Last Updated: May 2026
At LeakOrigin, your privacy and data security are our highest priorities. Because we deal with sensitive threat intelligence, our platform is intentionally designed to know as little about your data as possible.
1. Ephemeral Data Processing
When you use our GitHub Repository Scanner or API Key Search, the data fetched (such as repository code or your searched API key) is processed exclusively in-memory. We do not write scanned files to our local disks, and we do not cache or store the exact API keys you search for.
2. Email and Password Checks
Email addresses submitted for breach checks are securely hashed or queried against public breach datasets without logging the cleartext email in our permanent databases. We strongly recommend using k-anonymity (checking only the first 5 characters of a password hash) whenever utilizing our password APIs.
3. No Write Access
Our platform requests absolutely zero write access to your GitHub repositories or third-party accounts. All integrations are strictly read-only.