haveibeenhacked.org(HIBH), owned and operated by Superlative Enterprises Pty Ltd ABN 62 085 442 020 (“Superlative”, “we” or “us”), is a Queensland-based small business in Australia. This policy outlines our data collection practices and how we safeguard personal information.

HIBH’s mission is to aid individuals and organizations in addressing privacy violations by detecting data leaks. By offering visibility into how personal data spreads, we empower users to comprehend leaked information, its source, and the necessary precautions.

We provide a range of free and paid services worldwide, including:

Point-in-time searches to ascertain if an email address has been involved in a data breach.

Domain searches to identify all breached email addresses on a verified domain.

Searches for real-world passwords exposed in data breaches.

Subscription services for individuals to receive notifications of breaches linked to their email addresses.

Subscription services for enterprises and individuals to monitor breaches.

We collect and store limited personal information required for service provision. This includes email addresses for subscription services and minimal logging data to maintain operational integrity and combat malicious activity.

Personal information is not collected during searches in the HIBH database. We only retrieve data from storage and do not store search results explicitly.

Sensitive data breaches are not publicly searchable; access is granted only to subscribers who verify ownership of the relevant email address or domain.

We employ robust security measures, including HTTPS encryption, Cloudflare protection, rate limits on APIs, regular security scans, and firewalls.

Access to personal information can be requested and corrected in real-time. Sensitive breaches are accessible only after verification.

Users can unsubscribe from notifications via email or utilize our opt-out feature to control the visibility of their personal data.

For questions, concerns, or complaints regarding privacy matters, users can contact us directly. We aim to address complaints promptly and transparently.

Changes to our Privacy Policy will be communicated on our website. Users can access the current Policy online or request a copy from us directly.