Uploads are for analysis, not model training
Email files are processed to produce the scan result and evidence. They are not added to public demos or training datasets.
Trust and privacy
Email analysis should be private, explainable, and reversible.
PhishAnalyze helps people inspect suspicious emails inside their own workspace. Uploaded messages are used for the requested analysis, stored only for workspace history, and can be deleted by the user.
Each result shows analyzer status
The app shows which checks completed, which checks were unavailable, and which checks require a higher plan before they can run.
Workspace history can be deleted
Signed-in users can remove stored scan results from their workspace history. Production retention jobs can also purge older records.
User accounts are separate from owner admin tools
Public users sign in with normal workspace accounts. Owner-only admin monitoring stays on private admin routes and is not part of the public workflow.
Mailbox monitoring requires explicit connection
PhishAnalyze does not read an inbox just because someone signs in. Monitoring requires a connected mailbox, encrypted credentials, and plan permission.
Paid API-backed checks are visible
URL reputation, domain intelligence, sandbox, browser, and LLM checks are shown as included or locked so users know what happened.