Privacy Policy
Overview
SusKat ("we", "our", "the extension") is a browser extension that helps protect users from fraudulent websites, phishing, and malware. This Privacy Policy explains what data we collect, how we use it, and your rights.
Key Principle: SusKat is designed with privacy as a core value. We use a local-first architecture where most processing happens on your device, not our servers.
What Data We Collect
Data Processed Locally (Never Leaves Your Device)
The following data is processed entirely on your device and is never sent to our servers:
- Page content analysis - We scan page elements to detect scam indicators (fake trust badges, suspicious discounts, etc.)
- Cached results - Analysis results are cached locally in your browser for performance
- Whitelist checks - Checking if a site is in our list of commonly trusted domains
- Threat database lookups - Checking if a domain matches known threats using locally-stored data
Data Sent to Our Backend (When Necessary)
In some cases, we send limited data to our backend for enhanced protection:
| Data | When Sent | Purpose |
|---|---|---|
| Domain name | When additional verification is needed | Deep threat intelligence lookup |
| Anonymous report ID | When you submit a report | Track report for processing |
| Report details | When you report a site | Improve threat detection |
| Extension version | With all requests | Compatibility checking |
We do NOT collect:
- Your browsing history
- URLs with paths or query parameters (only domain names)
- Personal information (name, email, location)
- Form data or credentials
- Cookie data
- IP addresses (beyond what's in server logs)
User Reports
When you report a suspicious site:
- We collect: domain name, detected signals, your anonymous ID, timestamp
- We do NOT collect: your identity, email, or any personal information
- Reports are reviewed for accuracy before being added to our threat feed
- Reports are retained for 30 days, then deleted
- Anonymous IDs are randomly generated and cannot be linked to you
Data Retention
| Data Type | Retention Period |
|---|---|
| Local cache (your device) | 24 hours, then auto-deleted |
| Backend domain cache | 7 days |
| User reports | 30 days |
| Server logs | 14 days |
Third-Party Services
Threat Intelligence
We aggregate threat data from multiple public and industry sources to detect malicious sites. These sources provide information about known phishing, malware, and scam domains. These services do not receive any data about your browsing - we download their data, they don't see yours.
For details about our data sources, please contact us.
Cloud Infrastructure
Our backend runs on secure cloud infrastructure with data processing in compliance with applicable privacy regulations. Our infrastructure providers process requests but do not have access to the content of our data.
Data Security
We implement the following security measures:
- HTTPS only - All communication with our backend is encrypted
- No user accounts - No passwords or credentials to compromise
- Minimal data - We collect only what's necessary for protection
- Anonymous IDs - Reports cannot be traced back to individuals
- Automatic deletion - Data is automatically purged after retention period
Your Rights
You have the right to:
- Know what data we have - All data we collect is described in this policy
- Delete your data - Clear local data via browser settings; reports are auto-deleted after 30 days
- Opt out - Uninstall the extension at any time
- Report concerns - Contact us with any privacy concerns
Children's Privacy
SusKat does not knowingly collect data from children under 13. The extension is designed for general audiences and does not target children.
Changes to This Policy
We may update this Privacy Policy from time to time. Changes will be noted with a new "Last Updated" date. Significant changes will be communicated through the extension update notes.
Contact Us
For privacy questions or concerns:
- Website: suskat.com
Summary
| Category | Our Approach |
|---|---|
| Local processing | Most analysis happens on your device |
| Data collection | Minimal - only domain names when needed |
| Personal data | None collected |
| Browsing history | Not collected or stored |
| User reports | Anonymous, auto-deleted after 30 days |
| Third parties | Threat feeds only, no user data shared |
SusKat is committed to protecting both your security and your privacy.