ForwardToSafety

Privacy Policy

Last updated: April 7, 2026

1. Introduction

ForwardToSafety (“we,” “our,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our security analysis services, including email phishing detection, URL safety screening, website monitoring, browser extensions, and the ForwardToSafety — Email Safety Checker Outlook add-in.

Important: While we strive to provide accurate security analysis, no security service can guarantee 100% accuracy. Our analysis results, verdicts, and screening outcomes are informational assessments intended as one factor in your decision-making process, not safety endorsements.

2. Information We Collect

2.1 Email Content

When you forward an email to check@forwardtosafety.com, we receive and process the email content, including:

  • Email headers (sender, recipient, subject, timestamps)
  • Email body content (text and HTML)
  • Attachments (analyzed for threats but not permanently stored)
  • Embedded links and URLs

2.2 Account Information

For paying customers, we collect:

  • Email address
  • Billing information (processed securely by Authorize.net)
  • Usage statistics (number of emails analyzed)

2.3 URL Safety Screening Data

When you submit a URL for safety screening (including via the website, browser extension, bookmarklet, or API), we collect:

  • The URL submitted for checking
  • Your IP address (for rate limiting and abuse prevention)
  • Timestamp of the request
  • Screening results (domain age, SSL status, blocklist matches, threat feed results)

URL screening does not require an account. If you use URL screening without logging in, your submitted URLs are associated with your IP address only, not with any account or email address.

2.4 Automatically Collected Information

When you visit our website, we may collect standard web analytics data including IP address, browser type, pages visited, and referring URLs.

3. How We Use Your Information

We use the information we collect to:

  • Analyze forwarded emails for phishing threats
  • Screen submitted URLs for known threat indicators
  • Perform AI-powered deep analysis of URLs and emails (for authenticated users)
  • Monitor websites for ongoing safety (for authenticated users)
  • Send you analysis results via email
  • Enforce rate limits and prevent abuse of free screening services
  • Detect aggregate threat patterns and emerging campaigns from anonymized check data
  • Maintain and improve our detection algorithms
  • Process payments and manage subscriptions
  • Communicate service updates and security alerts
  • Comply with legal obligations

4. Email Analysis & Privacy

4.1 What We Analyze

When you forward an email to check@forwardtosafety.com, we analyze:

  • Email headers (sender, authentication records, routing information)
  • Email body content (to identify phishing patterns, urgency language, threats)
  • Links and URLs (to check for malicious destinations)
  • Attachments (if present, to identify malware signatures)

4.2 Outlook Add-in

When you use the ForwardToSafety — Email Safety Checker add-in for Microsoft Outlook, the add-in reads the content of the email you select for analysis, including headers, body, and attachments. This data is transmitted securely over HTTPS to our analysis service and processed identically to emails forwarded via check@forwardtosafety.com. The add-in does not access any other emails in your mailbox, does not modify your emails, and does not run in the background. It only processes the specific email you choose to submit.

4.3 What We Do Not Do

  • Read or store your personal emails beyond the specific message you forward for analysis
  • Access your email account or inbox (you forward messages manually)
  • Share your forwarded emails with third parties (except as required by law)
  • Use your email content for marketing or advertising purposes
  • Sell your data to data brokers or advertisers

5. Data Retention

5.1 Analyzed Emails

Stored for 90 days for your reference and historical reporting. Automatically deleted after 90 days unless you flag for extended retention. You may delete analyzed emails from your dashboard at any time.

5.2 Analysis Results

Threat intelligence data (anonymized patterns) retained indefinitely for service improvement. Your personal threat history retained for duration of subscription plus 30 days. Deleted within 30 days of subscription cancellation (unless legal hold applies).

5.3 Account Data

Email address, billing information, and account settings retained while subscription is active. Deleted within 90 days of subscription cancellation (unless required for legal/tax purposes).

5.4 URL Screening Data

URLs submitted for screening and their results may be retained indefinitely for product testing, service improvement, and threat detection. IP addresses associated with unauthenticated URL checks are retained in identifiable form for up to 30 days (used for rate limiting and abuse prevention), after which they are replaced with a one-way hash. Hashed IP records may be retained indefinitely for abuse pattern detection but cannot be reversed to identify you.

5.5 Anonymized and Aggregate Data

We may retain anonymized and aggregate data indefinitely for testing, development, improving our detection algorithms, and identifying threat trends. This includes anonymized URL screening patterns (e.g., aggregate counts of checks against specific domains, without association to individual users or IP addresses). Anonymized data has all personally identifiable information removed and cannot be linked back to you.

6. Data Sharing

We do not sell your personal information. We may share information with:

  • Service Providers: Third parties who assist in operating our service (payment processing, email delivery)
  • Threat Intelligence: Anonymized threat data may be shared with security research partners to improve industry-wide protection
  • Legal Requirements: When required by law or to protect our rights

7. Data Security

We implement industry-standard security measures including encryption in transit (TLS), secure data storage, and access controls. See our Security page for more details.

8. Your Privacy Rights

Depending on your location, you may have the following rights:

  • Access your data: Download your analysis history and account information
  • Delete your data: Request complete account and data deletion
  • Correct inaccurate data: Update your account information at any time
  • Opt-out of marketing emails: Unsubscribe from marketing communications anytime
  • Object to or restrict processing: Limit how we use your data
  • Data portability: Receive your data in a portable format

To exercise these rights, email privacy@forwardtosafety.com. We will respond to your request within 30 days.

9. Children's Privacy

Our service is not intended for children under 13. We do not knowingly collect personal information from children under 13.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date.

11. Contact Us

If you have questions about this Privacy Policy, please contact us at:
Email: privacy@forwardtosafety.com