Privacy Policy
The short version: InboxSafe analyzes your emails locally in your browser using our Chrome extension. We do not store, read, or transmit the content of your emails to our servers. Your inbox stays yours.
1. Who We Are
InboxSafe is a product of Cyber Global Technologies LLC ("CGT", "we", "us", or "our"), a cybersecurity company based in New York. You can contact us at privacy@inboxsafe.app.
2. What We Collect
We collect only what is necessary to provide and improve InboxSafe:
- Account information โ your email address and name when you create an account.
- Usage data โ anonymized statistics such as number of threats detected, extension version, and browser type. No email content is included.
- Payment information โ processed by Stripe. We never see or store your credit card details.
- Support communications โ if you contact us, we retain those messages to help resolve your issue.
3. What We Do NOT Collect
We want to be explicit about this:
- We do not read, store, or transmit the content of your emails.
- We do not store URLs or links found in your emails on our servers.
- We do not sell your data to third parties.
- We do not use your data for advertising purposes.
- We do not build behavioral profiles from your inbox activity.
4. How InboxSafe Works
The InboxSafe Chrome extension analyzes email content locally within your browser. Threat detection logic runs client-side. When a URL needs to be verified against known threat databases, only the URL (never the surrounding email content) is sent to our analysis API over an encrypted connection.
5. How We Use Your Information
- To provide and maintain the InboxSafe service
- To authenticate your account and manage your subscription
- To send you service-related communications (security alerts, billing, product updates)
- To improve detection accuracy using anonymized, aggregated threat data
6. Data Sharing
We share data only with the following trusted service providers, strictly for operating InboxSafe:
- Stripe โ payment processing
- Clerk โ authentication and user management
- Cloudflare โ infrastructure and DDoS protection
We do not sell, rent, or share your personal data with any other third parties.
7. Data Retention
We retain your account data for as long as your account is active. If you delete your account, we will delete your personal data within 30 days, except where retention is required by law.
8. Your Rights
Depending on your location, you may have the right to:
- Access the personal data we hold about you
- Request correction of inaccurate data
- Request deletion of your data
- Object to processing of your data
- Data portability
To exercise any of these rights, contact us at privacy@inboxsafe.app.
9. Security
We apply industry-standard security measures including encryption in transit (TLS), encryption at rest, and access controls. As a cybersecurity company, security is not an afterthought โ it's what we do.
10. Children's Privacy
InboxSafe is not directed at children under 13. We do not knowingly collect personal data from children under 13.
11. Changes to This Policy
We may update this policy from time to time. We will notify you of material changes via email or a notice in the extension. Continued use of InboxSafe after changes constitutes acceptance of the updated policy.
12. Contact
Questions about this policy? Contact us at privacy@inboxsafe.app or write to:
Cyber Global Technologies LLC
New York, NY, United States