Privacy policy

PhishGuard is a Chrome extension that analyzes Gmail emails to detect phishing attempts. The analysis is triggered manually by the user - never automatically.

When you click "Analyze this email", the following data is sent:

• Sender domain - e.g. "paypal.com"
• Email headers - From address and subject
• Body text - plain text content (max 5,000 characters)
• URLs - links found in the email body (max 50)
• Attachment names - file names only, not the files

• Email content is never stored on our servers
• URLs and headers are never logged
• Analysis data is processed in memory then deleted
• Only the risk score and signal summary are kept

• Your account - Google ID, email address, plan
• API keys - hashed (SHA-256), never stored in plain text
• Analysis results - score, level (safe/suspicious/dangerous), signal details, duration
• Usage quota - daily counter per API key (Redis, automatic expiration at midnight UTC)

• JWT and refresh token - encrypted with AES-256-GCM before storage
• API key - encrypted with AES-256-GCM before storage
• Consent indicator - whether you accepted this policy
• Email context - stored in session storage only (deleted when the browser is closed)

• Google OAuth - authentication only (email scope)
• VirusTotal - URL and attachment fingerprint verification
• WHOIS - domain age verification
• Anthropic (Claude) - NLP content analysis
• Sentry - error tracking (no email content)

• Access - your analysis history is viewable via the extension
• Deletion - delete your account and all your data at any time via the extension settings
• Portability - analysis results are accessible via the API

Account deletion is permanent and cascading: your profile, all analysis results, API keys and Redis quota entries are deleted immediately.

• MOUTER HADI - Sole proprietor
• SIREN: 902 509 801 (RCS Paris)
• 8 bis rue Abel, 75012 Paris, France

For any privacy-related questions: privacy@phishguard.dev