Summary

PhishGuard does not collect, transmit, or store any personal data. All email analysis happens locally in your browser. No email content, addresses, or metadata ever leaves your device through this extension.

What PhishGuard does

PhishGuard analyses emails you open in supported webmail clients to detect phishing indicators. It reads the content of the currently open email in your browser tab to perform this analysis. This processing is entirely local — no data is sent to PhishGuard servers.

Data processed locally

The following data is read from your browser tab to perform analysis, and is never transmitted externally:

• Sender address, subject line, and email body text
• Links contained in the email
• Email headers (Reply-To, SPF, DKIM, DMARC results)
• Attachment names and types

Optional external services

PhishGuard includes optional integrations that, when enabled by the user, send limited data to third-party services:

• VirusTotal If you enter a VirusTotal API key, URLs and file hashes from the email may be submitted to VirusTotal for scanning. This is governed by VirusTotal's Terms of Service.
• DNS lookups Domain reputation checks send domain names (not email content) to Google's public DNS-over-HTTPS service (dns.google) to verify sender domains.
• RDAP Domain registration lookups send domain names to rdap.org to check domain age.

These features are entirely optional. VirusTotal scanning requires you to explicitly provide your own API key. DNS and RDAP lookups involve only domain names, never email content or personal information.

License validation

If you use a license key, the key string is sent to the LemonSqueezy API solely to verify its validity. No personal information or email data is included in this request.

Local storage

PhishGuard stores the following in your browser's local extension storage:

• Your per-site on/off preferences
• Your VirusTotal API key (if provided)
• Your license key (if provided)
• Whitelisted domains you have added

This data never leaves your browser and is not accessible to any server.

No tracking, no analytics

PhishGuard contains no analytics, telemetry, crash reporting, or usage tracking of any kind. The extension does not know how many users it has, which emails are analysed, or how it is used.

Permissions

PhishGuard requests the following browser permissions:

• storage To save your settings locally.
• host permissions To read and analyse email content on supported webmail sites you visit.
• scripting / tabs (Chrome only) To inject the phishing analysis engine into Outlook pages.

Contact

PhishGuard is developed for internal law enforcement forensic use. For questions about this privacy policy, contact the extension maintainer directly.