CypherSwway
Back to cyphersway.com
Local-firstNo adsNo trackingHTTPS-only

PhishGuard Lite — Privacy Policy

Last updated: August 26, 2025

Short version: PhishGuard Lite analyzes links locally in your browser to help you spot phishing risks. No data leaves your device by default. If you click Report, we send the reported link and its context to your organization’s backend for security triage. We do not sell data, use it for advertising, or share it with third parties.

What the extension does

The extension scans visible links on supported pages (e.g., webmail UIs) and displays a small badge next to each link (Safe / Caution / High Risk) with a tooltip that explains why.

Data processed

By default, the extension processes page content locally and does not transmit it. Only when you click “Report” does the extension send the following to your organization’s API endpoint:

  • Reported URL
  • Page URL where it was seen
  • Visible link text
  • Reasons the link was flagged (e.g., risky TLD, shortener)
  • Tenant key (to route the report to the correct organization)
  • Timestamp

Optional cloud scoring

If enabled by your organization, the extension may call a scoring API to enrich risk assessment (e.g., domain age, passive DNS). These requests include the URL being evaluated and return a numeric score and reasons. This feature is off by default and can be disabled in Options.

How we use the data

  • Operate the reporting feature requested by the user
  • Help the user’s organization investigate potentially malicious links

What we do not do

  • No sale of data
  • No advertising or user profiling
  • No sharing with third parties (beyond the organization that controls the API endpoint)

Retention and control

Reports are stored by the user’s organization (the API owner) according to its retention policy. The extension developer does not resell or repurpose the data.

Security

  • Transport: All data transmitted by the Report feature uses HTTPS.
  • Storage: Reports are stored per tenant by the organization’s backend (e.g., encrypted in S3).

User choices

  • Use the Options page to enable/disable detection, toggle reporting, and set a minimum score threshold.
  • Do not click Report if you do not want to send the link.
  • You can uninstall the extension at any time.

Children’s privacy

This extension is not directed to children under 13.

Changes

We may update this policy to reflect product or regulatory changes. The “Last updated” date will be revised accordingly.

Contact

Questions? Contact support@cyphersway.com.

© 2025 CypherSwway Inc.
cyphersway.com