Cleanlist AI

Product details
evolvemarketingevolvemarketing
evolvemarketingPLUS
Jun 30, 2026

Q: DPA, data location & suppression list on Tier 5 (GDPR)

Hi! I'm about to buy the Tier 5 plan — looks great, my only concern is GDPR since I work with EU contacts.

I read your compliance guide (https://www.cleanlist.ai/blog/2026-03-02-b2b-data-enrichment-compliance-guide), so a few questions before I buy:

- Where do the enriched contacts come from — public business records, opt-in databases?

- Do Tier 5 customers get a signed DPA, and how do I set it up?

- When I send a contact to the API, where does the data get processed — can EU data stay in the EU?

- Can I manage the suppression list via the API, so opted-out contacts aren't returned again later?

Thanks — that's all I need before hitting buy!

Founder Team
Victor_CleanlistAI

Victor_CleanlistAI

Jun 30, 2026

A: We don't offer a signed DPA or EU data residency, and the suppression side is handled by our providers rather than something you'd manage through the API. What I can tell you is the data comes from publicly available business records and all our providers support GDPR and CCPA and honor opt-out and deletion requests, so if that works for your setup you're good to go.

Share
Helpful?
0
Log in to join the conversation

Verified purchaser

But your own compliance guide says the opposite, word for word: "Cleanlist meets all five criteria: signed DPA, ... configurable data residency." (https://www.cleanlist.ai/blog/2026-03-02-b2b-data-enrichment-compliance-guide)
As an EU company I need a signed DPA (GDPR Art. 28) — public-record sourcing doesn't waive that. So which is right: the blog, or this answer? Can your legal confirm here?

Related questions
View product details