Privacy Policy

Effective Date: November 3, 2025

1. Overview

GetPhishCheck values your privacy. This policy explains how we collect, process, and protect any information you share when using our website.

2. Information We Process

• Email Files (.eml or .msg): analyzed solely for phishing and malware indicators. Before upload, personal identifiers (names, emails, phone numbers, credit card numbers) are masked locally in your browser.
• Payment Details: handled by third-party processors (e.g., Stripe). We do not store card data.
• Contact Information: optional details you provide when reaching out for support.

3. Data Storage & Deletion

All uploaded files are stored in secure, access-controlled cloud storage (e.g., AWS S3). Files are automatically deleted after analysis, typically within 24 hours.

4. Legal Basis for Processing (GDPR Article 6)

We process your data based on your explicit consent when you check the agreement box before upload.

5. User Rights

You may request confirmation of deletion or access to stored data by emailing privacy@getphishcheck.com. We respond within 30 days as required by GDPR and PIPEDA.

6. Data Security

• Encryption in transit (HTTPS) and at rest (AES-256).
• Restricted analyst access with confidentiality agreements.
• Automatic deletion and audit logging.

7. Cookies & Analytics

This website uses only essential cookies; no third-party tracking or advertising pixels are employed.

8. Updates to Policy

We may update this policy to reflect legal or technical changes. The “Effective Date” will indicate the latest revision.

View Terms of Use