-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathtransparency.html
More file actions
552 lines (497 loc) · 24.1 KB
/
transparency.html
File metadata and controls
552 lines (497 loc) · 24.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>XposedOrNot Transparency Report | How We Handle Your Data</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, maximum-scale=5.0, initial-scale=1.0">
<meta name="description"
content="Learn how XposedOrNot protects your privacy, handles breach data, and maintains transparency in our operations. View our legal compliance and takedown statistics.">
<meta name="keywords"
content="data privacy, transparency report, data breach handling, privacy policy, security compliance">
<meta name="author" content="Devanand Premkumar">
<link rel="icon" href="/favicon.ico" sizes="16x16 32x32 48x48 64x64 128x128 256x256" type="image/x-icon" />
<link rel="icon" href="/static/images/logos/logo.svg" type="image/svg+xml" />
<link rel="icon" href="/static/images/logos/logo-96x96.png" sizes="96x96" type="image/png" />
<link rel="icon" href="/static/images/logos/logo-32x32.png" sizes="32x32" type="image/png" />
<link rel="icon" href="/static/images/logos/logo-192x192.png" sizes="192x192" type="image/png" />
<link rel="icon" href="/static/images/logos/logo-512x512.png" sizes="512x512" type="image/png" />
<link rel="apple-touch-icon" href="/static/images/logos/logo-180x180.png" />
<link rel="dns-prefetch" href="cdnjs.cloudflare.com">
<link rel="dns-prefetch" href="static.hotjar.com">
<link rel="preconnect" href="https://fonts.gstatic.com">
<meta property="og:title" content="XposedOrNot Transparency Report | How We Handle Your Data" />
<meta property="og:description"
content="Learn how XposedOrNot protects your privacy and handles breach data with full transparency." />
<meta property="og:image" content="https://xposedornot.com/static/images/xon.png" />
<meta property="og:image:alt" content="XposedOrNot Logo" />
<meta property="og:url" content="https://xposedornot.com/transparency" />
<meta property="og:type" content="website" />
<meta property="og:site_name" content="XposedOrNot" />
<meta name="twitter:card" content="summary_large_image">
<meta name="twitter:site" content="@XposedOrNot">
<meta name="twitter:creator" content="@DevaOnBreaches">
<meta name="twitter:title" content="XposedOrNot Transparency Report">
<meta name="twitter:description"
content="Learn how XposedOrNot protects your privacy and handles breach data with full transparency.">
<meta name="twitter:image" content="https://xposedornot.com/static/images/xon.png">
<link href="/static/css/style-new.css" type="text/css" rel="stylesheet">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.6.2/css/bootstrap.min.css"
integrity="sha512-rt/SrQ4UNIaGfDyEXZtNcyWvQeOq0QLygHluFQcSjaGB04IxWhal71tKuzP6K8eYXYB6vJV4pHkXcmFGGQ1/0w=="
crossorigin="anonymous" referrerpolicy="no-referrer" />
<link href="https://unpkg.com/boxicons@2.1.2/css/boxicons.min.css" rel="stylesheet" />
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/css/all.min.css"
integrity="sha256-BtbhCIbtfeVWGsqxk1vOHEYXS6qcvQvLMZqjtpWUEx8" crossorigin="anonymous" />
<link rel="stylesheet"
href='https://fonts.googleapis.com/css?family=Poppins%3A300%2C400%2C500%2C600%2C700%2C900&subset&display=swap' type="text/css"
media="all">
<link rel="author" href="humans.txt" />
<style>
#banner {
min-height: 150px !important;
padding-bottom: 30px;
overflow: visible !important;
}
.grid {
overflow: visible !important;
}
.navbar {
overflow: visible !important;
}
.dropdown-menu {
position: absolute !important;
z-index: 1050 !important;
max-height: none !important;
}
.transparency-content {
background-color: white;
padding: 60px 0;
}
.transparency-section {
max-width: 900px;
margin: 0 auto;
padding: 0 15px;
}
.transparency-section h2 {
color: #3f71f3;
margin-bottom: 20px;
font-size: 1.8em;
font-weight: 600;
}
.transparency-section h3 {
color: #3f71f3;
margin-top: 40px;
margin-bottom: 15px;
font-size: 1.4em;
font-weight: 600;
}
.transparency-section p {
line-height: 1.8;
margin-bottom: 20px;
text-align: justify;
font-size: 1.05em;
}
.transparency-section ul {
line-height: 1.8;
margin-bottom: 20px;
padding-left: 25px;
}
.transparency-section ul li {
margin-bottom: 10px;
}
.table-responsive {
overflow-x: auto;
-webkit-overflow-scrolling: touch;
margin-top: 30px;
margin-bottom: 40px;
}
.metrics-table {
width: 100%;
border-collapse: collapse;
box-shadow: 0 2px 8px rgba(0,0,0,0.1);
background-color: white;
min-width: 600px;
}
.metrics-table th {
background-color: #3f71f3;
color: white;
padding: 15px;
text-align: left;
font-weight: 600;
white-space: nowrap;
}
.metrics-table td {
padding: 12px 15px;
border-bottom: 1px solid #e0e0e0;
background-color: white;
}
.metrics-table td:nth-child(2),
.metrics-table td:nth-child(3),
.metrics-table td:nth-child(4) {
text-align: center;
}
.metrics-table tr:hover td {
background-color: #f5f5f5;
}
.contact-box {
background: linear-gradient(135deg, #3c5fec 0%, #4284fb 100%);
color: white;
padding: 30px;
border-radius: 10px;
margin: 40px 0;
text-align: center;
}
.contact-box a {
color: white;
text-decoration: underline;
font-weight: bold;
}
.highlight-box {
background-color: #f0f4ff;
border-left: 4px solid #3f71f3;
padding: 20px;
margin: 25px 0;
border-radius: 5px;
}
/* Dark mode styles */
[data-theme="dark"] .transparency-content {
background-color: #1a1a1a;
}
[data-theme="dark"] .transparency-section h2,
[data-theme="dark"] .transparency-section h3 {
color: #5c8aff;
}
[data-theme="dark"] .transparency-section p,
[data-theme="dark"] .transparency-section li {
color: #e0e0e0;
}
[data-theme="dark"] .metrics-table {
background-color: #2a2a2a;
box-shadow: 0 2px 8px rgba(0,0,0,0.3);
}
[data-theme="dark"] .metrics-table td {
background-color: #2a2a2a;
border-bottom: 1px solid #444;
color: #e0e0e0;
}
[data-theme="dark"] .metrics-table tr:hover td {
background-color: #333;
}
.last-updated {
color: #666;
font-style: italic;
font-size: 0.9em;
margin-bottom: 30px;
}
[data-theme="dark"] .last-updated {
color: #999;
}
[data-theme="dark"] .highlight-box {
background-color: #2a2a4a;
border-left-color: #5c8aff;
color: #e0e0e0;
}
@media (max-width: 768px) {
.transparency-section h2 {
font-size: 1.5em;
}
.transparency-section h3 {
font-size: 1.2em;
}
.transparency-section p {
font-size: 1em;
}
}
</style>
<meta name="robots" content="index, follow">
<meta name="theme-color" content="#3f71f3">
<style>
@font-face {
font-family: "Font Awesome 5 Free";
font-style: normal;
font-weight: 400;
font-display: swap;
src: url("https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/fa-regular-400.woff2") format("woff2");
}
@font-face {
font-family: "Font Awesome 5 Free";
font-style: normal;
font-weight: 900;
font-display: swap;
src: url("https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/fa-solid-900.woff2") format("woff2");
}
@font-face {
font-family: "Font Awesome 5 Brands";
font-style: normal;
font-weight: normal;
font-display: swap;
src: url("https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.2/webfonts/fa-brands-400.woff2") format("woff2");
}
</style>
</head>
<body data-spy="scroll" data-target=".menu" data-offset="50">
<div class="xon">
<div class="searchMe">
<div class="banner" id="banner">
<canvas id="canvas"></canvas>
<div class="grid">
<nav class="navbar navbar-expand-md navbar-dark justify-content-center">
<a class="navbar-brand abs" href="/" style="text-decoration: none;">
<span style="font-size: 1.5em; font-weight: bold; display: block; color: white;">XposedOrNot</span>
<span
style="font-size: 0.8em; display: block; color: white; opacity: 0.85; margin-top: -10px;">Community
Edition</span>
</a>
<button class="navbar-toggler" type="button" data-toggle="collapse" data-target="#collapsingNavbar">
<span class="navbar-toggler-icon"></span>
</button>
<div class="navbar-collapse collapse" id="collapsingNavbar">
<ul class="navbar-nav ml-auto">
<li class="nav-item active px-4">
<a class="nav-link" href="password.html">Password</a>
</li>
<li class="nav-item active px-4">
<a class="nav-link" href="faq.html">FAQ</a>
</li>
<li class="nav-item active px-4">
<a class="nav-link" href="https://plus.xposedornot.com" target="_blank">xonPlus</a>
</li>
<li class="nav-item active px-4">
<a class="nav-link" href="api_doc.html">API</a>
</li>
<li class="nav-item active dropdown px-4">
<a aria-expanded="false" class="nav-link dropdown-toggle" data-toggle="dropdown" href="#"
id="navbarDropdownMenuLink" role="button"> Language <i class="fas fa-caret-down"></i></a>
<style>
.dropdown-toggle::after {
display: none;
}
</style>
<div aria-labelledby="navbarDropdownMenuLink" class="dropdown-menu">
<a class="dropdown-item" href="/zh/">中文 (Chinese)</a>
<a class="dropdown-item" href="/es/">Español (Spanish)</a>
<a class="dropdown-item" href="/hi/">हिन्दी (Hindi)</a>
<a class="dropdown-item" href="/bn/">বাংলা (Bengali)</a>
<a class="dropdown-item" href="/pt/">Português (Portuguese)</a>
<a class="dropdown-item" href="/ru/">Русский (Russian)</a>
<a class="dropdown-item" href="/ja/">日本語 (Japanese)</a>
<a class="dropdown-item" href="/de/">Deutsch (German)</a>
<a class="dropdown-item" href="/ta/">தமிழ் (Tamil)</a>
</div>
</li>
</ul>
</div>
</nav>
</div>
</div>
</div>
<div class="transparency-content">
<div class="container transparency-section">
<h2 align="center">Transparency Report</h2>
<p align="center" style="font-size: 1.1em; color: #666; margin-bottom: 10px;">
How we protect your privacy and handle data breaches responsibly
</p>
<p align="center" class="last-updated">Last Updated: April 2026</p>
<h3>Our Mission</h3>
<p>
XposedOrNot exists to help people understand when their personal information has been exposed in a data breach. Our approach is rooted in responsibility: we provide this service without republishing or spreading stolen data that could cause further harm to affected individuals.
</p>
<p>
Our goal is to strike a careful balance between transparency and responsibility. We aim to:
</p>
<ul>
<li>Provide you with actionable security insights that help you protect yourself, while respecting your privacy and never storing unnecessary personal information</li>
<li>Operate in full compliance with applicable laws and regulations, while respecting the legitimate rights of both organizations and the individuals affected by breaches</li>
<li>Maintain complete transparency about our practices, policies, and the limitations of our service</li>
</ul>
<p>
For complete details on how you can use our service and what we expect from users, please see our <a href="terms" style="color: #3f71f3;">Terms and Conditions</a>.
</p>
<h3>How We Handle Breach Data</h3>
<div class="highlight-box">
<strong>We never republish or distribute complete breach dumps or stolen data.</strong>
</div>
<p>Here's what we actually store and how we process breach data:</p>
<ul>
<li>We extract only email addresses from breach datasets and store them in our database. This allows us to provide search functionality without retaining the full scope of compromised information.</li>
<li>We maintain public breach metadata including the breach name, date of occurrence, affected organization, and general categories of data that were exposed. This contextual information helps you understand the severity and scope of each incident.</li>
<li>We do NOT store passwords, credit card numbers, social security numbers, personal identification documents, or any other sensitive personal data that may have been part of the original breach. These data types are intentionally excluded from our systems.</li>
<li>This selective approach allows you to check whether your email appears in known breaches while ensuring that other sensitive information remains completely outside of our infrastructure and cannot be accessed by anyone through our service.</li>
</ul>
<h3>Data Minimization and Security</h3>
<p>We follow industry best practices for data security and minimization:</p>
<ul>
<li>We maintain only the minimum information absolutely necessary to perform breach lookups and provide our core service. Any data that doesn't serve a direct purpose for our users is not collected or retained.</li>
<li>All operations are conducted within isolated cloud environments that employ encryption both at rest (when data is stored) and in transit (when data moves between systems). This protects information from unauthorized access at every stage.</li>
<li>We never share, sell, or provide raw personal data to third parties for any purpose, including marketing, analytics, or research. Your privacy is not a commodity we trade.</li>
</ul>
<h3>Legal and Takedown Requests</h3>
<p>We take our legal obligations seriously and work to balance transparency with legal compliance:</p>
<ul>
<li>We respond promptly and appropriately to valid legal orders, law enforcement requests, and directions from regulatory authorities. Each request is reviewed to ensure it meets legal standards before action is taken.</li>
<li>When a breach dataset becomes subject to a court injunction, legal restriction, or valid takedown request, we may suppress that information entirely or limit access based on geographic location to comply with regional laws and regulations.</li>
<li>We believe in transparency about these requests. Statistics on takedown and legal requests are published in the metrics table below, updated regularly to keep the community informed about the legal demands we receive.</li>
</ul>
<div class="contact-box">
<p style="margin-bottom: 10px;"><strong>Need to request a takedown or restriction?</strong></p>
<p style="margin-bottom: 0;">Rights-holders and organizations can contact us at:<br>
<!--email_off--><a href="mailto:deva@xposedornot.com">deva[@]xposedornot.com</a><!--/email_off-->
</p>
</div>
<h3>Public-Interest Standard</h3>
<p>We decide whether to include a breach based on:</p>
<ul>
<li><strong>Reliable source verification:</strong> Is the breach authentic and verified?</li>
<li><strong>Substantial impact on individuals:</strong> Does it affect a significant number of people?</li>
<li><strong>No ongoing risk:</strong> Will disclosure cause harm or create safety issues?</li>
</ul>
<p>
If disclosing a breach could cause harm or violates a legal restriction, we exclude or limit that dataset.
</p>
<h3>User Query Privacy</h3>
<p>Your privacy is paramount when you use our search features. We've designed our system to protect your anonymity:</p>
<ul>
<li>Search queries are processed in memory and are not logged in any identifiable form. Once your search is complete, the query information is not retained in a way that could be linked back to you.</li>
<li>We do not store the email addresses you search for, nor do we sell this information to third parties or use it for marketing purposes. Your searches remain private.</li>
<li>We do not associate queries with IP addresses beyond transient security logs that are maintained solely for system protection and are automatically purged on a regular schedule.</li>
</ul>
<h3>Transparency Metrics</h3>
<p>
Below are statistics on takedown and legal requests we've received:
</p>
<div class="table-responsive">
<table class="metrics-table">
<thead>
<tr>
<th>Period</th>
<th>Takedown Requests</th>
<th>Complied</th>
<th>Denied</th>
<th>Notes</th>
</tr>
</thead>
<tbody>
<tr>
<td>2026 Q1</td>
<td>0</td>
<td>0</td>
<td>0</td>
<td>No requests received</td>
</tr>
<tr>
<td>2025 Q4</td>
<td>0</td>
<td>0</td>
<td>0</td>
<td>No requests received</td>
</tr>
<tr>
<td>2025 Q3</td>
<td>0</td>
<td>0</td>
<td>0</td>
<td>No requests received</td>
</tr>
<tr>
<td>2025 Q2</td>
<td>0</td>
<td>0</td>
<td>0</td>
<td>No requests received</td>
</tr>
<tr>
<td>2025 Q1</td>
<td>0</td>
<td>0</td>
<td>0</td>
<td>No requests received</td>
</tr>
</tbody>
</table>
</div>
<div class="highlight-box">
<p style="margin: 0;">
<strong>Questions about our transparency practices?</strong><br>
Visit our <a href="faq.html" style="color: #3f71f3;">FAQ page</a>, read our <a href="terms" style="color: #3f71f3;">Terms and Conditions</a>, or reach out via
<!--email_off--><a href="mailto:deva@xposedornot.com" style="color: #3f71f3;">deva[@]xposedornot.com</a><!--/email_off-->
</p>
</div>
</div>
</div>
</div>
<div class="footer">
<div class="container">
<div style="text-align:center;margin-bottom:30px;">
<p>Join us in shaping this fully open source site! Contributions welcome ❤️ at our <a
href="https://github.com/XposedOrNot" target="_blank" rel="noopener">GitHub</a>.</p>
</div>
<div class="footer-columns">
<div class="footer-group">
<h6>Legal</h6>
<div class="footer-links-wrapper">
<a href="privacy" class="footer-link">Privacy Policy</a>
<a href="terms" class="footer-link">Terms</a>
</div>
</div>
<div class="footer-group">
<h6>Community</h6>
<div class="footer-links-wrapper">
<a href="https://blog.xposedornot.com" class="footer-link">Blog</a>
<a href="our-repository" class="footer-link">Our Repository</a>
</div>
</div>
<div class="footer-group">
<h6>Trust</h6>
<div class="footer-links-wrapper">
<a href="https://stats.uptimerobot.com/3zjQkZ2Caa" target="_blank" rel="noopener" class="footer-link">Status</a>
<a href="transparency" class="footer-link">Transparency</a>
<a href="responsible-disclosure" class="footer-link">Responsible Disclosure</a>
</div>
</div>
<div class="footer-group">
<h6>Follow Us</h6>
<div class="footer-links-wrapper">
<a href="https://twitter.com/xposedornot" target="_blank" rel="noopener" name="twitter" class="footer-link">
<i class="fab fa-twitter"></i> Twitter (X)
</a>
<a href="https://facebook.com/xposedornot" target="_blank" rel="noopener" name="fb" class="footer-link">
<i class="fab fa-facebook"></i> Facebook
</a>
<a href="https://infosec.exchange/@XposedOrNot" target="_blank" rel="noopener" name="mastodon" class="footer-link">
<i class="fab fa-mastodon"></i> Mastodon
</a>
</div>
</div>
</div>
<div class="custom-control custom-switch" style="text-align:center;margin-top:20px;">
<input type="checkbox" class="custom-control-input" id="darkSwitch">
<label class="custom-control-label" for="darkSwitch">Dark Mode</label>
</div>
</div>
</div>
<script src="/static/scripts/libs/jquery-3.7.1.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/bootstrap/4.6.2/js/bootstrap.min.js"
integrity="sha512-7rusk8kGPFynZWu26OKbTeI+QPoYchtxsmPeBqkHIEXJxeun4yJ4ISYe7C6sz9wdxeE1Gk3VxsIWgCZTc+vX3g=="
crossorigin="anonymous" referrerpolicy="no-referrer"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/2.6.0/umd/popper.min.js"
integrity="sha512-BmM0/BQlqh02wuK5Gz9yrbe7VyIVwOzD1o40yi1IsTjriX/NGF37NyXHfmFzIlMmoSIBXgqDiG1VNU6kB5dBbA=="
crossorigin="anonymous"></script>
<script src="/static/scripts/common.js"></script>
<script defer async src="https://www.googletagmanager.com/gtag/js?id=G-MHXCCZ0EYY"></script>
<script>
// Footer accordion for mobile
document.addEventListener('DOMContentLoaded', function() {
var footerGroups = document.querySelectorAll('.footer-group h6');
footerGroups.forEach(function(header) {
header.addEventListener('click', function() {
if (window.innerWidth <= 768) {
var group = this.parentElement;
group.classList.toggle('active');
}
});
});
});
</script>
</body>
</html>