ValidEmailChecker

What data is shared with integration platforms (Mailchimp, HubSpot, etc.)?

Last updated May 20, 2026Privacy & policies

Connecting Mailchimp, HubSpot, Brevo, MailerLite, SendGrid, AWeber, ConvertKit, GetResponse, Mailgun, or any of the other 17 integrations on Valid Email Checker gives VEC permission to push verification outcomes back into your provider. The data flowing across that connection is narrow: only the addresses you choose to sync and the action you picked for each result class (keep, unsubscribe, or delete). VEC does not push your billing data, your other lists, or any account-level information to the integration.

What flows out to the integration

When you trigger a sync, the integration job calls the provider API using the OAuth token or API key you authorized. The payload it sends contains:

  • The email addresses that were part of the verification run you chose to sync — not your full VEC contact universe.
  • The verification status for each (Safe, Risky, Invalid, Catch-All, Disposable, Unknown).
  • The action you configured for that status (e.g. "delete Invalid", "unsubscribe Catch-All", "keep Safe").
  • Optional fields the provider needs — list ID, segment name, sometimes a tag.

What never flows out

  • Your VEC billing data, credit balance, or invoices.
  • Other verification tasks that were not part of this sync.
  • Login history, API keys, team-member rosters, or audit trail.
  • The contents of other integrations you have connected.

Auth tokens and key storage

The OAuth tokens (for AWeber, HubSpot, Google) and API keys (for SendGrid, Brevo, Mailgun, and the rest) you provide are stored encrypted on our side. Tokens that expire are refreshed automatically using the refresh-token grant — for example, AWeber tokens are refreshed transparently when our integration sync detects they are within five minutes of expiry. You can revoke any integration from the Integrations page in your dashboard, which deletes the stored token immediately and prevents any further data from flowing.

On the integration provider side

Once data lands in Mailchimp, HubSpot, or wherever you sync, it is governed by that provider's privacy policy, not ours. VEC is the data processor for the moment of transit; the provider is the controller of the data inside their platform. If you need a Data Processing Agreement covering the VEC half of this flow, email support@validemailchecker.com — we have a standard DPA available.

Verify-only mode shares nothing back
If you set the integration to verify_only instead of clean_auto, VEC reads the list from the provider and verifies it, but does not push any changes back. The provider sees nothing in their API logs except the read calls. Use this when you want a verification report without modifying the source list.

Related questions

Do you store the emails I verify?
What data is shared with payment processors (Stripe, Paddle, CoinPayments)?
How do I download all my data (data export) from Valid Email Checker?
How we protect your data
Back to all FAQs

Still stuck? Email support