How we protect your account, handle business contact data responsibly, and where we stand on compliance — without the enterprise theater.
We don't roll our own security primitives. Authentication, data storage, and payments run on platforms that protect billions of users.
Sign-in is handled by Google Firebase Authentication — the same identity infrastructure used across Google Cloud. We never see or store your raw password.
Customer and platform data lives in Google Cloud Firestore with per-user security rules — your account data is readable and writable only by you.
All payments are processed by PCI-DSS compliant payment providers. Full card numbers never touch our servers — we store only what's needed to manage your subscription.
Smaller attack surface by design — minimal third-party scripts, authenticated API access, and least-privilege access to production systems.
Badges are easy to print. Here's the actual status of each framework and what it means for you.
| Framework | What it covers | Status |
|---|---|---|
| PIPEDA | Canada's federal privacy law. As a Canadian company, this is the legal foundation of how we collect, use, and disclose personal information — including the professional contact data in our platform. | We comply |
| GDPR | EU privacy regulation. We extend GDPR's core rights — access, correction, erasure, objection — to all users and data subjects regardless of location, and honor removal requests from anyone. | Principles honored |
| CCPA | California's privacy law. California residents can request access to and deletion of their information through the same simple process as everyone else. | Principles honored |
| ISO 27701 | International privacy information management standard. We use it as a design reference for our privacy practices. We are not yet independently certified — and we won't claim to be until we are. | Design reference |
Our database covers people in their professional capacity — business roles, business emails, business phones. We don't deal in consumer data, sensitive categories, or anything about minors.
Anyone can request removal from our database — no account, no friction, no dark patterns. Suppressed records stay suppressed. How to request removal.
The platform is for legitimate B2B outreach. Accounts using our data for spam, harassment, or unlawful purposes get terminated. Customers are responsible for complying with anti-spam laws like CASL and CAN-SPAM in their outreach.
Found a security issue or a data accuracy problem? Email admin@jayisaacai.com — security reports go to the top of the queue and you'll get a direct human response.
Ask directly — you'll get a straight answer from the people who built it.
Contact Us