Privacy Policy for PhishGuard

Last Updated: May 2026

Introduction

PhishGuard is a browser extension designed to help users identify potentially malicious, fraudulent, or phishing websites in real time. This Privacy Policy explains what information may be processed by the extension, how it is used, and the measures taken to protect user privacy.

By using PhishGuard, you agree to the practices described in this Privacy Policy.

Information We Process

PhishGuard may process the following information strictly for phishing detection and security analysis purposes:

URLs of webpages visited by the user
Website metadata required for phishing analysis
Extension settings and user preferences
Basic technical and diagnostic information necessary for application functionality

PhishGuard does not intentionally collect personally identifiable information such as:

passwords
payment information
email content
form submissions
personal messages
How Information Is Used

The processed information is used solely for:

Detecting phishing and malicious websites
Generating real-time security alerts
Improving phishing detection accuracy
Maintaining extension functionality and reliability

Information processed by PhishGuard is not sold, rented, or used for advertising purposes.

Backend and Third-Party Services

PhishGuard may communicate securely with backend services and APIs hosted on platforms such as:

Render
Vercel

These services are used exclusively for:

phishing analysis
extension functionality
application hosting

All communications are transmitted securely using HTTPS.

Data Storage and Retention

PhishGuard does not permanently store browsing history unless temporarily required for security analysis, debugging, or system reliability purposes.

Any temporary processing is limited to the minimum necessary for phishing detection functionality.

Permissions

PhishGuard may request browser permissions such as:

access to active tabs
access to webpage URLs
storage permissions

These permissions are required for:

real-time phishing detection
displaying security alerts
maintaining user preferences

PhishGuard only uses permissions necessary for its stated functionality.

Security

Reasonable technical and organizational measures are implemented to protect processed information against unauthorized access, misuse, or disclosure.

User Control

Users may:

disable the extension at any time
uninstall the extension through browser settings
clear extension storage data through browser controls
Changes to This Policy

This Privacy Policy may be updated periodically to reflect changes in functionality, security practices, or legal requirements.

Continued use of PhishGuard after updates constitutes acceptance of the revised policy.

Contact

For support, questions, or privacy-related concerns:

Email: your-email@example.com

Project Website: https://your-dashboard.vercel.app

Recommended next steps
Replace:
your-email@example.com
https://your-dashboard.vercel.app
Host this as:
/privacy-policy
on your Vercel dashboard site
Add the privacy policy URL in your Firefox Add-ons submission
Add a footer link inside your dashboard/extension popup if possible

Feedback loop:

This privacy policy was structured to balance professionalism, Mozilla review expectations, and technical accuracy for a phishing-detection extension architecture.
The wording intentionally avoids making unverifiable legal guarantees such as “no data is ever stored” unless your backend implementation truly enforces that.
One important consideration:
if backend logs store raw URLs,
or analytics platforms collect identifiable metadata,
your policy should explicitly disclose that.
Another subtle area is AI/API usage:
if URLs are sent to external AI providers,
you should mention that more explicitly.
To verify alignment between policy and implementation:
inspect backend request logs,
review analytics tooling,
confirm retention behavior,
ensure HTTPS is enforced everywhere.