Drakaro
Terms of Service
Effective Date: June 27, 2026 · Last Updated: July 4, 2026
These Terms of Service (“Terms”) govern your access to and use of Drakaro’s email threat protection service (“Service”), operated by Drakaro (“we,” “us,” or “our”). By creating an account or using the Service in any way, you agree to these Terms in full. If you do not agree, do not use the Service.
By signing up for Drakaro, you confirm that you have read and agree to these Terms of Service and our Privacy Policy. This includes consent to the data practices described in both documents, including URL data logging (Free plan) and anonymized threat intelligence sharing (all plans).
1. Description of Service
Drakaro is an automated email threat protection service that connects to your Gmail or Microsoft 365 inbox (with your explicit authorization) and scans incoming messages for malicious links, domains, and attachments. When a threat is detected, the message is tagged with a color-coded label (MALICIOUS, SUSPICIOUS, or SAFE) directly in your inbox — emails are never moved or quarantined. Drakaro does not read, store, or transmit the content of your emails beyond what is necessary to perform threat analysis.
2. Service Plans and Limitations
Drakaro offers the following plans. By using the Service, you acknowledge and agree to the limits and policies associated with your selected plan.
| Plan |
Price |
Daily Scan Limit |
Key Features |
Scan Data Policy |
| Free |
$0/mo |
150 emails/day |
Real-time threat detection, binary verdicts (malicious or safe), color-coded inbox labels |
All domain and URL data (safe and malicious) is logged and may be shared with or sold to third-party threat intelligence partners |
| Basic |
$0.99/mo |
250 emails/day |
Everything in Free — plus extended threat intelligence, virus & malware attachment scanning, threat viewer |
Safe URLs: zero retention. Malicious URLs: retained in anonymized form for threat intelligence. |
| Pro |
$1.99/mo |
250 emails/day |
Everything in Basic — plus advanced URL scanning, 3-tier verdicts (suspicious), newly observed sender detection, threat screenshots, sandbox viewer |
Safe URLs: zero retention. Malicious/suspicious URLs: retained in anonymized form for threat intelligence. |
| Ultra |
$4.99/mo |
250 emails/day |
Everything in Pro — plus AI email body analysis, intent-based phishing detection, adaptive sender recognition |
Safe URLs: zero retention. Malicious/suspicious URLs: retained in anonymized form for threat intelligence. |
Daily Scan Limits: Scan limits reset at 00:00 UTC each day. Once your daily limit is reached, new messages received that day will not be scanned until the limit resets. Drakaro will not automatically alert you when your limit is reached. If you require consistent protection beyond your plan’s limit, please upgrade to a higher tier.
Free Plan — Domain & URL Data Notice: If you are on the Free plan, all domains and URLs extracted from links found in your emails — whether safe, suspicious, or malicious — are logged and may be shared with or sold to third parties, including threat intelligence and data partners. This data may include a record of which domains or URLs were encountered in connection with your account. No personal email content is ever logged — no subject lines, message bodies, or sender information. This is how the Free plan is supported at no cost. If you do not wish to have your safe URL data used commercially, please upgrade to the Basic plan.
All Plans — Malicious & Suspicious URL Retention: Across all plans (including paid), URLs determined to be malicious or suspicious are retained in anonymized form and may be included in aggregated threat intelligence feeds shared with enterprise security partners. This data is stripped of all personally identifiable information — no user identity, email content, or account details are ever included. This collective intelligence improves threat detection for all users.
3. Advanced URL Scanning (Pro and Ultra Plans)
Pro and Ultra plan users receive an additional layer of URL threat analysis applied after the initial scan. This analysis works as follows:
- URLs extracted from your email body are submitted to commercial URL reputation services for real-time threat lookup.
- These services receive the URL being checked. They do not receive your identity, email content, or any personal information.
- If a URL is identified as a threat, the email is tagged with a MALICIOUS or SUSPICIOUS label and a screenshot of the flagged URL is captured for your review.
- Safe URL data submitted to these services is not retained by Drakaro beyond the duration of the scan operation.
- Up to 5 URLs per email are checked. Trusted domains (e.g., google.com, microsoft.com) are excluded from URL scanning to preserve quota.
4. AI Phish Report Add-On
The AI Phish Report is an optional add-on available to users on any plan. For $1.00 per report, you may submit a suspicious email for an AI-generated analysis of its threat indicators, deceptive patterns, and recommended action. The following limitations apply:
- Each account is limited to a maximum of 20 AI Phish Report submissions per calendar month. This limit applies regardless of plan.
- Reports are generated on a best-effort basis using automated analysis. AI Phish Reports are informational only and do not constitute professional cybersecurity advice.
- You are responsible for any final decision regarding an email’s safety. Drakaro is not liable for decisions made based on AI Phish Report output.
- Unused monthly report quota does not roll over to the following month.
- Charges for AI Phish Report submissions are non-refundable once a report has been generated.
5. What We Do Not Offer
The following features are not included in any current Drakaro plan and are not provided by the Service:
- Outbound email scanning: Drakaro monitors inbound messages only.
- Real-time antivirus for your device: Drakaro is not a replacement for a full antivirus or endpoint protection solution. Attachment scanning is limited to attachments in your inbox and does not extend to files already on your computer.
- 100% threat detection: Threat detection is probabilistic and depends on third-party intelligence sources. No email security solution provides absolute protection.
Attachment Scanning (Basic, Pro, and Ultra plans): Incoming email attachments are automatically scanned for malware. Attachment files are transferred to a secure isolated environment, scanned, and permanently deleted immediately after the scan completes — they are never retained. Free plan users do not receive attachment scanning.
6. Account Registration and Security
You must provide accurate information when creating an account. You are responsible for maintaining the security of your account credentials and for all activity that occurs under your account. You must notify us immediately at support@drakaro.com if you suspect unauthorized access to your account. Drakaro is not liable for any loss or damage arising from your failure to secure your account.
7. Gmail and Microsoft Outlook Access
To use the Service, you must grant Drakaro authorized access to your Gmail or Microsoft Outlook inbox. This access is used solely to:
- Receive notifications of new incoming messages via webhook
- Read the content of individual messages to extract and analyze links, domains, and attachments
- Apply color-coded labels (MALICIOUS, SUSPICIOUS, SAFE) to emails based on scan results
Emails are never moved, deleted, or quarantined — they remain in your inbox with a visible label. We do not store, share, or sell the content of your emails. You may revoke Drakaro’s access to your inbox at any time by disconnecting via the Drakaro dashboard or directly through your Google or Microsoft account settings. Revoking access will stop all future scanning.
8. Acceptable Use
You agree not to:
- Use the Service for any unlawful purpose or in violation of any applicable law
- Attempt to reverse-engineer, decompile, or interfere with the Service’s infrastructure
- Use the Service to process email accounts you do not own or are not authorized to use
- Circumvent any rate limits, quotas, or authentication mechanisms
- Resell, sublicense, or otherwise commercially redistribute access to the Service without our written consent
9. Disclaimer of Warranties
THE SERVICE IS PROVIDED “AS IS” AND “AS AVAILABLE” WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.
Drakaro does not guarantee that the Service will detect every threat, that it will be uninterrupted or error-free, or that any particular email will be scanned within any specific timeframe. Threat detection is probabilistic and depends on third-party threat intelligence sources. No email security solution, including Drakaro, provides 100% protection.
10. Limitation of Liability
TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, DRAKARO SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO LOSS OF DATA, LOSS OF BUSINESS, OR FINANCIAL LOSSES, ARISING OUT OF OR IN CONNECTION WITH YOUR USE OF THE SERVICE, EVEN IF WE HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
In no event shall Drakaro’s total liability to you for all claims arising out of or related to the Service exceed the greater of (a) the total amount you have paid to Drakaro in the twelve (12) months preceding the claim, or (b) $10.00 USD.
11. Privacy
Your use of the Service is also governed by our Privacy Policy, which is incorporated into these Terms by reference. By using the Service, you consent to the data practices described in the Privacy Policy. Key points:
- We never store, share, or sell the full content of your emails — no message body text, sender names, or attachments beyond what is needed to perform scanning
- Email content is never retained beyond the duration of a single scan operation
- Free plan: All domains and URLs (safe, suspicious, and malicious) are logged and may be shared with or sold to third parties, including threat intelligence and data partners. No email content is ever included.
- Basic, Pro, and Ultra plans: Safe URLs are not logged or retained. Zero data retention on clean scan results.
- All plans: Malicious and suspicious URLs are retained in anonymized form and may be included in aggregated threat intelligence feeds shared with enterprise security partners. No user identity or email content is ever included.
Free Plan — Threat Data Sharing Consent: By using the Free plan, you expressly consent to Drakaro logging all domains and URLs found in your incoming emails — regardless of verdict — and using that data commercially, including sharing it with or selling it to third parties. This data may be associated with your account identifier. Your personal information and email content are never included. If you do not consent to this, please upgrade to the Basic plan or higher.
All Plans — Threat Intelligence Consent: By using any Drakaro plan, you consent to malicious and suspicious URLs detected in your emails being retained in anonymized form and shared with enterprise security partners as part of aggregated threat intelligence feeds. This data is stripped of all personally identifiable information and improves collective threat detection across the industry.
12. Changes to Plans and Pricing
We reserve the right to change plan features, pricing, and limits at any time. We will provide at least 14 days’ notice before any changes that reduce features or increase pricing for existing paying subscribers, delivered via email to the address on your account. Continued use of the Service after such changes constitutes acceptance of the new terms.
13. Termination
You may cancel your account at any time by disconnecting your inbox and contacting us at support@drakaro.com. We may suspend or terminate your account immediately if we reasonably believe you have violated these Terms, engaged in fraudulent activity, or pose a risk to our infrastructure or other users. Upon termination, your data will be deleted within 30 days.
14. Governing Law
These Terms shall be governed by and construed in accordance with the laws of the United States, without regard to its conflict of law principles. Any disputes arising under these Terms shall be resolved through binding arbitration under the rules of the American Arbitration Association, except that either party may seek injunctive relief in a court of competent jurisdiction.
15. Contact
If you have any questions about these Terms, please contact us at:
Drakaro
Email: support@drakaro.com
Website: https://drakaro.com