Aby używać tych dodatków, potrzebujesz pobrać Firefoksa.

Zaloguj się
Ikona dodatku

Zasady ochrony prywatności dodatku Lens URL Safety Checker

Lens URL Safety Checker Autor: Rahul Sharma

0 gwiazdek/5
5
0
4
0
3
0
2
0
1
0
Zasady ochrony prywatności dodatku Lens URL Safety Checker

Privacy Policy for Lens Extension
Effective Date: 18/08/2025
Last Updated: 27/11/2025

  1. Introduction
    Thank you for using Lens, a browser extension developed by Pahilabs.
    Lens helps you browse more safely by analyzing websites and emails for potential phishing, scams, or suspicious content, and displaying easy-to-understand risk indicators (green = safe, orange = suspicious, red = unsafe).

This Privacy Policy explains:

What information we collect,
How we use and protect it, and
Your choices and rights.
By installing or using the Lens Extension, you agree to this Privacy Policy.
  1. Information We Collect
    When you use the Lens Extension and related services, we may collect:

(a) URLs You Visit
The extension reads the URL of the website you are currently visiting.
This URL is processed first locally via the MAIA Desktop application.
If the URL has not been analyzed before, it may be sent securely to the Lens Server for phishing analysis.
(b) Emails You Open
When analyzing email content, the extension sends the email text to MAIA Desktop.
Sensitive information (names, numbers, personal identifiers) is masked locally on your computer before being sent to the Lens Server.
The masked email content may be processed by our algorithms or external AI providers.
(c) Authentication & Account Data
To use Lens, you must have a MAIA SSO account (requires only your email).
Authentication credentials (username/password, or optional facial recognition) are handled within MAIA Desktop.
We do not collect or store your facial recognition data on our servers; it is stored securely and locally on your device.
(d) Technical Data
We may collect limited technical information to operate and secure the service, such as:

Device type, browser type/version
Operating system
Application logs related to authentication or service errors
We do not collect your browsing history, keystrokes, or any unrelated content.
  1. How We Use Your Information
    We use collected data solely to:

Analyze URLs and emails to detect phishing or scam activity.
Provide color-coded safety indicators (green/orange/red) in the extension.
Maintain trusted/untrusted domain lists that you configure via the Lens Dashboard.
Authenticate users securely through MAIA SSO and Desktop.
Improve service accuracy (e.g., refining phishing detection models).
4. Data Retention
URLs: Stored temporarily if analysis is required. Results may be cached for faster future checks.
Emails: Randomly Selected Emails are stored on our servers for algorithm evaluation, compliance, and algorithm efficiency improvements. Each email is analyzed in real time, then discarded.
Account data: Your MAIA SSO account (email, password hash) is retained as long as your account is active.
Facial recognition data: Stored only on your local device, never uploaded to our servers.
5. Data Sharing
We do not sell or rent your data.
We may share limited, masked data with:

External AI providers for phishing analysis (email text after masking).
Service providers who assist with hosting, analytics, or security (under strict agreements).
All data sharing is limited to service operation and governed by confidentiality agreements.
  1. Data Security
    We take security seriously and apply industry-standard practices, including:

Encryption in transit (TLS) for all communications.
Encryption at rest for sensitive stored data.
Local masking/anonymization of personal identifiers before email analysis.
Access control & auditing for our internal systems.
7. Your Rights & Choices
Depending on your location (e.g., under GDPR, CCPA), you may have the right to:

Access the personal data we hold about you.
Request correction or deletion of your data.
Withdraw consent at any time.
Opt-out of sharing masked email data with external AI providers.
To exercise these rights, contact us at support@pahilabs.com.
  1. Cookies & Tracking
    The Lens Extension does not use advertising cookies or trackers.
    The Lens Dashboard (web app) may use cookies for authentication and session management only.
  2. International Data Transfers
    If you use Lens outside of [Your Hosting Country], your data may be transferred and processed on servers located in other regions. We apply appropriate safeguards (such as encryption and contractual clauses) to protect your data.
  3. Children’s Privacy
    Lens is not directed at children under 13 (or the age required by your local law). We do not knowingly collect personal information from children.
  4. Changes to This Privacy Policy
    We may update this Privacy Policy from time to time. We will notify users by updating the “Last Updated” date at the top of this page.
  5. Contact Us
    If you have any questions or concerns about this Privacy Policy or your data, you can reach us at:

Pahilabs
Email: support@pahilabs.com
Website: pahilabs.com

Tab 2

Privacy Policy – Lens Platform
Effective Date: 18/08/2025
Last Updated: 03/12/2025
  1. Introduction
    Thank you for using Lens, a privacy-preserving security product developed by Pahilabs, Lda. (“Pahilabs,” “we,” “our,” or “us”).
    Lens helps you browse and read emails more safely by assessing potential phishing, fraud, and suspicious content using local analysis, cloud-based threat intelligence, and AI-assisted evaluation.

This Privacy Policy explains:

What personal data we collect
How we use and protect it
The legal bases for processing (GDPR)
Your rights and choices
How to contact us
By installing or using the Lens Extension, MAIA Desktop, MAIA SSO, or Lens Dashboard, you agree to this Privacy Policy.
  1. Data Controller & Data Processor
    Under the GDPR:

Pahilabs acts as:
Data Controller for:
MAIA SSO account data
URL analysis data
Technical and diagnostic data
Data Processor for:
Organization-provided domain lists
Email content processed on behalf of enterprise clients (when applicable)
If your organization deploys Lens, your employer may also be a Data Controller of certain data processed through the Lens Dashboard.
  1. Data We Collect and How We Process It
    We collect only the minimum data necessary to operate Lens safely and effectively.
    We do not collect browsing history, keystrokes, passwords, cookies, or unrelated content.

3.1 URL Information (During Browsing)
What We Collect
The URL of the page you are visiting
Domain and subdomain
Technical page metadata (e.g., protocol, SSL info)
How It’s Processed
The URL is first analyzed locally by MAIA Desktop.
If additional classification is needed, only the URL is sent securely to Lens Server.
Results may be cached for faster future checks.
Legal Basis (GDPR Article 6)
Legitimate interest (to provide phishing risk assessment)
Contractual necessity (to deliver the service you install)

3.2 Email Content Analysis (Optional Feature)
What We Collect
When you use email scanning features, the extension may analyze:

Subject line
Email text
Before any processing:

All personal identifiers are masked automatically on your device, including:
Names
Phone numbers
Email addresses
Account numbers
After masking, the anonymized text may be sent to:

Lens Server for threat detection
External AI providers operating in zero-data retention mode (e.g., for phishing categorization)
Legal Basis
Legitimate interest (security analysis)
Contractual necessity
Consent, when applicable (opt-out available)
Data Storage
Real-time analysis: Email content is processed live and discarded.
Quality-improvement samples:
A small number of masked emails may be stored temporarily to improve detection models.
Retention: Maximum 30 days, then automatically deleted
You may opt-out of this storage at any time.

3.3 Account & Authentication Data
Collected via MAIA SSO:

Email address
Password hash (never plaintext)
MFA status (optional)
Audit logs (authentication success/failure)
Biometrics (MAIA Desktop)
Facial recognition templates (if used) are
stored only on your local device, encrypted,
never transmitted to Pahilabs,
never uploaded,
and fully under your control.
Legal Basis
Contractual necessity

3.4 Technical & Diagnostic Data
We may collect:

Device type, OS version
Browser type/version
Crash logs and error diagnostics
Performance and security event logs
We do not collect:

Keystrokes
Local files
Browser history
Legal Basis
Legitimate interest (security, fraud prevention, reliability)
  1. How We Use Your Data
    We use your information only for the following purposes:

Security Analysis
Detect phishing, scams, fraudulent URLs, and unsafe sites
Provide color-coded risk indicators
Account & Authentication Management
Verify identity
Enable login and MFA
Protect against account fraud
Service Improvement
Enhance threat detection accuracy
Improve AI and ML classification models
Conduct anonymized statistical analysis
Feature Operation
Maintain user-defined domain lists
Power enterprise dashboards
We never sell your data.
  1. Data Retention
    We retain data only as long as necessary for the purposes described.

Data Type

Retention Period

Notes

URL queries

Up to 30 days

Cached for performance

Masked email samples (optional)

Up to 30 days

Deleted automatically; opt-out available

MAIA SSO account

As long as account is active

Deleted upon request

Authentication logs

30–180 days

For security and auditing

Biometrics

Stored only locally

Never uploaded

You may request deletion of any server-stored data at any time.
  1. Data Sharing
    We do not sell or rent your personal data.

We may share limited, necessary, masked, or anonymized data with:

6.1 External AI Providers
Used only to classify masked email text
Operate under zero-data retention conditions
Bound by contractual confidentiality obligations
6.2 Service Providers
(e.g., cloud hosting, analytics, security providers)

All providers must:

Follow strict confidentiality rules
Comply with GDPR or equivalent safeguards
Use data only to provide contracted services
  1. International Data Transfers
    Your data may be processed in the EU, the EEA, or the United States, depending on where your data is stored.

Where data is transferred outside the EU, we apply:

Standard Contractual Clauses (SCCs)
Encryption in transit and at rest
Data minimization & masking
These measures ensure GDPR-level protection regardless of location.
  1. Data Security
    We implement technical and organizational measures aligned with industry best practices:

End-to-end encryption (TLS)
Encryption at rest for sensitive data
Mandatory access controls
Device-level biometric security
Local preprocessing and masking
Regular security audits and penetration tests
  1. Your Rights (GDPR, CCPA, Global)
    Depending on your jurisdiction, you may have the right to:

Access your personal data
Request correction or deletion
Withdraw consent
Object to processing
Port your data
Opt-out of masked email data storage
File a complaint with a supervisory authority
To exercise these rights, contact: info@pahilabs.com
  1. Children’s Privacy
    Lens is not intended for children under 13 or the age required by local law.
    We do not knowingly collect children’s personal data.
  2. Changes to This Privacy Policy
    We may update this Policy periodically. The “Last Updated” date indicates the most recent revisions.

Material changes will be communicated when required.
  1. Contact Information
    If you have questions or concerns about your privacy or data protection:

Pahilabs, Lda.
IPN - Building C
Rua Pedro Nunes
3030-199 Coimbra, Portugal
📧 info@pahilabs.com
🌐 pahilabs.com