Privacy Policy

Last updated: July 16, 2026

Phishlight is designed with a privacy-first architecture. This policy explains, in simple terms, how the Phishlight extension and website handle your data.

1. Local analysis by default

Core phishing analysis is performed entirely within your browser. Your email content and browsing activity are not sent to our servers for analysis.

2. No email content transmitted

No email content is transmitted to external servers during offline analysis. The extension examines messages locally on your device to keep your information under your control.

3. Optional integrations are off by default

Optional third-party threat intelligence services are disabled by default. To enable any integration, you must provide your own API key and explicitly turn it on. You control when and whether external services are used.

4. We do not sell or monetize your data

Phishlight does not sell, share, or monetize user data. We do not use your personal information for advertising or profiling.

5. Website data

When you visit the Phishlight.ai website, we may collect basic technical information such as your browser type and IP address to operate and improve the site. We do not link this information to your extension usage.

6. Changes to this policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page.

7. Contact us

If you have questions about this Privacy Policy or our data practices, please contact us at info@samssoft.com.