ClearedIn is an online service that analyzes communications metadata (not message contents) to discover patterns in communications that can be used for many beneficial purposes including security, employee well-being, and company health. With our clients’ permission, we look at that metadata to determine baselines for normal communications activity, and then analyze deviations from those baselines for our customers’ benefit.
Am I the Customer, or Am I the Product?
You are the customer. As you can read further below, we will not be storing your information for longer than a month. We are creating a service to protect users and organizations from Phishing attacks.
What Data Does Clearedin Get From You?
Clearedin will, with your permission, get access to your email account if you’re an individual user, and all employee accounts if you’re an authorized corporate user. We will only be accessing email metadata and under no circumstances do we read message bodies.
What Does Clearedin Do With The Data?
We will build a graph of the communication patterns (senders, receivers, frequency, with their name, email, time etc., and also other factors like IP, Domain). All applications (starting with the application to warn against Phishing email) that are built by Clearedin will have access to the data represented by this graph.
Specifically, What Will You Look At (And Not Look At)?
We will see:
- SMTP-path details
We will not see:
- Email body / contents (with one caveat, listed next)
- Anything else
Alright, Let's Hear About This "Caveat"
The Clearedin Chrome extension will scan opened emails and check for URLs. The URLs are checked against PhishTank and if the URL is a Phishing URL, access to the email is locked and the URL link cannot be clicked by the user and we will discard the email contents immediately following this scan.
What Benefits Do Users Get From Giving Clearedin This Access
Clearedin protects end users and organizations from phishing attacks. When a suspicious email is encountered, Clearedin will immediately label the email as "Potential Phish". We will also show the substantiating evidence on why the email was labeled that way (added benefit of training the end user at the trainable moment). We also provide a dashboard for visualizing and analyzing email patterns and interactions of the user. Any phishing URL included in the email will lock the email and prevent users from clicking on phishing links.
How Long Will You Keep My Data
We will use your communications meta-data to train our infrastructure on what interactions are permissible for you and your firm, and which ones could be suspicious. We will keep your data for no longer than one month and likely will delete it much more quickly than that after it has been analyzed.