Privacy Policy
Data Handling Statement for Security Professionals
This tool is specialized in technical forensic analysis of suspicious emails. DO NOT upload emails containing sensitive personally identifiable information (PII), unencrypted credentials, or restricted corporate secrets. While we prioritize privacy, this tool is intended for security research and threat intelligence purposes.
Our architecture is built on the principle of Privacy by Design. Unlike traditional scanners, we use a decentralized analysis model:
The actual parsing and deconstruction of your .eml file (MIME headers, body text, attachment extraction) happen locally in your web browser. Your raw file content is never uploaded to our central infrastructure.
All extracted data exists only in your browser's active memory and the volatile memory of our secure API proxy (Cloudflare Workers) during the duration of the scan.
We do not own or operate any database that stores the content of your emails. Once you close the tab or refresh the page, the analysis session is permanently wiped.
To provide advanced threat intelligence, the application extracts specific Indicators of Compromise (IoCs) and queries external security databases. By using this tool, you acknowledge that:
Extracted sender IPs and URLs are sent to AbuseIPDB and VirusTotal to check for malicious history.
Only the SHA256 hash of your attachments is sent to VirusTotal and Hybrid Analysis. The actual files remain on your machine unless you explicitly trigger a manual deep-scan.
A summary of technical indicators (but not the full raw email) is processed by Cloudflare Workers AI (Llama 3.1) to generate the "Neural Forensic Verdict."
Shortened links are interrogated via our proxy to identify hidden redirects.
To prevent platform abuse and ensure stability, we log minimal technical metadata:
| Data Type | Purpose | Retention Period |
|---|---|---|
| IP Address | Rate limiting and DDoS protection | 24 Hours |
| IoC Logs | Optimization of API calls | Not Stored |
| File Hash | Identification of known threats | 7 Days (Cache only) |
| AI Prompt Data | Generating forensic summaries | Volatile (Session only) |
We employ high-tier security protocols to protect the communication between your browser and our analysis engine:
All data in transit is encrypted using the latest standards.
Our logic runs on Cloudflare's global edge network with WAF protection.
Zero advertising cookies, third-party trackers, or marketing scripts.
As our tool is "Stateless" (we don't store your personal data in a database), the "Right to Erasure" is effectively built-in.
However, for any metadata logs (like IP logs for 24h), you retain full rights to:
- Inquire about data processing logic
- Request immediate manual log deletion
- Object to specific API interrogation (by not using those specific modules)
For GDPR inquiries: privacy@eml-scanner.com
We reserve the right to update this statement as we integrate new threat intelligence providers. The "Last Updated" date at the top will reflect the most recent changes.
Disclaimer: Email Scanner is a security tool provided "as-is". While we provide advanced forensic insights, the final decision on whether an email is safe rests with the security analyst using the tool.
Questions about our privacy practices?