Legal

Privacy Policy

Last updated: April 2026

The short version: TrustedMARC is a desktop application that processes your DMARC report files entirely on your own machine. We do not receive, store, or have access to your email authentication data. The only data we hold about you is your name, email address, and licence information.

Who we are

TrustedMARC is a software product operated by John Livingston. For questions about this policy, contact us at hello@trustedmarc.co.uk.

What data we collect and why

Purchase and licence information. When you purchase a licence, we collect your name and email address in order to issue your licence key and provide support. This information is stored in our licence management system (Keygen.sh) and is not shared with third parties for marketing purposes.

Licence validation. When you launch TrustedMARC, the application contacts our licence server (Keygen.sh) to verify your licence key. This request includes a machine fingerprint — a one-way hash derived from your computer's MAC address and hostname. This fingerprint cannot be reversed to identify you or your machine. No personal data is transmitted during licence validation.

Website analytics. Our website uses Cloudflare's built-in analytics, which provides aggregate traffic data (page views, visitor counts, country of origin) without using cookies or tracking individual visitors. We do not use Google Analytics or any other third-party tracking.

Support communications. If you contact us by email, we retain that correspondence in order to resolve your query and maintain a support history.

What data we do not collect

We have no access to:

  • Your DMARC report files or the data within them
  • The IP addresses, sending services, or authentication results in your reports
  • Your domain names or email infrastructure details
  • Any output generated by the TrustedMARC application

All report processing happens entirely on your machine. The application does not transmit report data anywhere.

Optional external services used by the application

When running a report, TrustedMARC can optionally make the following external requests. Both can be disabled in the application:

  • IP geolocation — sending IP addresses found in your DMARC reports are sent to ip-api.com to retrieve country, city, and ISP information. ip-api.com's privacy policy applies to this data. This can be disabled with the Geolocation option in the app.
  • DNS record lookup — your domain name is used to query dns.google for your current SPF and DMARC records. This can be disabled with the DNS Records option in the app.

Data retention

We retain your name, email address, and licence information for as long as your licence is active and for a reasonable period afterwards for support and accounting purposes. You may request deletion of your personal data at any time by contacting hello@trustedmarc.co.uk.

Your rights

Under UK GDPR you have the right to access the personal data we hold about you, request correction of inaccurate data, request deletion of your data, and object to processing. To exercise any of these rights, contact hello@trustedmarc.co.uk.

Cookies

Our website does not use cookies. No tracking cookies, analytics cookies, or advertising cookies are set.

Changes to this policy

We may update this policy from time to time. The date at the top of this page reflects when it was last revised. Continued use of the software or website after changes constitutes acceptance of the updated policy.

Contact

For any privacy-related questions or requests: hello@trustedmarc.co.uk