Privacy Policy

Last updated: March 18, 2026

1. Introduction

MailDefender ("we", "us", "our") operates the maildefender.ai website and the MailDefender email security service. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Information We Collect

2.1 Email Analysis Data

When you forward an email to our analysis address (verify@maildefender.ai), we process the following data to provide threat analysis:

  • Email headers (sender, recipient, routing information)
  • Email subject line and body content
  • URLs and links contained in the email
  • Attachment metadata (file names, types, sizes)

After analysis is complete and the results email is delivered, the sender's email address is anonymized in our records. We retain anonymized analysis results for campaign tracking purposes.

2.2 Lead / Registration Data

When you fill out a contact form on our Enterprise or Warning pages, we collect:

  • Contact name
  • Work email address
  • Phone number (optional)
  • Job title (optional)
  • Free-text message (optional)

2.3 Analytics Data

We use Umami, a privacy-focused analytics platform, to collect anonymous usage statistics. Umami does not use cookies, does not track users across websites, and does not collect any personally identifiable information. We collect aggregate data such as page views, referrer sources, and browser type.

3. How We Use Your Information

  • To analyze emails for phishing threats and deliver results to you
  • To detect and track phishing campaigns targeting specific brands
  • To alert companies when their brand is being impersonated
  • To respond to your inquiries and contact requests
  • To improve our service and detection capabilities

4. Data Sharing

We do not sell, rent, or share your personal information with third parties for marketing purposes. We may share anonymized, aggregated campaign data with impersonated brands to help them protect their customers.

Email content is processed using the Claude AI API (Anthropic) for threat analysis. Anthropic does not use API inputs to train their models. See Anthropic's Privacy Policy for details.

5. Data Retention

  • Email analysis data: Sender addresses are anonymized after results delivery. Anonymized analysis results are retained for campaign intelligence.
  • Lead/registration data: Retained until you request deletion or the business relationship ends.
  • Analytics data: Anonymous aggregate data retained indefinitely.

6. Your Rights (GDPR)

If you are located in the European Economic Area, you have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict processing of your data
  • Data portability
  • Lodge a complaint with a supervisory authority

To exercise any of these rights, contact us at contact@maildefender.dev .

7. Security

We implement appropriate technical and organizational measures to protect your data, including encrypted connections (TLS), secure database storage, and access controls. However, no method of electronic transmission or storage is 100% secure.

8. Contact

For any questions about this Privacy Policy, contact us at: contact@maildefender.dev