Legal

Privacy Policy

Last updated: March 16, 2026

Glance is built on a single principle: your email is yours. We process metadata to detect threats. We do not read, store, or learn from the content of your emails.

Overview

Glance Security, Inc. ("Glance," "we," "us," or "our") operates the Glance email security platform, accessible at glance-co.com and through related mobile applications (collectively, the "Service"). This Privacy Policy explains what information we collect, why we collect it, how we use it, and what rights you have over it.

By using the Service you agree to the collection and use of information as described in this policy. If you do not agree, please discontinue use of the Service.

Data We Collect

Account Information

When you register, we collect the information necessary to create and manage your account:

  • Email address (used as your account identifier)
  • Name (used for display and communication)
  • Password (stored as a one-way bcrypt hash — we cannot recover it)
  • Subscription tier and billing status

OAuth Tokens

To scan incoming email, Glance requests read-only OAuth access to your connected mail provider (Google Gmail or Microsoft Outlook). OAuth tokens are stored in encrypted form in our database. We request the minimum required OAuth scopes: metadata access, message reading for scan purposes, and message modification to apply threat labels.

Email Metadata

For each email processed, we record metadata to perform threat analysis and maintain your activity log:

  • Sender address and display name
  • Recipient address
  • Subject line
  • Timestamp and message ID
  • Detected threat score, threat category, and analysis flags
  • Verdict (safe, suspicious, dangerous) and disposition (delivered, held, blocked)

Email body content is processed transiently in memory for threat analysis and is never written to disk or a persistent database store.

Sender Reputation Data

Glance maintains a crowd-sourced sender reputation database. When you approve or block a sender, we record the sender's domain and a privacy-preserving HMAC-SHA256 hash of the sender address alongside the action taken. Raw email addresses from other users' inboxes are never stored or exposed to you.

Payment Information

Billing is handled by Stripe. We do not store full payment card numbers on our servers. We receive from Stripe only the information necessary to manage your subscription: customer ID, plan, billing interval, and payment status.

Usage and Technical Data

We collect standard operational data to run and improve the Service:

  • IP address and approximate geographic region (country/city)
  • Browser type, operating system, and device category
  • Pages visited and features used within the dashboard
  • Error logs and API response times for reliability monitoring

How We Use Your Data

We use the data we collect for the following purposes:

  • Threat detection. Analyzing email metadata, authentication signals (SPF/DKIM/DMARC), and sender reputation to generate a threat score and determine disposition.
  • Circle of Trust routing. Notifying designated gatekeepers of emails from unknown senders and recording their approval or rejection decisions.
  • Account management. Creating and maintaining your account, processing subscription payments, and sending transactional emails (receipts, security alerts, password resets).
  • Service improvement. Aggregate, anonymized threat pattern data is used to improve detection accuracy across the platform. Individual email content is never used for training purposes.
  • Legal compliance. Retaining records as required by applicable law and responding to lawful requests from authorities.
  • Support. Diagnosing reported problems using error logs and account metadata. We do not access email content when providing support.

We do not sell your data for advertising purposes. We do not use your email metadata to build behavioral advertising profiles.

Data We Do Not Collect

To be explicit about our zero-knowledge approach, the following categories of data are never collected or persisted by Glance:

  • The full body text of any email message
  • Email attachments or their content
  • Plaintext copies of your password
  • Full credit card or bank account numbers
  • Precise real-time location data
  • Contact lists beyond sender addresses seen in email headers

Data Storage and Retention

Persistence

Persistent data — account records, metadata logs, threat scores, reputation entries — is stored in our PostgreSQL database hosted on Railway's managed infrastructure within the United States.

Temporary Processing

Intermediate scan data, rate-limiting counters, and session tokens are stored in Redis with time-to-live (TTL) expiry. This data is never written to long-term storage and expires automatically. TTLs are set in proportion to the data's purpose (session tokens: 7 days; scan queue state: minutes).

Retention Periods

  • Account information: retained for the duration of your account, plus 90 days after deletion to support recovery requests
  • Email metadata logs: retained for 12 months on a rolling basis, then automatically deleted
  • Sender reputation contributions: retained indefinitely in anonymized, aggregated form
  • Payment records: retained as required by applicable accounting regulations (typically 7 years)
  • Error logs: retained for 30 days

Sharing and Disclosure

We do not sell, rent, or trade your personal information. We share data only in the following limited circumstances:

  • Service providers. We share data with infrastructure and tooling vendors (cloud hosting, payment processing, email delivery) strictly to operate the Service. These vendors are contractually prohibited from using your data for their own purposes.
  • Circle of Trust members. If you designate a gatekeeper, they will see the sender address, subject line, and a threat summary for emails held for their review. They will not see the email body.
  • Legal requirements. We may disclose information if required by law, court order, or to protect the safety, rights, or property of Glance, its users, or the public. We will notify affected users of such requests when legally permitted to do so.
  • Business transfers. In the event of a merger, acquisition, or sale of assets, user data may transfer to the successor entity. We will provide notice before your data becomes subject to a different privacy policy.

Third-Party Services

Glance integrates with the following third-party services. Their respective privacy policies govern the data they collect:

  • Google (Gmail OAuth). Govened by Google's Privacy Policy. Glance requests only the minimum required scopes.
  • Microsoft (Outlook OAuth). Governed by Microsoft's Privacy Statement.
  • Stripe. Handles all payment processing. Governed by Stripe's Privacy Policy.
  • Anthropic (Claude AI). When AI-assisted threat analysis is active, anonymized, PII-redacted email excerpts may be sent to Anthropic's API for classification. No identifiable sender or recipient information is transmitted.
  • Railway. Provides backend hosting and managed database infrastructure. Data is stored in the United States.
  • Vercel. Hosts the web application. Standard web request logs may be collected per Vercel's policy.

Your Rights

Depending on your jurisdiction, you may have the following rights with respect to your personal data:

  • Access. Request a copy of the personal data we hold about you.
  • Correction. Request correction of inaccurate or incomplete data.
  • Deletion. Request deletion of your account and associated personal data, subject to legal retention requirements.
  • Data portability. Request an export of your data in a machine-readable format.
  • Objection. Object to processing of your data for certain purposes.
  • Restriction. Request that we restrict processing of your data in certain circumstances.

To exercise any of these rights, contact us at privacy@glance-co.com. We will respond within 30 days. Some requests may require identity verification.

California residents: You have rights under the California Consumer Privacy Act (CCPA), including the right to know, the right to delete, and the right to opt out of sale. We do not sell personal information.

EU/EEA/UK residents: Where GDPR applies, our legal basis for processing is contract performance (account management, threat detection), legitimate interest (security and service improvement), and legal obligation (compliance). You have the right to lodge a complaint with your local supervisory authority.

Children's Privacy

The Service is not directed at children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child under 13 has provided us with personal information, contact us immediately at privacy@glance-co.com and we will delete that information promptly.

Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email (to the address associated with your account) and update the "Last updated" date at the top of this page. Your continued use of the Service after changes take effect constitutes acceptance of the revised policy.

We encourage you to review this policy periodically. Previous versions are available on request.

Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

Glance Security, Inc.

Privacy inquiries: privacy@glance-co.com

General support: support@glance-co.com

Read our Security PracticesBack to Home