T

ThreatVerdict

Privacy Policy

Last updated: 30 March 2026

ThreatVerdict ("we", "our", "us") is committed to protecting your privacy. This Privacy Policy explains how our website (threatverdict.site) and Chrome extension handle your data.

1. Data we collect

We do not collect, store, or transmit any personal data.

Specifically:

• We do not access your email inbox, browser history, or any accounts.
• We do not require sign-up, login, or any personal information.
• We do not use cookies for tracking or advertising.
• We do not use analytics or tracking scripts.

2. How the scanner works

When you paste content into ThreatVerdict (via the website or Chrome extension), the text is sent to our server-side API for AI analysis. Here's what happens:

• Your input is sent securely over HTTPS to our API endpoint.
• The API forwards the content to an AI model for threat analysis.
• The AI returns a verdict (Safe, Caution, Suspicious, or Dangerous) with an explanation.
• Your input is not stored on our servers. It is processed in real-time and discarded immediately after the response is generated.
• No logs of scanned content are kept.

3. Scan history

Your scan history is stored locally on your device only using your browser's localStorage. It never leaves your browser and is not accessible to us or anyone else. You can clear it at any time.

4. Chrome extension

The ThreatVerdict Chrome extension:

• Only activates when you explicitly use it (paste content in the popup or right-click → "Scan with ThreatVerdict").
• Does not run in the background or monitor your browsing.
• Does not read your emails, browser history, passwords, or any personal data.
• Only sends the text you explicitly select or paste to our API for analysis.
• Does not transmit data to any third party other than our AI analysis API.

5. Full report links

When you view a full report via a link, the report data is encrypted using AES-256-GCM encryption. The encryption key is embedded in the URL fragment (the part after #), which is never sent to our server. Report links expire after 1 hour.

6. Third-party services

We use the following third-party services:

• Google Fonts — for typography. Subject to Google's Privacy Policy.
• AI Language Model API — for threat analysis. Content is processed in real-time and not stored by the AI provider for our requests.

We display affiliate recommendations for cybersecurity products (such as VPN and password manager services). Clicking these links may take you to third-party websites with their own privacy policies.

7. Data security

All communication between your browser and our servers is encrypted using HTTPS/TLS. Our API implements rate limiting, input sanitisation, and prompt injection protection to prevent abuse.

8. Children's privacy

ThreatVerdict is not directed at children under the age of 13. We do not knowingly collect any data from children.

9. Changes to this policy

We may update this Privacy Policy from time to time. The latest version will always be available at threatverdict.site/privacy.

10. Contact

If you have any questions about this Privacy Policy, contact the developer:

Avez Khatri — theavezkhatri.com