Effective Date: September 3, 2025
Last Updated: September 29, 2025
📋 Overview
This Privacy Policy describes how the Desant Phishing Detector Chrome extension ("we," "our," or "us") collects, uses, and protects your information when you use our phishing detection service.
🔍 Information We Collect
Screenshots and Images
- What: Screenshots of web pages you choose to analyze
- Purpose: AI-powered phishing detection and AI model training
- Storage Duration: Up to 30 days
- Location: Germany (secure data center)
Page Information
- What: URL, page title, domain, and basic page metadata
- Purpose: Context for phishing analysis and security assessment
- Storage Duration: Up to 30 days
- Location: Germany (secure data center)
Analysis Results
- What: Phishing detection results, confidence scores, and threat assessments
- Purpose: Providing security feedback and improving detection accuracy
- Storage Duration: Up to 30 days
- Location: Germany (secure data center)
🛡️ How We Use Your Information
Primary Uses
- Phishing Detection: Analyze screenshots and page content to identify potential phishing threats
- AI Model Training: Use anonymized data to improve our detection algorithms
- Security Research: Conduct research to enhance cybersecurity protection
- Service Improvement: Continuously improve our detection accuracy and performance
Data Processing
- Primary Processing: All data processing occurs in Germany
- AI Model Training: Data may be securely transferred to Switzerland for AI model improvement
- Encryption: We use industry-standard encryption for data transmission and storage
🔒 Data Protection and Security
Security Measures
- Encryption: All data is encrypted in transit and at rest
- Access Controls: Strict access controls and authentication requirements
- Regular Audits: Regular security audits and vulnerability assessments
- Data Minimization: We only collect data necessary for our services
Data Location
Primary Storage
Germany
GDPR-compliant jurisdiction
AI Training
Switzerland
EU adequacy decision
Backup Storage
Germany
Secure backup facilities
📤 Data Sharing and Third Parties
We Do NOT Share Your Data With:
- ❌ Advertising Companies: No data is shared with ad networks or marketing companies
- ❌ Third-Party Services: No data is sold or shared with external services
- ❌ Social Media Platforms: No integration with social media or tracking platforms
- ❌ Analytics Companies: No user behavior tracking or analytics sharing
Limited Exceptions
We may disclose your information only in these specific circumstances:
Legal Requirements
- Lawful Requests: When required by German law or valid legal process
- Court Orders: When ordered by a court of competent jurisdiction
- Government Requests: When required by German government authorities
- Legal Compliance: To comply with applicable laws and regulations
Security and Safety
- Threat Prevention: To prevent fraud, abuse, or security threats
- Emergency Situations: To protect user safety or prevent harm
- Service Protection: To protect the integrity of our services
⏰ Data Retention
Retention Period
| Data Type | Retention Period |
|---|---|
| Screenshots | 30 days maximum |
| Analysis Data | 30 days maximum |
| Metadata | 30 days maximum |
| Logs | 30 days maximum |
Automatic Deletion
- All data is automatically deleted after the retention period
- No manual intervention required
- Deletion is permanent and irreversible
🎯 Your Rights and Choices
Data Control
- Analysis Choice: You choose which pages to analyze
- Data Access: You can request information about your data
- Data Deletion: You can request early deletion of your data
- Service Control: You can disable the extension at any time
🏪 Google Chrome Web Store Requirements
Permission Justifications
Single Purpose Description
Primary Purpose: AI-powered phishing detection and cybersecurity protection
Core Functionality:
- Analyze web pages for phishing threats using advanced AI
- Provide real-time security assessments and threat warnings
- Protect users from malicious websites and phishing attacks
- Educate users about cybersecurity threats and safe browsing
Not Used For:
- Advertising or marketing purposes
- User tracking or analytics
- Data collection beyond security analysis
- Any purpose unrelated to cybersecurity protection
🌍 GDPR Compliance
Legal Basis (GDPR Article 6)
- Legitimate Interest: Protecting users from phishing attacks
- Consent: Your explicit consent when using the extension
- Legal Obligation: Compliance with cybersecurity regulations
User Rights (GDPR)
- Right of Access: Request copies of your data
- Right to Rectification: Correct inaccurate data
- Right to Erasure: Request deletion of your data
- Right to Portability: Receive your data in a portable format
- Right to Object: Object to processing of your data
📞 Contact Information
Privacy Inquiries
Response Time: Within 30 days
Languages: English, German
Chrome Web Store Support
Response Time: Within 24 hours
Support Hours: Monday-Friday, 9 AM - 5 PM CET
📋 Summary
What We Collect
Screenshots & Page Data
For phishing detection only
How Long
30 Days Max
Automatic deletion
Where
Germany
Switzerland (AI training only)
Who We Share With
No One
Except lawful legal requests
Your privacy and security are our top priorities. We are committed to protecting your data and being transparent about our practices.
⚖️ Legal Information
Governing Law
- Jurisdiction: Germany
- Applicable Law: German Federal Data Protection Act (BDSG)
- Dispute Resolution: German courts have exclusive jurisdiction
Compliance
- GDPR: Full compliance with EU General Data Protection Regulation
- BDSG: Compliance with German Federal Data Protection Act
- Industry Standards: Adherence to cybersecurity best practices
📝 Policy Updates
Notification of Changes
- Significant Changes: 30 days advance notice
- Minor Updates: Updated effective date
- Version Control: All policy versions are archived
Your Continued Use
- Continued use after policy updates constitutes acceptance
- You can stop using the service if you disagree with changes