Legal

Terms of Service

Version 1.0 — Last updated: March 15, 2026

These terms are accepted via a checkbox when creating your account, together with the DPA.

1. Purpose

These Terms of Service ("ToS") govern access to and use of the Syvel.io email validation API, operated by RCQD Labs (sole trader — France, SIRET: 10225373900019). They apply to any user ("Client") who creates an account on syvel.io.

2. Acceptance

By checking the designated box at account creation, the Client unconditionally accepts these ToS, the Privacy Policy and the DPA. The acceptance date and version number are server-side timestamped at registration.

3. Service Description

Syvel provides a REST API for email validation, disposable email detection, DNS infrastructure analysis (MX, SPF, DMARC), and risk score calculation (0–100). The API accepts a full email address ([email protected]) or a domain name alone (domain.com).

4. Network Rate Limits

In addition to the monthly plan quota (see General Sales Terms), Syvel's infrastructure applies a network-level rate limit at the reverse proxy: 100 requests per second on average, with a burst of 200 requests per second. Exceeding these network limits may temporarily result in a 429 Too Many Requests error, independently of the monthly quota.

5. Acceptable Use Policy (Fair Use)

The following are expressly prohibited:

  • Using the API to validate email lists purchased, rented or obtained without consent of the data subjects.
  • Using the API for spam campaigns or unsolicited commercial communications not compliant with applicable regulations (GDPR, ePrivacy Directive).
  • Using the Service to harass, threaten or harm individuals.
  • Any attempt to circumvent quotas or manipulate the billing system.
  • Reselling or sub-licensing API results to third parties without prior written agreement from Syvel.

Syvel reserves the right to immediately suspend any account violating this policy, without refund.

6. API Key Security

API key security is the sole and entire responsibility of the Client. The Client agrees to never expose API keys client-side (browser JavaScript, React, Vue, Angular, etc.) without a server-side proxy or CORS origin restriction. All requests made with a valid API key are counted and billed to the Client, whether authorized or not. Syvel cannot be held liable for quota overages due to Client-exposed API keys.

The CORS origin restriction feature (Pro and Business plans) allows limiting API key usage to a whitelist of domains. Strongly recommended for any browser-side usage.

7. Intellectual Property

The Service, its source code, algorithms, and disposable domain database are the exclusive property of Syvel.

8. Limitation of Liability

To the extent permitted by law, Syvel shall not be liable for indirect or consequential damages. Direct liability is capped at amounts paid by the Client in the preceding 3 months.

9. Governing Law

These ToS are governed by French law. Disputes shall be subject to the jurisdiction of competent courts in France.

10. Contact

[email protected]