Security & Compliance
Dealyv is built to meet global data‑protection standards and compliance requirements.
We comply with GDPR and CCPA. All data is encrypted at rest and in transit. Lead data is processed within the EU, and we maintain strict controls over sub-processors.
Encryption by Default
All data is encrypted at rest (when stored on our servers) and in transit (when moving over the network). We only use secure connections for data transmission.
Data Residency
Primary hosting in EU regions with jurisdiction‑compliant storage options. Regional backups with immutable retention policies.
Access Controls
SSO + MFA required for internal access. Principle of least privilege enforced with time‑boxed approvals and auditable actions.
Incident Response
We have defined processes for detection, containment, and post-mortem analysis. Customer notifications follow applicable laws and regulations.
Data Processing Agreement
We maintain a list of vendors that count as our sub-processors for personal data purposes and ensure our terms with them are aligned with what we provide our customers. Standard DPA available on request.
Privacy & Data Ownership
Customers reach leads using Dealyv as a technology provider, under Meta accounts and phone numbers that belong to the customer. As long as the customer has marketing consent from the lead, that lead can be used with Dealyv. In this regard, Dealyv is the same as using Gmail or a cloud CRM to send messages to leads — you use your own accounts and infrastructure.