant with UAE PDPL, GDPR, and UK GDPR. Every data point carries named-source attribution for compliance requests. Infrastructure is hosted in the EU region.
Application hosting and database are in EU-region data centres. Payment processing via Stripe keeps EU data in the EU. AI intelligence generation uses Anthropic (US) but no personal data is stored by the AI provider.
Yes. A standard Data Processing Agreement is available to any customer, no minimum plan required. Email dpo@veysa.ae and we'll send it within 24 hours.
Veysa does not scrape LinkedIn directly. We source professional profile data through licensed third-party providers. UAE company data comes from government registries (DMCC, DLD, DFSA, DED). For any data subject request, we provide named-source attribution via your account's compliance export.
Email dpo@veysa.ae for DPA requests, data protection questions, or to discuss your specific compliance requirements.
No match = no charge · GDPR + UAE PDPL · 650,000+ companies