Global Privacy Policy of
Email Veritas Security Technologies Ltd.

Effective Date: January 3, 2020 · Last Revised: October 9, 2025

1. Welcome

This Privacy Policy explains how Email Veritas Security Technologies Ltd. ("Email Veritas," "we," "us," or "our") collects, uses, and protects information when you use our cybersecurity products — including the Phishing Detector, URL Checker, and File Scanner, as well as their extensions for Google Workspace and Microsoft Outlook.

We may update this Policy periodically to reflect legal, regulatory, or technological changes. Updates will be published on this page, and we encourage users to review it regularly.

Email Veritas complies with Google's Limited Use Requirements for Gmail API data and with Microsoft Graph API data handling guidelines.

2. Information We Collect

2.1 Phishing Detector

Analyzes incoming and outgoing email metadata to identify potential phishing or scam patterns.
Requires only your name and email address for registration.
Processes messages to extract lexical, syntactic, and structural attributes needed for detection.
The actual content of emails is not stored and is immediately discarded after automated analysis.

2.2 URL Checker

Enables users to inspect URLs for phishing, malware, and unsafe domains.
When a URL is analyzed, its content (such as HTML source, redirects, SSL data, and domain reputation) is retrieved for classification and securely stored to improve detection accuracy and maintain transparency.
No personal or unrelated data from these pages is collected.

2.2.1 Google Workspace Extension

Operates in read-only mode to extract URLs for user inspection.
Does not modify, store, or share email data.

2.2.2 Microsoft Outlook Extension

Uses Microsoft Graph API permissions for secure authentication and URL extraction.
Does not store or alter the email body or attachments.

2.3 File Scanner

Analyzes uploaded files to detect malware or malicious patterns.
The uploaded file is processed in real time and permanently discarded after scanning.
Only the technical result and metadata (file hash, MIME type, detection status, and timestamp) are retained.

We do not collect sensitive personal data revealing racial or ethnic origin, political opinions, religious beliefs, health information, or sexual orientation.

3. Information We Store

3.1 Phishing Detector

Retains user names, email addresses, and encrypted sender/recipient metadata needed for service operation.
All data is encrypted in transit and at rest.

3.2 URL Checker

Stores the submitted URL, its associated content (HTML snapshot, redirect chain, SSL certificate data, domain reputation), and the resulting classification (legitimate, suspicious, phishing, or malicious).
This data supports result verification, accuracy tracking, and threat intelligence correlation.
No personal identifiers of the submitting user are stored.

3.3 File Scanner

Discards all uploaded file content after scanning.
Retains only scan results (hash, status, and technical metadata) for auditing and reliability purposes.

4. How We Use the Information

4.1 Phishing Detector

Classifies messages automatically as legitimate or phishing without human review.
Results are used solely to protect users and enhance detection algorithms.

4.2 URL Checker

Performs real-time link analysis through our AI-powered API to classify URLs as safe, suspicious, or malicious.
Stores the analyzed page content and risk indicators to support transparency, reproducibility, and continuous learning of detection logic.

4.3 File Scanner

Evaluates uploaded files to identify threats or malicious behavior patterns.
Keeps only non-personal technical data for reporting and statistical monitoring.

4.4 Use of Data for AI and ML Models

Data obtained via Google Workspace APIs and Microsoft Graph APIs is never used to train general-purpose AI or machine learning models.
All processing is performed in real time and limited to security analysis within the scope of each product.

5. Information Sharing

Email Veritas does not sell, rent, or disclose user data to third parties. Information is processed within our secured infrastructure and may be shared only:

when required by law or valid legal process,
to enforce our terms and protect our rights, or
to safeguard system integrity and the public interest.

6. Security

We implement administrative, technical, and physical safeguards — including encryption, restricted access, monitoring, and regular security reviews — to protect data from unauthorized access, alteration, or destruction. Nevertheless, no system is entirely immune to Internet-based risks.

7. Data Retention and Deletion

7.1 Retention Period

Files: discarded immediately after scanning; only non-personal metadata and results are stored.
URLs: retained with their associated content and classification results to maintain detection accuracy, audit trails, and threat intelligence.
Data from Google Workspace and Microsoft Graph APIs is not cached or reused beyond what is necessary for active scanning.

We comply with Google's Limited Use Requirements, Microsoft data handling policies, and international standards under GDPR and LGPD. For detailed information, refer to our Data Protection Policy.

7.2 User-Initiated Deletion

Users may request deletion of their personal data at any time. Upon verification, all data linked to the user will be permanently erased unless legal obligations require retention.

7.3 Access and Correction

Users may request access to or correction of personal data through our support channels.

7.4 Data Portability

Users may request a copy of their personal data in a structured, machine-readable format when applicable.

8. Changes to This Policy

We may revise this Privacy Policy periodically. Updates will appear on this page, and significant changes may be communicated by email or within the app.

9. Contact Us

For questions or requests related to this Privacy Policy, please contact:

Email: info@emailveritas.com
Mail: 4217 Kincaid Street, Victoria, BC V8X 4K7, Canada
Company: Email Veritas Security Technologies Ltd.

Global Privacy Policy ofEmail Veritas Security Technologies Ltd.