Privacy policy for ThreatStrike Shield
ThreatStrike Shield by ThreatStrike LLC
ThreatStrike Shield Privacy Policy
ThreatStrike Shield is a local first phishing and malicious-URL scanner. It is built so that your browsing stays on your device.
What we collect: nothing, by default.
All phishing checks, link heuristics, look-alike detection, brand-impersonation detection, and blocklist lookups run entirely inside your browser. Your browsing history, the URLs you visit, the pages you view, and any data you enter are never collected, never sent to us, and never sent to any third party in the background. We operate no analytics, no telemetry, no tracking, and no account system. We run no server that receives your data.
Outbound network requests are limited to the following, and nothing else:
Blocklist downloads (automatic, contains no information about you).
The extension periodically downloads public threat-intelligence blocklists (URLhaus, PhishTank, Steven Black, OpenPhish) to check sites offline. These requests download data only; they send no information about you or the sites you visit. You can disable individual sources, or run entirely on the bundled snapshot, in Settings → Blocklist.
Reporting a site (only when you click "Report").
If you click the Report button, the extension sends only that single reported URL to anti-phishing takedown services (e.g. Netcraft), and, if you have configured one, to your own webhook endpoint. If you have entered an optional contact email in Settings, it is included so the takedown service can follow up. This is the only personal information ever transmitted, it is optional, and it is sent only when you provide it. Reporting can be turned off entirely under Settings → Privacy (Community reporting), in which case Report only blocks and records the site locally.
VirusTotal scan (only when you choose to scan).
If you add your own VirusTotal API key in Settings and use the right-click "Scan with ThreatStrike Shield" action, the extension sends only that single URL to VirusTotal under your own key, to cross-reference it against multiple security engines. No URL is sent to VirusTotal unless you initiate a scan, and this feature is inactive unless you supply a key.
Every transmission above is user-initiated, sends a single URL at a time, and can be disabled. None of it runs as background telemetry.
Data storage.
Settings, your allowlist, your custom blocklist, and local report/statistics records are stored only in your browser's local storage on your device. We have no access to them. You can export or clear them at any time; your VirusTotal API key is stored locally and is never included in exports.
Data sale and use.
We do not sell your data, do not use it for advertising or tracking, and do not use it to determine creditworthiness or for lending.
Contact.
Questions about this policy: security@threatstrike.ai
Changes.
Material changes to this policy will be reflected in the extension's listing and at https://threatstrike.ai/privacy-policy.html.