Privacy Policy

Last updated: June 24, 2026

1. Introduction

ForwardToSafety (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our security services, including email phishing detection, URL safety screening, website monitoring, browser extensions, the ForwardToSafety — Email Safety Checker Outlook add-in, on-demand computer security check-ups (Reveal Scan), and — for managed plans — automated patching and hardening (Fortify) and continuous security monitoring and response (Support & Defend).

Important: While we strive to provide accurate security analysis, no security service can guarantee 100% accuracy. Our analysis results, verdicts, and screening outcomes are informational assessments intended as one factor in your decision-making process, not safety endorsements.

2. Information We Collect

2.1 Email Content

When you forward an email to check@forwardtosafety.com, we receive and process the email content, including:

  • Email headers (sender, recipient, subject, timestamps)
  • Email body content (text and HTML)
  • Attachments (analyzed for threats but not permanently stored)
  • Embedded links and URLs

2.2 Account Information

For paying customers, we collect:

  • Email address
  • Billing information (processed securely by Authorize.net)
  • Usage statistics (number of emails analyzed)

2.3 URL Safety Screening Data

When you submit a URL for safety screening (including via the website, browser extension, bookmarklet, or API), we collect:

  • The URL submitted for checking
  • Your IP address (for rate limiting and abuse prevention)
  • Timestamp of the request
  • Screening results (domain age, SSL status, blocklist matches, threat feed results)

URL screening does not require an account. If you use URL screening without logging in, your submitted URLs are associated with your IP address only, not with any account or email address.

2.4 Automatically Collected Information

When you visit our website, we may collect standard web analytics data including IP address, browser type, pages visited, and referring URLs.

2.5 Computer Security Check-Up Data (Reveal Scan)

When you run a Reveal Scan on a computer, our tool collects read-only system configuration and security-posture signals so we can assess where the computer is exposed and produce your report. This includes:

  • Operating-system version and update/patch status
  • Security settings (antivirus, firewall, disk encryption, screen lock, remote-access configuration)
  • Installed software and its update state, including application names, version numbers, and publisher — used to assess security posture and check installed software versions against known-vulnerability databases (CVE/KEV/EPSS)
  • Device and driver information, including problem devices and unsigned drivers
  • System crash and error-reporting recency
  • Hardware identifiers (device name, hardware model details)
  • Backup and account-protection settings
  • Indicators of prior compromise
  • The device name/identifier and the account email you associate with the scan

The tool reads system settings only. It does not read, collect, or transmit your personal files, documents, photos, messages, or browsing content. Collected signals are transmitted securely over HTTPS and scored on our servers to generate your grade and fix-it list.

Optional full system report: With your permission, the scan may generate a Windows System Information report as a more detailed deliverable. Before this report leaves your device, it is redacted on-device to remove environment-variable values, usernames, and user-profile paths (for example, C:\Users\<name>). Only the redacted report is transmitted to our servers and stored. This artifact follows the same retention schedule as your Reveal Scan report: up to 3 years for business accounts and up to 90 days for personal accounts while your subscription remains active, or 30 days for trial scans, after which it is purged. Aggregate, non-identifiable data derived from scan signals (with no link to you or your devices) may be retained indefinitely for analysis and product improvement (see Section 5.5).

2.6 Managed Services Data (Fortify & Support & Defend)

If you subscribe to a managed plan, we install a lightweight agent on the computers you enroll under your account. The data collected depends on the plan:

  • Fortify (patching & hardening): device inventory, operating-system and application versions, patch/update status, and security-configuration state, so we can apply and verify approved updates and hardening settings.
  • Support & Defend (continuous monitoring & response): in addition to the above, security telemetry — system and security event logs, and process and network activity relevant to threat detection — which our team monitors around the clock to detect and respond to threats.

You control which devices are enrolled and may remove a device at any time through your account.

3. How We Use Your Information

We use the information we collect to:

  • Analyze forwarded emails for phishing threats
  • Screen submitted URLs for known threat indicators
  • Perform AI-powered deep analysis of URLs and emails (for authenticated users)
  • Monitor websites for ongoing safety (for authenticated users)
  • Assess a computer's security posture and produce your Reveal Scan report and fix-it recommendations
  • Apply and verify patches and security hardening on enrolled devices (Fortify)
  • Monitor enrolled devices for threats and respond to security incidents (Support & Defend)
  • Send you analysis results via email
  • Enforce rate limits and prevent abuse of no-cost screening services
  • Detect aggregate threat patterns and emerging campaigns from anonymized check data
  • Maintain and improve our detection algorithms
  • Process payments and manage subscriptions
  • Communicate service updates and security alerts
  • Comply with legal obligations

4. Email Analysis & Privacy

4.1 What We Analyze

When you forward an email to check@forwardtosafety.com, we analyze:

  • Email headers (sender, authentication records, routing information)
  • Email body content (to identify phishing patterns, urgency language, threats)
  • Links and URLs (to check for malicious destinations)
  • Attachments (if present, to identify malware signatures)

4.2 Outlook Add-in

When you use the ForwardToSafety — Email Safety Checker add-in for Microsoft Outlook, the add-in reads the content of the email you select for analysis, including headers, body, and attachments. This data is transmitted securely over HTTPS to our analysis service and processed identically to emails forwarded via check@forwardtosafety.com. The add-in does not access any other emails in your mailbox, does not modify your emails, and does not run in the background. It only processes the specific email you choose to submit.

4.3 What We Do Not Do

  • Read or access your personal emails beyond the specific message you choose to submit for analysis
  • Access your email account or inbox (you forward messages manually)
  • Share your forwarded emails with third parties (except as required by law)
  • Use your email content for marketing or advertising purposes
  • Sell your data to data brokers or advertisers

5. Data Retention

5.1 Analyzed Emails

Analyzed emails are retained for 90 days with full sender information so you can review your submission history. After 90 days, sender information is anonymized (removed or replaced with non-identifying values) and the email content is retained indefinitely in anonymized form for threat intelligence, detection improvement, and aggregate analysis. You will no longer be able to identify the original sender after anonymization.

5.2 Analysis Results

Verdicts, risk scores, and threat findings are retained indefinitely as part of our threat intelligence database. For the first 90 days, results are linked to your account for your reference. After 90 days, sender information is anonymized but analysis results remain available for service improvement and aggregate threat detection.

5.3 Account Data

Email address, billing information, and account settings are retained while your account is active. If you cancel your subscription or request account deletion, a 30-day cooling period begins during which you may cancel your request. After 30 days, your personal account data is permanently deleted, except where retention is required for legal, tax, or fraud prevention purposes. Previously analyzed emails that have already been anonymized (per Section 5.1) will remain in our threat intelligence database in anonymized form.

5.4 URL Screening Data

URLs submitted for screening, their results, and associated IP addresses are retained indefinitely for product testing, service improvement, threat detection, rate limiting, and abuse prevention.

5.5 Anonymized and Aggregate Data

Aggregate, non-identifiable data may be retained indefinitely for analysis, research, statistical, and product-improvement purposes. This includes anonymized email and URL screening patterns, de-identified security-posture and threat statistics derived from Reveal Scan and managed-service data (for example, aggregate counts of how often a given misconfiguration or threat appears), and similar aggregate metrics — in each case with all personally identifiable information removed so the data cannot be linked back to you, your account, or your devices.

5.6 Legal Holds and Preservation Requests

Notwithstanding the retention periods described above, we may retain data (including data that would otherwise be anonymized or deleted) for longer periods when required by law, court order, subpoena, regulatory investigation, or other valid legal process. We may also retain data at the request of a customer to support an internal investigation, litigation hold, or similar lawful purpose. In such cases, the data will be retained for as long as necessary to satisfy the legal obligation or customer request, after which normal retention schedules will resume.

5.7 Computer Security Check-Up (Reveal Scan) Reports

Reveal Scan reports — your grade, findings, and the underlying system signals — are retained for up to 3 years on business accounts while your subscription remains active, so you can track your security posture over time and provide historical documentation to auditors, insurers, or clients. Reports on personal accounts are retained for up to 90 days while your subscription remains active. Reports from trial scans, or scans not linked to a paid account, are retained for 30 days. If you cancel your subscription or close your account, reports are purged on the same schedule as your account data (see Section 5.3). After the applicable retention period, reports are purged. Aggregate, de-identified security statistics derived from scans (with no link to you or your devices) may be retained indefinitely for analysis and product improvement (see Section 5.5).

5.8 Managed Services Data (Fortify & Support & Defend)

Telemetry, logs, device inventory, and alerts collected by Fortify and Support & Defend agents are retained for the duration of your enrollment and for a reasonable period afterward to support incident investigation and continuity of service. When you remove a device from your plan or close your account, associated managed-service data is deleted on our normal schedule, except where a longer period is required for an active investigation, a customer request, or by law (see Section 5.6).

5.9 System Backups

Encrypted system backups are created regularly for disaster recovery purposes. Personal data that has been anonymized or deleted per the schedules above may persist in these backups for a limited period. Backup data is stored securely and is only accessed in the event of a system recovery. Restored data will be re-processed to apply any pending anonymization or deletion obligations.

6. Data Sharing

We do not sell your personal information. We may share information with:

  • Service Providers: Third parties who assist in operating our service (payment processing, email delivery)
  • Threat Intelligence: Anonymized threat data may be shared with security research partners to improve industry-wide protection
  • Legal Requirements: When required by law or to protect our rights

7. Data Security

We implement industry-standard security measures including encryption in transit (TLS), secure data storage, and access controls. See our Security page for more details.

8. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access your data: Download your analysis history and account information
  • Delete your data: Request complete account and data deletion
  • Correct inaccurate data: Update your account information at any time
  • Opt-out of marketing emails: Unsubscribe from marketing communications anytime
  • Object to or restrict processing: Limit how we use your data
  • Data portability: Receive your data in a portable format

To exercise these rights, email privacy@forwardtosafety.com. We will respond to your request within 30 days.

9. Children's Privacy

Our service is not intended for children under 13. We do not knowingly collect personal information from children under 13.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

11. Contact Us

If you have questions about this Privacy Policy, please contact us at:
Email: privacy@forwardtosafety.com