Privacy & data
PhishNet is designed to protect your inbox, not mine it. Here's exactly what happens to your email data.
What PhishNet processes
When you open an email, the following fields are sent to PhishNet's backend for analysis:
| Field | Purpose |
|---|---|
| Sender email address | Domain reputation check, spoofing detection |
| Sender display name | Display-name spoofing detection |
| Email subject | Urgency and BEC pattern analysis |
| Email body text | Full threat analysis |
| Links in the email | Link reputation check |
| Attachment file names and types | Attachment threat signals |
What PhishNet does NOT store
PhishNet does not store your email content. The email fields listed above are sent to our backend for analysis and discarded immediately after the scan result is computed. We retain the scan result (threat score, flags, verdict) but not the email itself.
What is retained
| Data | Retention |
|---|---|
| Scan result (score, flags, verdict) | 90 days |
| Quarantine records | Until you restore or delete the email |
| Threat action logs (report, block, restore) | 1 year |
| Account and billing data | Duration of your subscription + 30 days |
Third-party processors
To compute threat assessments, email content is sent to a large language model (LLM) provider under a data processing agreement. The LLM provider does not use your data for training.
Full privacy policy
For the complete legal terms, see the PhishNet Privacy Policy.