PhishGuard AI – Privacy Policy
Last updated: January 2026
PhishGuard AI is a Chrome extension designed to assist users in identifying potentially suspicious emails in Gmail.
1. Data Accessed
PhishGuard AI accesses the content of the currently opened Gmail message only when the user is viewing an email. This includes:
- Email subject
- Sender display name
- A short excerpt of the email body
- Visible hyperlinks (text and destination URLs)
2. Data Processing
To assess phishing risk, PhishGuard AI sends a redacted subset of email data to a backend service for analysis. The data sent is limited to:
- Subject line
- Short body excerpt
- Link domains (not full URLs)
- Heuristic signal indicators (e.g., presence of credential-related language)
No full email content, attachments, or recipient information is transmitted.
3. Data Storage
PhishGuard AI does not permanently store email content.
- No email bodies are saved
- No personal messages are logged
- No user identities are tracked
Temporary processing may occur in memory for analysis purposes only.
4. Third-Party Services
PhishGuard AI uses an AI service provider to assist in phishing risk analysis. The AI service processes only the redacted data described above and does not receive full emails or attachments.
5. Data Sharing
PhishGuard AI does not sell, rent, or share user data with third parties for advertising or marketing purposes.
6. User Control
The extension operates only on Gmail and only when an email is opened. Users may disable or uninstall the extension at any time via Chrome settings.
7. Security
Reasonable technical measures are used to protect transmitted data, including HTTPS encryption between the extension and the backend service.
8. Contact
If you have questions about this privacy policy, you may contact the developer through the Chrome Web Store listing.