Privacy Policy

Wizer Email Security is an email-security product operated by Wizer (Wizer Training, Inc., and its affiliates — collectively “Wizer,” “we,” “us”). We provide phishing and business-email-compromise (BEC) detection for customers using Google Workspace. This policy describes how Wizer Email Security handles information.

Wizer Email Security is provided to corporate customers (“tenants”). Each tenant is a separate Google Workspace organization. End-users of a tenant (“mailbox users”) are employees whose email is monitored by Wizer Email Security on behalf of their employer. This policy applies to both tenant administrators and mailbox users.

Sign-in data (tenant administrators). When an administrator signs into app.wizer-emailsecurity.com using Google, we receive their email address, name, and profile image URL from Google. We do not receive a password or any other Google account data.

Email metadata (mailbox users). For each email message processed by Wizer Email Security on behalf of the tenant, we capture:

• Sender email address and display name
• Recipient mailbox (your address)
• Subject line
• Message headers (authentication results, routing, structural metadata)
• Hyperlinks contained in the message (URLs only, not surrounding text)
• Attachment metadata (filename, MIME type, size — not the contents)
• Our detection verdict and signal trace (the rules that fired and why)

What we do NOT retain. We do not store the body text of email messages, attachment contents, or any data unrelated to detection. Messages are parsed in-memory, scored, and the parsed body is discarded.

We process the data we collect to:

• Detect phishing, BEC, and other email-borne threats targeting the tenant
• Apply visible warning banners to suspicious messages in the user’s inbox
• Provide tenant administrators with an audit log of detections and user actions
• Allow users to report suspected phishing, mark messages as spam, or release messages from quarantine
• Improve our detection rules at the platform level using anonymized signals only — never your specific messages

We do not use your data to target advertising, sell to third parties, or train general-purpose AI models.

Wizer Email Security uses a per-tenant data isolation architecture. Each tenant’s email metadata, audit log, and configuration is stored in a database dedicated to that tenant alone. We never combine tenant data into a shared store.

Our central platform stores only the minimum information required to coordinate across the fleet: tenant identity, billing state, banner-action click intent, and aggregated detection statistics (counts, not row-level data). Wizer staff cannot access the per-row email metadata of any tenant — this is enforced architecturally, not by policy.

All data is currently stored in the United States. Customers requiring data residency in other regions (e.g., the European Union) should contact us to discuss.

We use a small number of vendors to operate the service. Each handles data in accordance with our agreements with them.

• Google Workspace (mail source). Wizer Email Security reads mail from the tenant’s Workspace via Google’s standard API mechanisms with the tenant’s admin-granted authorization.
• Vercel (application hosting and AI gateway). Vercel hosts the Wizer Email Security web application and provides the API gateway for AI services.
• Neon (database hosting). Stores tenant data in encrypted form.
• Anthropic (used via the Vercel AI Gateway for our AI authoring features). Operating in zero-data-retention mode — prompts and responses are not stored or used for training. Anthropic sees only product-level prompts and generic examples, never tenant per-row data.
• Google Safe Browsing (URL reputation). Used to score links in inbound mail. Only URLs are shared.
• GitLab (source code management). Holds the application source code. Does not process customer data.

A current Data Processing Agreement (DPA) is available to customers on request.

Retention varies by data type:

• Detection records (MessageLedger, audit logs). Retained indefinitely for the duration of the customer’s subscription, to support audit, compliance review, and forensic investigation. Customers can permanently delete individual mailbox records on demand using the “Forget forever” action.
• Banner action history. Seven (7) years, in line with SOC 2 requirements.
• Per-mailbox spam filter lists. Retained for as long as the mailbox is monitored; removed when the mailbox is forgotten.
• Sign-in records. Retained while the user has an active account.

Upon subscription termination, customer data is retained for a wind-down period and then deleted unless the customer specifies otherwise.

We follow standard practices including encryption in transit (TLS), encryption at rest (database-provider managed), per-tenant credential isolation, audit logging of administrative actions, and the principle of least privilege for internal access.

Wizer is in the process of pursuing formal security certifications (SOC 2 Type 1 targeted). Updates will be reflected here.

Tenant administrators have access to all data Wizer Email Security holds for their tenant via the administrator console at app.wizer-emailsecurity.com. They can:

• Review every processed message and the detection verdict applied
• Add, deactivate, or permanently forget individual mailboxes (including all associated detection records)
• Take action on individual flagged messages (release, report, mark spam, trust sender)
• Export their tenant’s data on request (contact us; export tooling is currently manual)

Mailbox users have a right to know what data is held about them and to request its deletion. Such requests should be directed to your organization’s administrator; we will support the administrator in fulfilling them.

For users in the European Union, the United Kingdom, California, or other jurisdictions with applicable data-protection rights: please contact us at the address below and we will route your request appropriately.

Wizer Email Security includes optional features that use generative AI to help tenant administrators author detection rules. These features:

• Use Anthropic models routed through the Vercel AI Gateway in zero-data-retention mode
• Receive only product-level prompts (e.g., natural-language descriptions of detection intent), never email content or tenant-specific records
• Are off by default; tenants opt in
• Are logged in a tenant-side audit trail accessible to administrators

Automated detection decisions made by the Wizer Email Security kernel are not solely determinative; users can always review, release, and override.

Data is currently stored in the United States. For customers based outside the U.S., this constitutes an international transfer. Wizer relies on the European Commission’s Standard Contractual Clauses and equivalent mechanisms where applicable.

Wizer Email Security is a business-to-business product. We do not knowingly collect data from individuals under the age of 16.

We may update this policy from time to time. The “Last updated” date at the top reflects the most recent revision. Material changes will be communicated to tenant administrators via email at least 30 days before they take effect.

For any privacy-related question or request:

• Email: privacy@wizer-training.com
• Postal: Wizer Training, Inc., 131 Dartmouth St, Boston, MA 02116, USA

A current Data Processing Agreement (DPA) is available to customers on request.