Privacy Policy

Last updated: June 2026

What We Collect

When you scan an email, PhishArmor extracts only the following signals from the email you choose to scan:

  • Sender display name and email address
  • Email subject line
  • URLs/links found in the email body
  • Phone numbers found in the email body
  • Attachment file names (not the files themselves)
  • Email body text (for linguistic analysis only)

We never store full email bodies on our servers. Email text is sent to our AI analysis engine, used to generate a scam score, and immediately discarded. Only the resulting score, signal categories, and anonymized metadata are retained.

Account Information

When you create an account, we store your email address and a securely hashed password. We also track your subscription plan and monthly scan usage to enforce plan limits.

How We Use Your Data

  • Email signals are sent to our server solely for phishing analysis and are not shared with third parties.
  • Scan results (score, threat level, signal categories) are stored to provide scan history for Premium users.
  • Feedback (agree/disagree) is stored anonymously to improve our detection accuracy.
  • Payment information is handled entirely by Stripe. We do not store credit card numbers.

Data Storage & Security

Your data is stored on secure, encrypted servers. Passwords are hashed using bcrypt with a work factor of 12. All API communication is encrypted via HTTPS. We retain scan metadata for as long as your account is active.

Third-Party Services

  • Anthropic (Claude AI) - processes email signals for phishing analysis
  • Stripe - processes payments for Premium subscriptions
  • Google Safe Browsing API - checks URLs against known threat databases

Your Rights

You have the right to:

  • Request a copy of your stored data
  • Request deletion of your account and all associated data
  • Opt out of feedback data collection
  • Export your scan history

To exercise any of these rights, contact us at privacy@phisharmor.io.

Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes via email or through the extension. Continued use after changes constitutes acceptance.

Contact

Questions about this policy? Email us at privacy@phisharmor.io.