Hirewall

Privacy Policy

Last updated: December 29, 2025

1. Introduction

Hirewall ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, and safeguard your information when you use our browser extension and services.

2. Information We Collect

2.1 Email Metadata (Analyzed Locally)

When you use Hirewall on Gmail or Outlook, our extension analyzes:

• Sender email address and display name
• Email subject lines
• Email body content (processed locally in your browser, not stored)
• Attachment filenames (not contents)

Important: This analysis happens entirely in your browser. We do not transmit or store the full content of your emails.

2.2 Anonymous Pattern Data (Sent to Servers)

When our extension detects a potential scam or you submit feedback, we may send anonymized data to our servers:

• Sender domain (e.g., "example-careers.net")
• Risk score and detected threat patterns
• Email category (e.g., "job offer", "invoice notification")
• Hashed pattern identifiers (not reversible to original content)
• Timestamp of detection

This data helps improve our detection algorithms for all users and builds our threat intelligence database.

2.3 What We Never Collect

• Full email content or body text
• Your personal email address or identity (unless you create an account)
• Names of people in your emails
• Attachment contents (only metadata like filenames)
• Browsing history outside of Gmail and Outlook
• Personal information (SSN, financial data, passwords, etc.)
• Screenshots or images from your emails

3. How We Use Information

• Threat Detection: To analyze emails and warn you about potential job scams
• Pattern Database: To maintain and improve our scam detection patterns
• Domain Verification: To check the age and reputation of sender domains
• Product Improvement: To understand how users interact with our extension
• Support: To respond to your questions or feedback

4. Data Storage & Security

Anonymized pattern data is stored on secure servers hosted by:

• Fly.io (application hosting)
• Supabase (database)

All data transmission uses HTTPS encryption. We implement industry-standard security measures including encryption at rest, access controls, and regular security audits.

5. Third-Party Services

We use the following third-party services:

• AI Analysis: For AI-powered email analysis (receives only anonymized snippets, never full email content)
• IP2WHOIS: For domain age verification (receives only domain names)
• Stripe: For payment processing (if you subscribe to a paid plan)

6. Data Retention

• Pattern data: Retained indefinitely to maintain threat intelligence database
• Account data: Retained while your account is active
• Local scan history: Stored in your browser for 90 days, then automatically cleared
• Local analysis: Never transmitted to servers, cleared when browser closes

7. Your Rights

You have the right to:

• Disable or uninstall the extension at any time
• Request deletion of any data associated with your account
• Opt out of anonymous pattern sharing
• Access information we have about you
• Export your scan history from the extension settings

To exercise these rights, contact us at support@hirewall.app

8. Children's Privacy

Hirewall is not intended for users under 13 years of age. We do not knowingly collect personal information from children under 13.

9. International Users

Hirewall is available globally. If you use our services from outside the United States, your data may be transferred to and processed in the United States. We comply with applicable data protection regulations including GDPR and CCPA.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any significant changes by updating the "Last updated" date and, if applicable, through the extension interface or email notification.

11. Contact Us

If you have questions about this Privacy Policy, please contact us at:

support@hirewall.app