Privacy Policy

Cleanway is a phishing protection service that checks domain names against threat intelligence databases. We provide a browser extension, mobile app, and API.

Your browsing data lives only on your device.

Our servers know WHO you are (your account). Your device knows WHAT you do (your browsing). We never combine the two. If our servers are breached, attackers get emails and subscription status — not a single URL you visited.

Data stored on our servers

• Email address (for account management)
• Authentication provider (Google, Apple, or email)
• Subscription status and tier (free, personal, family)
• Device list (anonymous device hash, platform, last seen)
• Weekly aggregate numbers only: total checks, total blocks, total trackers, security score number
• Family membership (who is in your family group)
• User settings (notification preferences, theme)

Data stored only on your device (never sent to our servers)

• Full URL check history with scores and reasons
• Privacy Audit results for every site you visit
• Security Score breakdown and factor details
• Weekly Report raw data and trends
• Tracker encounter log
• Family alert content (end-to-end encrypted)

Data we NEVER collect

• Full URLs you visit
• Page content or screenshots
• Form data you enter on websites
• Browsing history
• IP addresses (not logged)
• Cookies from other sites

When you visit a page, our extension extracts domain names from links and sends only the domain names (e.g., "example.com") to our API for checking. We never receive the full URL, path, query parameters, or page content.

95% of checks happen locally on your device via a bloom filter, without contacting our servers at all.

Our server logs contain: domain name, risk score, and timestamp. These logs do NOT contain your user ID, IP address, or any information that could link a domain check to your identity.

To check domain safety, we query the following third-party threat intelligence services with the domain name only:

• Google Safe Browsing API
• PhishTank
• URLhaus (abuse.ch)
• PhishStats
• ThreatFox (abuse.ch)
• Spamhaus DBL
• SURBL
• AlienVault OTX
• IPQualityScore

These services receive only the domain name. They do not receive your identity, IP address, or any browsing context.

Family alerts are end-to-end encrypted using AES-256-GCM. Our servers relay encrypted blobs between family members but cannot decrypt them. We see: family group membership, encrypted payload, and timestamps. We cannot see: threat details, domain names, or alert content.

Payments are processed by Stripe. We do not store credit card numbers, bank account details, or other financial information. Stripe's privacy policy applies to payment processing.

• Account data: retained until you delete your account
• Weekly aggregates: retained for 1 year, then deleted
• Family alerts: automatically deleted after 7 days
• On-device history: 30-day rolling retention (managed by your device)
• Server logs: retained for 30 days for debugging, then deleted

• Access: You can export all your server-side data from Settings.
• Deletion: Delete your account from Settings. All server data is permanently removed within 30 days.
• Portability: Export your on-device data as JSON from the extension settings.
• Correction: Update your email or display name from Settings.
• Objection: You can disable anonymous usage statistics from extension settings.

Cleanway is not directed at children under 13. We do not knowingly collect personal data from children under 13. Family Hub parental features are managed by the account holder (parent/guardian).

We will notify you of material changes via email or in-app notification at least 30 days before they take effect.

Email: privacy@cleanway.ai