Privacy Policy

Last Updated: March 21, 2026

1. What Data We Access

ThunderSweep requests the following Chrome permissions, each strictly necessary for the functionality described:

• Gmail and Google Drive Access: Read your Gmail messages and Google Drive files to scan for sensitive data locally, and write encrypted files to your ThunderSweep Vault folder in Google Drive.
• Identity: Authenticate your Google account(s) using OAuth 2.0 so the extension can access Gmail and Drive on your behalf.
• Storage: Store your preferences, scan history, and OAuth tokens locally in your browser using Chrome's Storage API. Nothing is uploaded to our servers.
• Downloads: Allow you to save your encrypted Vault files and exported scan reports directly to your local device.
• Tabs: Detect when you open Gmail in a browser tab so the extension can inject the real-time attachment warning banner. We do not read or record your browsing history.
• Alarms: Schedule periodic background tasks including license validity checks, Vault file expiry notifications, and monitoring refresh intervals.
• Notifications: Display desktop alerts when a scan completes, when suspicious activity is detected in your inbox, or when a Vault document is approaching its expiry date.

2. How We Process Your Data

100% Local Processing:

• All Gmail and Google Drive scanning happens in your browser using JavaScript
• Attachment and file analysis is performed locally on your device
• Pattern matching for sensitive data occurs entirely client-side
• No email or Drive file content is ever sent to our servers or any third-party servers
• Drive file contents are fetched directly from Google's API to your browser — they pass through no intermediate servers. Exception: when you use TS Share to send Vault files, the encrypted transfer blobs are temporarily stored on Cloudflare R2 operated by ThunderSecurity LLC (see Section 4 for full details).

Vault Encryption:

• Files saved to your Vault are encrypted locally in your browser using AES-256-GCM before being uploaded back to your Google Drive.
• Your encryption key stays on your device. ThunderSweep servers never possess the raw key to decrypt your files.

3. What Data We Store

We Do NOT Store (on any server, ever):

• Email content or subject lines
• Google Drive file contents
• Attachment files or their contents
• Sender or recipient information
• Any personally identifiable information from your emails or Drive files

Locally in Your Browser Only (Chrome Storage API):

• OAuth tokens for Gmail and Google Drive API access
• Your scan history (dates and counts only, not email or file content)
• Google Drive scan results metadata (file names, detected category, file ID — no file content)
• User preferences and settings
• License key (if you purchase the paid version)
• Encrypted key blob for Vault access

In Your Google Drive:

• The encrypted Vault files themselves reside purely in your Google Drive, not our servers.

4. Data Sharing

We do not share, sell, rent, or trade your data with anyone. Period.

• No third-party analytics: We don't use Google Analytics or similar tools
• No advertising: We don't share data with advertisers
• No data brokers: We don't sell or provide data to third parties

Anonymous Feedback (Optional): If you submit feedback through the in-extension feedback button, your message text is sent to a Cloudflare Worker endpoint operated by ThunderSecurity LLC. No email address, account information, or any personally identifiable information is collected or transmitted. Feedback submission is entirely voluntary and only occurs when you explicitly click the Send button.

TS Share (Encrypted File Transfer): When you use the TS Share feature to send Vault files to another ThunderSweep user, the following occurs:

• Files are decrypted locally on your device from your Vault, then immediately re-encrypted using a PBKDF2-derived transfer key before any data leaves your browser.
• The re-encrypted blobs are uploaded to a Cloudflare R2 bucket operated by ThunderSecurity LLC (ts-transfer.thundersweep.com) for temporary storage. ThunderSecurity LLC cannot decrypt or read the file contents. The transfer key is derived from a random claim token appended as a URL fragment (#token=...) in the email link sent to the recipient. Because web browsers are hard-coded to never transmit URL fragments to backend servers, the key is physically never sent to us or stored on our servers. This guarantees a true zero-knowledge transfer.
• Transfer blobs are automatically deleted from R2 after 7 days, or immediately upon successful claim by the recipient, whichever comes first.
• The recipient's email address is used to deliver a one-time notification email via Resend (resend.com), a third-party transactional email provider. Resend's Privacy Policy governs how they process email delivery. We do not share the recipient's email address with any other party.
• Send rate is limited to 5 transfers per calendar month per sender to prevent abuse. The sender's email address (hashed) is stored in Cloudflare KV for rate-limiting purposes and automatically expires after 35 days.
• TS Share is entirely opt-in. Your own Vault access remains direct browser-to-Google-Drive and is unaffected by this feature.

5. Google OAuth API (Gmail & Drive)

ThunderSweep uses Google's OAuth 2.0 for secure authentication. You explicitly grant permission through Google's official consent screen. The following three permissions are requested, each explained below:

• View your email messages and settings — Used to read email metadata (sender, subject, date) and message content for local sensitive-data scanning. No content is uploaded anywhere.
• Read, compose, and send emails from your Gmail account — Required for delete and mark-as-read actions you explicitly trigger in the extension. ThunderSweep never composes or sends any email on your behalf without your direct action.
• See, edit, create, and delete all of your Google Drive files — Used to scan your Drive files locally for sensitive data, to read and write files inside your ThunderSweep Vault folder, and to delete the original unencrypted file from Drive when you vault it (completing a secure move). Files are fetched directly from Google to your browser; they pass through no intermediate server. ThunderSweep only modifies or deletes Drive files in direct response to actions you explicitly trigger.

You can revoke all access at any time via your Google Account settings (myaccount.google.com → Security → Third-party apps). OAuth tokens are stored only in your browser's local storage and are never sent to our servers.

Google API Services User Data Policy: ThunderSweep's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

• Data obtained via Google APIs is used only to provide ThunderSweep's core scanning and Vault features — not for advertising, profiling, or any purpose unrelated to improving your in-extension experience.
• No Gmail or Google Drive content (including email body, subject lines, file contents, or attachment data) is ever transmitted to ThunderSweep servers or any third-party server.
• We do not allow humans to read your Google user data except as required by law or as you explicitly request for support purposes.

6. Payment Information

If you purchase the paid version:

• Payment processing is handled by Gumroad (gumroad.com), our third-party payment and licensing platform. Gumroad's Privacy Policy governs how they handle your payment data.
• We do not store or have access to your credit card or payment information
• Gumroad provides us with your license key and email address for the purpose of license activation and support
• We do not share your email address with any other third parties

7. Security

We take security seriously:

• All communication with Gmail API uses HTTPS encryption
• OAuth tokens are stored securely using Chrome's storage API
• No server-side database means no risk of data breaches
• Regular security updates and code reviews

8. Your Rights & Data Deletion

You have complete control over your data. For step-by-step instructions see our Data Deletion page.

• Access: All your data is stored locally — you can inspect it in Chrome DevTools at any time.
• Deletion: Disconnect your account(s) from within the extension Settings, then uninstall via chrome://extensions. Chrome automatically removes all local storage on uninstall. Vault files in your Google Drive are yours — delete them directly from Drive.
• Revoke Google Access: Go to myaccount.google.com/permissions, find ThunderSweep, and click Remove Access. This immediately revokes all OAuth tokens.
• Export: Export your scan results as CSV before deletion.
• Manual deletion request: Email [email protected] with subject "Data Deletion Request" to purge your TS Share rate-limit hash from our Cloudflare KV store before its automatic 35-day expiry. We respond within 7 business days.

9. Age Requirement

ThunderSweep is intended for users 18 years of age or older. By using ThunderSweep, you confirm that you are at least 18 years old. If you are under 18, you are not authorized to use this service. We are not responsible for any use of ThunderSweep by minors, including purchases made with a parent or guardian's payment method without their consent. Refunds will not be issued on this basis.

10. Changes to This Policy

We may update this privacy policy from time to time. Changes will be reflected in the "Last Updated" date at the top of this page. Continued use of ThunderSweep after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this privacy policy or how we handle data:

• Email: [email protected]
• Website: https://thundersweep.com

12. Legal Compliance

GDPR Compliance: Since we don't collect or process personal data on our servers, most GDPR requirements don't apply. However, we respect user rights and provide full transparency.

New York SHIELD Act: We implement reasonable administrative, technical, and physical safeguards to protect any private information we hold. We do not collect email content, and payment data is handled entirely by Gumroad. We do not sell personal information.

California Privacy Rights (CCPA): We do not sell personal information. All email processing is local to your device.

© 2026 ThunderSecurity LLC. All rights reserved. — Data Deletion — Security Architecture — Terms of Service