Privacy Policy (Phish Report Button)
Updated: July 30, 2025
Security at Extrian
This Privacy Policy describes how Extrian Security Corp. (“Extrian”, “we”, “our”) collects, uses, and protects personal information in connection with our Extrian Phish Report Button for Outlook (the “App”).
Information We Collect
When users interact with the App, we may collect:
Email metadata
(e.g., sender, recipient, subject line, timestamp)User identifiers
(e.g., name, email address, Microsoft tenant ID)Phishing report content
(optional notes or categorization)
How We Use Your Information
We use this information to:
Deliver phishing reporting functionality to your organization
Provide insights to your organization’s IT/security team
Improve threat detection and simulation effectiveness
Data Handling & Security
All data is encrypted in transit and at rest
Access is restricted to authorized security personnel only
We retain user data only as long as required for security analysis
Sharing of Information
We do not sell or share personal data with third parties
We may share information only with your organization or as required by law
If you have questions about how your data is used, or would like to request deletion, please contact us at privacy@extrian.com
We may update this policy to reflect changes in legal requirements or our App functionality.