GDPR Data Processing

LAST UPDATED – 24th May, 2018

By use of LemonFresh services, you instruct LemonFresh to process any personal data you provide to LemonFresh and agree to the processing of any personal data that LemonFresh provides to you in connection with the services. Customer also specifically authorises the engagement of LemonFresh’s Affiliates as Sub-processors. In addition, Customer generally authorises the engagement of any other third parties as Sub-processors.

Customer obligations.

By use of LemonFresh services you agree to comply with data protection, security and other obligations with respect to any and all personal data by adhering to your customer service agreement, and privacy policy & terms along with all local data protection laws to which you are subject. LemonFresh  will inform you if, in LemonFresh’s opinion, you have violated any data processing obligation.

Details of data processing.

Subject matter: All LemonFresh services, Customer provided data, and related technical support to Customer.

Duration of the processing: As identified in your customer service agreement.

Nature and purpose of the processing: LemonFresh provides a service for cleaning and verifying lists of emails and other related services as identified in our privacy policy & terms.

Categories of Data: As outlined in our privacy policy & terms

Data Subjects: Personal data submitted, stored, sent or received via LemonFresh services that may concern the Customer or Subscribers of the Customer.

Data security.

LemonFresh takes all reasonable technical and organisational measures to commit to confidentiality of your data including:

  • Use of encryption.
  • Continual monitoring of the confidentiality, integrity, availability, and resilience of our systems.
  • Preparedness to restore availability of our services in the event of a physical or technical incident.
  • Regular risk assessments of all systems
  • Commercially reasonable steps to ensure employees and those acting on LemonFresh’s behalf maintain confidentiality of personal data.
  • Privacy confirmations of all sub-processors engaged in providing LemonFresh services.
  • Provide written responses to all reasonable requests for information made by customers.
  • Reasonably assist customers with data security audits, including inspections, conducted by the customer, auditors, or other supervisory authorities.
  • Provide notice to customers regarding personal data breaches.

Data rights.

Right to be informed: You can ask about personal data, how it is used, and why it is being used at any time.

Right of access: As outlined in our privacy policy & terms (Access to Personal Information).

Right of rectification: You can update (or request updates to) personal information at any time.

Right of erasure: You may cancel your LemonFresh account at any time and may additionally request that LemonFresh erase your personal data, cease further dissemination of the data, and potentially have third parties halt processing of the data. LemonFresh reserves the right to keep the minimum amount of information that helps us prevent fraud to keep your deliverability the highest it can be.

Right to restrict processing: You may put your account on hold at any time which restricts the use of all services. Your data will still be processed for other actions such as billing and by our sub-processors. You may cancel your account to restrict all data processing of your data and reactivate your account as long as we have not yet deleted your information according to our retention policies. In most cases, deletion happens immediately on suspension.

Right to data portability: You may export any of your cleaned lists,, at any time while your account is active by accessing your LemonFresh account.

Right to object: You may unsubscribe from any of LemonFresh’s emails at any time.


You may opt-in to be informed of sub-processor additions excluding those on our list of sub-processors below using our contact page. If you object to any sub-processor addition, you may cancel your account within 5 days of the notification provided that such objection is based on reasonable grounds relating to data protection.

  • Digital Ocean
  • Amazon
  • Google
  • Lucky Orange
  • Crazy Egg
  • Hotjar
  • Stripe
  • Paypal
  • VWO
  • Facebook
  • Intercom

Join for free
Or use your email