Trust & Security

Security & GDPR Compliance

Your data security is our top priority. ListPlus is built with privacy-first architecture and enterprise-grade controls.

Privacy-First AI

AI that never sees your data.

You say “enrich all contacts missing a phone number.” The AI turns that into a structured command. Our connector executes it on your data. The AI never sees a single contact name, email, or phone number.

You say:“Enrich all contacts missing a phone number.”

AI generates:{ action: "enrich", filter: "phone = empty", provider: "prospeo" }

Connector executes on your data — AI never sees it.

Commands, Not Data

AI receives instructions like “normalize phone numbers in column 3” — never the actual phone numbers. Your CRM data stays in our secure EU environment.

Local Execution

The connector pattern means your browser executes AI commands on your data. No contact record is ever sent to OpenAI, Anthropic, or any AI provider.

No Training on Your Data

Your data is never used to train AI models. AI providers have zero data retention. We use the same API contracts that enterprises require.

Data Protection

GDPR Compliant

Built for European data protection standards from day one.

EU Data Residency

All data processed and stored in EU (Frankfurt). No data transfers outside the EU without explicit consent.

Automatic Data Deletion

Contact data cached temporarily with automatic TTL. Data expires and deletes itself after processing.

Audit Logs

Complete audit trail for every data operation. Know exactly who accessed what and when.

Credentials via Pipedream

OAuth tokens managed and encrypted by Pipedream (SOC 2 Type 2). Never stored on ListPlus servers.

Right to Deletion

Users can request complete data deletion at any time. All associated data removed within 24 hours.

Data Minimization

Only data necessary for the requested operation is processed. No background data collection.

Infrastructure

SOC 2 Type II Infrastructure

ListPlus runs on Vercel and Pipedream — both SOC 2 Type 2 certified with enterprise-grade security.

Vercel (Hosting)

SOC 2 Type 2, ISO 27001, TISAX Level 2. EU-US Data Privacy Framework certified. GDPR compliant.

Pipedream (Integrations)

SOC 2 Type 2 certified. Managed OAuth, encrypted token storage, automatic token refresh. Part of Workday.

Encryption

AES-256 encryption at rest, TLS 1.3 in transit. Automatic SSL certificates for every connection.

Enterprise Security Inquiries

For security questionnaires, DPA requests, or compliance documentation, contact us at security@listplus.ai

Your data, protected.

Enterprise-grade security with EU data residency. Start building your pipeline today.

Any AI model works

Full internet research

Enterprise security

Works with n8n & Zapier

Start Free