Privacy Policy

Welcome to MYDATAISLEAK. This page details how personal data privacy is handled under MYDATAISLEAK, what information is collected when you use the service, and the terms under which you use this site and its services.

Information

MYDATAISLEAK is dedicated to providing users with a comprehensive understanding of how their personal data is managed and shared in the aftermath of a privacy breach. Established as a free service in 2022, MYDATAISLEAK assists individuals and organizations in navigating the complexities of data security. We play a pivotal role in aiding intelligence agencies across various countries in the identification and apprehension of cybercriminals responsible for data theft.

Our service emerged from the growing need for transparency and control over personal data in an era where digital information is frequently compromised. By leveraging advanced data tracking and analysis techniques, MYDATAISLEAK offers invaluable insights into the dissemination and misuse of personal data. We are committed to empowering users with the knowledge needed to protect themselves and their organizations against the ongoing threat of data breaches.

Breach Data Stored in MYDATAISLEAK

When a data breach is uploaded to MYDATAISLEAK, we meticulously store email addresses and detailed information regarding the compromised computer. This data collection process is crucial for assisting intelligence agencies in identifying the perpetrators of data theft. In certain cases, we may download additional stolen data, further aiding in the detection and apprehension of attackers. Additionally, MYDATAISLEAK securely stores links to resources where users have saved passwords, clearly indicating which email addresses and passwords have been compromised and specifying the affected resources. This enables users to take prompt action in securing their accounts by changing passwords and enhancing their overall data protection measures.

Data Search Policy

Our data search functionality is designed to provide users with targeted and relevant results. When searching for an email address, the system retrieves data from our secure store, providing a list of links where the email address has been utilized. Full datasets of data leaks are exclusively available to special services to ensure confidentiality and security. Company owners receive detailed information regarding compromised data within their organizations, empowering them to take preventative measures against potential hacks and security breaches.

How MYDATAISLEAK Handles User-Provided Data

On the main page, users can simply check if their email address has been compromised in stealer virus leaks. This allows individual users to quickly verify the security of their personal data without providing any additional information beyond their email address.

For companies, a more comprehensive set of information is required to fully utilize the service. Companies need to provide:

  • Username
  • First name
  • Last name
  • Email address
  • Company name
  • Company address
  • Contact number
  • VAT ID
  • Industry
  • Company website
  • Legal representative

This information is necessary to verify the legitimacy of the company and to ensure that the service is used correctly and securely. The domain names provided by the companies will be used to conduct searches and monitor data breaches related to the company, ensuring that relevant and accurate information is delivered to the subscribing companies.

MYDATAISLEAK handles all provided data with the utmost confidentiality and employs advanced security measures to protect this information from unauthorized access. The data collected is used solely for the purpose of providing and improving the services offered by MYDATAISLEAK.

How MYDATAISLEAK Protects Data

At MYDATAISLEAK, the security of your data is our top priority. We employ a comprehensive "defense in depth" strategy to ensure that all data is thoroughly protected at every layer. Our multi-faceted security approach includes the following measures:

  • Secure Data Transmission: All data transmitted over the Internet is encrypted using the HTTPS protocol. This ensures that any information sent between your browser and our servers is protected from eavesdropping and man-in-the-middle attacks.
  • Cloudflare Protection: We utilize Cloudflare to mitigate potentially malicious requests. This includes protection against Distributed Denial of Service (DDoS) attacks, ensuring that our service remains available and secure even under high traffic conditions or targeted attack attempts.
  • Enhanced Authentication: To prevent automated abuse of our service, we block automatic email searches unless verified by Google reCAPTCHA. This ensures that only legitimate users can access our search functionality, protecting our data from bots and malicious actors.
  • Regular Security Audits: Our team conducts regular and thorough security checks to identify and address any vulnerabilities in our code or configuration. This proactive approach allows us to patch potential security holes before they can be exploited.
  • Up-to-Date Software: We maintain the latest versions of all software programs installed on our servers. This practice minimizes the risk of security breaches due to outdated or vulnerable software components.
  • Access Control: Access to sensitive data is restricted to authorized personnel only. We implement strict access control policies to ensure that only those with a legitimate need can view or manage the data.
  • Data Encryption: Sensitive data stored on our servers is encrypted both at rest and in transit. This ensures that even if data were to be intercepted or accessed without authorization, it would be unreadable and useless to the intruder.
  • Intrusion Detection Systems: We deploy advanced intrusion detection systems to monitor and analyze network traffic for signs of suspicious activity. These systems alert us to potential security incidents in real time, allowing for rapid response and mitigation.
  • Security Training: Our team members undergo regular security training to stay informed about the latest threats and best practices. This ensures that everyone involved in the handling of your data is well-equipped to maintain its security.
  • Two-Factor Authentication (2FA): For companies, we offer the option to integrate physical USB FIDO keys for two-factor authentication. The FIDO (Fast Identity Online) standard provides robust security by requiring a physical key in addition to your regular login credentials. This hardware-based 2FA significantly enhances security by preventing unauthorized access, even if login credentials are compromised.

By integrating these robust security measures, MYDATAISLEAK ensures that your data is safeguarded against a wide range of threats. Our commitment to continuous improvement and vigilance in data protection practices provides you with the confidence that your information is secure with us.

User Accounts and Company Verification

MYDATAISLEAK is committed to ensuring the highest level of security and integrity for our users. To achieve this, we have implemented a thorough user account and company verification process.

Account Creation and Verification: Companies are required to create user accounts through our secure registration process. Users must provide accurate and complete information, including their corporate email addresses and relevant contact details. All company accounts are verified manually by our support team to ensure authenticity.

Domain Verification: Companies must provide proof of domain ownership, such as DNS records or domain registration certificates. Our team manually verifies this information to confirm the legitimacy of the company’s claim over the domain. Verified domains are then linked to the company’s profile.

Subscription and Access: Once verified, companies can purchase subscriptions to access leaked data related to their domains. Subscription plans provide continuous updates and real-time alerts about potential data breaches, ensuring companies receive the most current and relevant information to protect their digital assets.

Information Management: After registration, any changes to user information or company details must be requested through our support team. This measure prevents unauthorized alterations and ensures that all modifications are validated and secure.

Logging and Monitoring: All actions on the MYDATAISLEAK platform are logged and monitored. This includes tracking login attempts, data access requests, and any changes made to user accounts or domain information. These logs are regularly reviewed to detect and prevent unauthorized activities.

Limitation of Liability

MYDATAISLEAK aggregates and provides access to leaked data strictly on an "as-is" basis. While we strive to ensure that the data we provide is as accurate and up-to-date as possible, we do not make any guarantees, representations, or warranties of any kind, whether express or implied, regarding the completeness, accuracy, reliability, suitability, or availability of the data contained on our platform for any purpose.

Users acknowledge and agree that the information provided through MYDATAISLEAK may contain inaccuracies or errors, and we expressly exclude liability for any such inaccuracies or errors to the fullest extent permitted by law. We do not guarantee the validity, reliability, or accuracy of the data provided to companies, nor do we guarantee the timeliness or relevance of the data at any given time.

The data presented on our platform is subject to change and may be updated or removed as soon as we identify new information. We endeavor to update the leaked data promptly upon discovery, but we make no assurances that the data will always be up-to-date. Users are responsible for verifying the information obtained through MYDATAISLEAK before taking any actions based on such information.

MYDATAISLEAK, its owners, employees, and affiliates shall not be liable for any loss or damage, including but not limited to direct, indirect, incidental, punitive, and consequential damages, or any loss of profits, revenue, data, or use, incurred by any user or company arising out of or in connection with the use of our service. This includes any actions taken or decisions made based on the information provided by MYDATAISLEAK.

Users agree that their use of the service is entirely at their own risk. By using MYDATAISLEAK, users accept that it is their responsibility to independently verify any information before relying on it, and they should not solely rely on the data provided through our platform for making any critical decisions.

We strongly recommend that users seek professional advice or perform their due diligence when dealing with sensitive or important data. MYDATAISLEAK disclaims any liability for actions taken by users based on the data provided, and users agree to hold MYDATAISLEAK harmless from any claims or damages resulting from their use of the service.

Subscription and Billing

MYDATAISLEAK offers corporate subscriptions that are billed on a monthly basis. This subscription model ensures that our clients receive the most current and relevant information regarding data leaks that could impact their organization. We are committed to maintaining the highest quality of service through continuous updates and real-time analysis of leaked data.

Subscription Plans: Our corporate subscription plans are designed to cater to the specific needs of each organization, providing flexible options that can be tailored to suit varying levels of data protection and monitoring requirements. Clients can choose from different tiers of service, ensuring they receive the appropriate level of detail and frequency of updates to best protect their data.

Billing Cycle: The billing cycle for our corporate subscriptions is monthly, starting from the date of subscription activation. Clients will receive an invoice at the beginning of each billing period, outlining the services provided and the total amount due. We offer a straightforward and transparent billing process, ensuring clients are fully informed of their subscription costs.

Payment Methods: To accommodate the diverse needs of our clients, MYDATAISLEAK accepts payments via bank transfer and credit card through a secure payment gateway. Our payment gateway is PCI DSS compliant, ensuring the highest standards of security for your transactions. Bank transfer details and instructions will be provided on the invoice. For credit card payments, clients can follow the secure link provided in the invoice to complete the transaction.

Security and Compliance: We prioritize the security and confidentiality of our clients' financial information. All payment transactions are encrypted using industry-standard SSL technology to prevent unauthorized access and ensure data integrity. Our billing system complies with all relevant financial regulations and standards, providing peace of mind that your payment information is handled securely and responsibly.

Subscription Management: Clients have the ability to manage their subscriptions through their MYDATAISLEAK account. This includes upgrading or downgrading their subscription plan, updating billing information, and viewing past invoices. For any changes to the subscription plan or billing details, clients can contact our support team for assistance.

Cancellation Policy: Clients can cancel their subscription at any time by providing written notice to our support team. The cancellation will take effect at the end of the current billing cycle, and no further charges will be incurred. We strive to provide exceptional service, and our support team is available to assist with any questions or concerns regarding the subscription and billing process.