Skip to content

What we store — and what we never store

Trust is our product, so here is the actual inventory. No legalese — that's on the privacy policy, and it says the same things.

What we store

  • Your account: email address, display name, hashed password (we can't read it), your two-step sign-in settings.
  • Your profiles: the names and identifiers (email or username) of the online identities you track. Identifiers are encrypted at the field level — visible to you on demand, unreadable in our database.
  • Your services: which services you follow, per profile.
  • Your check history: what you attested and when ("2FA enabled on GitHub, via authenticator app, March 3rd"), so your score and history work.
  • Your inventories: if you use the connected-apps checklist, the app names you note down — encrypted, like identifiers.
  • Monitored addresses & breach matches: the addresses you asked us to watch (encrypted) and which known breaches matched them.
  • Notifications we sent you, so you can read them again.

What we never store

  • Your passwords for other services. Never asked for, never stored, never transmitted through us.
  • Access to your accounts. No OAuth grants into your Google, no session cookies, no scraping your inbox.
  • The contents of your accounts — no messages, photos, files, or contacts.
  • Your browsing. No trackers, no ad pixels, no fingerprinting on the app or this site.

How it's protected

Sensitive fields are encrypted with keys held separately from the database. Lookups on encrypted data use blind indexes (we can find your record without reading it). Everything is encrypted in transit. Our code is statically analyzed and security-scanned in CI on every change, and our security policy welcomes researchers.

Your controls

Export everything or delete everything, one click, any plan. Deleting your account deletes your data — not "deactivates," deletes.