Privacy Policy for Phishing-Reporter

1. Introduction 

Tetrisponse ("we," "us," or "our") has developed the Phishing-Reporter Add-on for Google Workspace exclusively for our customers to help users report suspicious emails. This Privacy Policy explains how we collect, use, and share your data when you use the Add-on . By using the Add-on, you consent to the practices described in this Privacy Policy. 

2. Data Collection 

When you report a suspicious email using the Add-on, we collect the following information: 

Email Content: We collect the full content of the reported email, including headers, body, attachments, and metadata. This is necessary for us to analyze and investigate the potential threat. 

Email Metadata: We collect limited metadata associated with the reported email, such as sender and recipient addresses, date and time sent, and subject line. This helps us contextualize the report and track trends. 

3. Data Usage 

We use the collected data exclusively for the following purposes: 

Threat Analysis: We analyze the reported email to determine if it is malicious, phishing, or spam. 

Threat Prevention: We use patterns and insights derived from the analysis to improve our threat detection capabilities and protect our users from future attacks.

Aggregate Reporting: We may generate anonymized, aggregated reports about email threats, which may be shared with our partners and the security community. 

4. Data Sharing 

To effectively analyze and investigate the potential threats reported through the Add-on, we share the collected email data with the following third-party services: 

Email Service Provider: We share the full email content (including attachments) with our email service provider, Microsoft, to facilitate the delivery and storage of reported emails. 

Security Tools: We may share the email content with trusted third-party security tools and services that help us analyze and assess the potential threat posed by the reported email. These tools may perform automated analysis, compare the email against known threats, and provide us with additional insights. 

We have carefully selected these third-party providers and have data processing agreements in place to ensure that they handle your data in accordance with this Privacy Policy and applicable data protection laws. 

5. Data Storage and Security 

The data collected through the Add-on is not stored on our own servers. Instead, we utilize the following storage mechanisms: 

Google Drive: For retention and archival purposes, we may store copies of reported emails and associated reports in our Google Drive. We employ industry-standard security measures within Google Drive to protect this data.

Microsoft Email: Reported emails are directly delivered to our designated Microsoft email account for analysis and investigation. Microsoft's email service employs its own security measures to protect the stored emails. 

We have implemented appropriate security measures to protect the data stored in both Google Drive and our Microsoft email account. These measures include access controls, encryption, and regular security reviews. We retain the data for as long as necessary to fulfill the purposes outlined in this Privacy Policy and to comply with applicable legal requirements. 

6. Your Rights 

You have the right to access, correct, and delete your data. You can also object to the processing of your data or withdraw your consent at any time. To exercise these rights, please contact us at 

7. Changes to this Privacy Policy 

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on our website. 

8. Contact Us 

If you have any questions or concerns about our Privacy Policy, please contact us at 

9. Managing Your Google Account Access 

You can manage access to your Google Account and the Add-on's permissions in your Google Account settings. 

10. Google's Commitment to Data Safety

Google takes data security seriously and provides tools and resources to help users share their data safely. Learn more about Google's approach to data security: