xonPlus Logo

Privacy Policy

How xonPlus collects, uses, and protects your data

Your Privacy Matters to Us

Last Updated: 25-June-2023

At xonPlus, we believe that transparency is the cornerstone of trust. This document is designed to keep things clear about how we handle your data, ensuring you can use our services with complete peace of mind.

How We Collect Information

  • Direct InformationWhenever you sign up for our Alert Me or Domain Monitoring service, we request details like your email. This lets us get in touch and serve you better by alerting you of data breaches.
  • Device & Usage MetricsWhen you visit xonPlus, we automatically fetch non-personal data like your IP address, device type, and browser. This is standard for most websites and helps us optimize our platform for users like you.
  • Behavior AnalyticsWith the aid of cookies and tools, notably Google Analytics, we dive deep into usage patterns. This doesn't mean we know your personal browsing habits; rather, it helps us understand which features are hits and which need improvement.

How and Why We Use Your Data

  • Safety Protocols: We'll promptly alert you about any data breaches.
  • Service Enhancement: We're always looking to level up. Your data guides our improvements.
  • Demographics and Analysis: By understanding our audience, we can tailor-make experiences, but we'll never misuse this privilege.

Your Privacy: Our Commitment

Selling or sharing personal data? That's just not us. We'll shield your details from third parties unless there's a legal imperative. And even then, we'll fight for your right to privacy.

Security Measures

At xonPlus, ensuring the safety of your data isn't just a commitment, it's our ethos. Our approach to data security is multifaceted:

Technical Measures & Administrative Protocols:

  • Encrypted Connections: All communication between your device and our servers benefits from advanced encryption, providing a secure channel for your data.
  • Firewall Protections: Our platform operates on Google's robust infrastructure, further bolstered by Cloudflare's cutting-edge web appication firewall systems.
  • Up-to-date Security: Our API runs on Google's infrastructure, while static pages are hosted on Cloudflare.
  • Minimal Data Interaction: We restrict data access to a need-to-know basis, ensuring that only API can interface with user data.

Harnessing these comprehensive measures, we aim to make your experience with xonPlus not just beneficial but also secure.

GDPR Compliance & Data Protection

xonPlus is committed to protecting your privacy and complying with the General Data Protection Regulation (GDPR) and other applicable data protection laws. We process personal data lawfully, transparently, and only for specified, legitimate purposes.

For all GDPR-related requests, data subject access requests, or privacy concerns, please contact us at help[@]xposedornot.com. We will respond to your request within 30 days as required by GDPR.

Your Data Rights Under GDPR

We acknowledge and uphold your data rights. Here's how they apply to our platform:

Right to Access

To view any data associated with your email, simply use the search function on our homepage or our authenticated search if you're logged in. For a comprehensive data export, contact help[@]xposedornot.com.

Right to Rectification

Discovered discrepancies in your personal data? Contact us at help[@]xposedornot.com and we'll take steps to rectify them promptly.

Right to Erasure (Right to be Forgotten)

Given the nature of our breach monitoring platform, completely erasing breach data isn't feasible as it serves public security interests. However, we offer a Privacy Shield feature that ensures your email address isn't publicly searchable while maintaining security monitoring capabilities.

Right to Restrict Processing

If you'd rather certain data not be processed or displayed, activate the Privacy Shield. This acts as a protective barrier, preventing your email address from appearing in public searches while maintaining essential security functions.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format. Contact help[@]xposedornot.com to request a data export.

Right to Object

You can object to processing of your personal data for direct marketing purposes at any time. For monitoring services, you can unsubscribe or enable Privacy Shield to limit public visibility.

Lawful Basis for Processing

We process personal data based on the following lawful grounds under GDPR:

  • Consent: When you sign up for alerts or monitoring services, you provide explicit consent for data processing
  • Legitimate Interests: Processing publicly available breach data serves legitimate security interests in protecting individuals and organizations from cyber threats
  • Contract Performance: Processing necessary to deliver the services you've subscribed to
  • Legal Obligations: Compliance with applicable laws and regulations governing data security and breach notifications

Data Retention

  • Account Data: Retained for as long as your account is active or as needed to provide services
  • Breach Data: Historical breach records are retained indefinitely for security research and threat intelligence purposes
  • Monitoring Subscriptions: Alert preferences and monitoring configurations are retained until you cancel the service
  • Analytics Data: Anonymized usage data may be retained for service improvement and security purposes
  • Legal Retention: Some data may be retained longer when required by law or for legitimate legal purposes

To request deletion of your account data, contact help[@]xposedornot.com. Please note that publicly sourced breach data will remain for security purposes but can be shielded from public searches via Privacy Shield.

Policy Evolutions

Our commitment to you means our Privacy Policy might change, reflecting new best practices or legal requirements. Whenever this happens, we'll communicate directly and transparently. So, keep an eye on our official policy page.

Acceptable Use Policy (AUP)

xonPlus is a platform rooted in ethical values. We're all about promoting awareness around data breaches. By engaging with our services, you pledge to do so responsibly, abiding by our standards and the prevailing laws in your jurisdiction.

Contact Us

For questions or concerns about this Privacy Policy, GDPR requests, or data protection inquiries, please contact us at:

Email: help[@]xposedornot.com

Twitter: xonPlus