You're trusting us with your lead data. Here's exactly how we handle it.
TexAu handles prospect and customer data for agencies and sales teams. That's a responsibility we take seriously. We're not going to bore you with corporate security theater. Here's what we actually do, what we're working on, and where we stand.
Certifications & Standards
Industry-recognized frameworks that validate our security posture.
SOC 2 Type II
On track for Q3 2026We are working toward SOC 2 Type II certification, expected Q3 2026. We are not there yet, but we are on the path. In the meantime, we have GDPR compliance, CCPA compliance, workspace isolation, encrypted data, audit logs, and role-based access control.
GDPR
CompliantTexAu processes data as a data processor on your behalf. You own your data. We support data subject access requests, honor deletion requests, and have a Data Processing Agreement available on request.
256-bit Encryption
ActiveAll data encrypted at rest with AES-256 and in transit with TLS 1.2+. Your lead lists, enrichment results, and verification statuses are never stored in plain text. If someone physically steals a server, they have an encrypted brick.
High Availability
ActiveTexAu runs on AWS in isolated, dedicated VPCs. We do not share infrastructure with competitors or other customers. Your workspace is logically separated from everyone else.
Security Practices
How we protect your data across every layer of our platform.
Who Has Access
You have full access to your workspace. Your team only if you invite them. TexAu staff only if you grant access for support. Nobody else. Not other customers, not partners, not data brokers.
Infrastructure Security
Hosted on AWS in isolated VPCs with network segmentation, DDoS protection, web application firewalls, and automated vulnerability scanning. Your workspace is logically separated.
Data Handling
We do not sell your data. We do not share with third parties. We do not train AI models on your data unless you opt in. Your leads are not for sale to anyone.
Audit Trails
Every enrichment action is logged: who did it, when, how many credits were used, what data was accessed. You can see the audit trail anytime.
Data Retention
Your data stays while your subscription is active. If you cancel, data is retained for 30 days then permanently deleted. If you ask for deletion, we delete immediately.
Workspace Isolation
Each client workspace is completely isolated at the infrastructure level, not just the UI. Client A cannot see Client B data. Your clients data is private from each other.
Data Handling
Exactly what we store, what we don't do, and how long we keep it.
What data we store
- Lead data you paste or import: names, emails, phone numbers, company names, job titles, URLs, LinkedIn profiles
- Enrichment results: verified emails, phone numbers, company data, tech stacks, funding status, AI scores
- Verification status: whether an email is valid, catch-all, disposable, etc.
- Sync history: what we pushed to your CRM, when, what fields
- Usage data: how many credits you used, what enrichment queries you ran (for billing accuracy)
What we don't do
- We don't sell your data. We're not a data broker. Your lead list isn't for sale to anyone.
- We don't share with third parties. We don't give your data to marketers, researchers, or ad networks.
- We don't train AI models on your data. Your leads aren't used to improve our AI scoring model (unless you explicitly opt in).
- We don't build profiles on you. We track how many credits you used and what integrations you connected. That's it.
Data retention
While you're a customer: Your data stays in TexAu as long as your subscription is active. You can export or delete any time.
If you cancel: Your data is retained for 30 days (so you can re-export if you change your mind). After 30 days, it's permanently deleted from TexAu's servers and backups.
If you ask for deletion: We delete immediately. No 30-day wait. No “but we need it for compliance.” Your data is gone.
Workspace isolation for agencies
If you're an agency managing multiple client accounts, this is important: each client workspace is completely isolated. Client A's leads don't appear in Client B's workspace. Client A's team members can't see Client B's data.
The workspaces are separate at the infrastructure level, not just the UI level. Your clients' data is private from each other and from your team (unless you explicitly grant access).
What We Use Your Data For
Only what you'd expect -- and nothing more.
Only what you'd expect
- Running enrichment queries against our data sources
- Sending enriched data to your CRM (if you connected one)
- Billing and usage analytics (so we know how many credits you used)
- Support (if you email us with a problem, we look at your workspace)
- Security monitoring (to catch abuse and attacks)
What we don't do
- We don't sell anonymized datasets
- We don't use your data for marketing or case studies without permission
- We don't train models on your lead data
- We don't analyze patterns across customers (even anonymized)
HIPAA -- Not covered
TexAu is not a HIPAA-covered service. If your team handles healthcare data, we're not the right choice. We handle sales and marketing data, not medical records.
Data Privacy & Legal
Transparency in how we handle your data and the policies that govern it.
Data Processing Agreement
Standard DPA available for all customers upon request, covering GDPR Article 28 requirements.
Request DPA →Payments Policy
Credit purchases, subscription billing, refund policies, and payment security details.
Read policy →Terms & Conditions
Service terms including data ownership, liability, and acceptable use policies.
Read terms →Questions? Email our security team directly.
Not confident about something? Questions about compliance? Need something in writing? We're small enough that you can email our security team directly. We'll answer your question. Not a support script. Real answers.
What we can help with
See it work in 2 minutes. Paste your own data.
No credit card required. 14 days, full access, all features.