Data Privacy Statement

1. Data Storage and Use

The email address you enter in the context of a check is used by the Hasso Plattner Institute for Digital Engineering gGmbH for data reconciliation and sending the reply email.

The entered email address and the client IP address are stored for 24 hours in a database in a concealed form (hash) in order to detect automated requests.

2. Right of access, deletion and data blocking

(1) Because the source of the Identity Leak Checker’s data set does not allow specific assignment to an individual (§4 Abs. 1 DSGVO), we cannot provide any information about the data set according to §15 DSGVO. We do make it possible for the owner of an email address contained in our data set to block or delete this address as an information source (database queries and sending email).

(2) For further questions that do not pertain to paragraph 1, please contact the data protection officer at Hasso Plattner Institute. To do this, submit your request in writing to:

Hasso-Plattner-Institut für Digital Engineering gGmbH
Data Protection Officer
Prof.-Dr.-Helmert-Str. 2-3
D-14482 Potsdam

or alternatively by email to: datenschutz(at)hpi.de

3. Server Log Files

The page provider collects and stores information in so-called server log files. These log files are used to detect misuse of the service and to find the originator of it. The log files are stored for only a limited time (further details below).

Web Server

Your web browser automatically transmits the following information to us when connecting to our website:

  • Name of the accessed file
  • Date and time of access
  • Volume of data transferred
  • Notification as to whether file retrieval was successful
  • IP address
  • Web address previously accessed (Referrer URL)
  • Information about the operating system
  • Browser
  • Host name

This information is collected by us and held for 7 days in the log file. This data cannot be associated with specific individuals. A combination of this data with other data sources is not carried out. We reserve the right to retroactively check this data if we become aware of warranted indications of unlawful use.

Email Message Server

When sending the response message about being affected in a leak, our e-mail server stores information about the sent e-mail in a log file. This log entry contains the following information:

  • Recipient address of the response e-mail

The log entries are held by us in the log file for 2 days (48 hours).

4. Integration of elements from external providers

Google reCAPTCHA

We use Google reCAPTCHA from Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) to prevent automated queries. Google reCAPTCHA is incorporated into the website after 3 email checks a day.

reCAPTCHA is a free service that protects web pages against spam and abuse. It uses advanced risk analysis techniques to keep people and bots apart. We use reCAPTCHA to secure input forms.

By using reCAPTCHA, data will be transmitted to Google that Google uses to determine whether the visitor is a human or bot. What data is collected by Google and what this data is used for, you can read here. You can read Google's Terms of Service here.

Google Graphs

We use Google Graphs from Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) to display statistics on the statistics page. Google Graphs allows you to create dynamic diagrams in JavaScript. Unless you visit the statistics page, the Google Library will not load.

By using Google Graphs, data will be transmitted to Google that Google uses to determine whether the visitor is a human or bot. What data is collected by Google and what this data is used for, you can read here. You can read Google's Terms of Service here.

5. Links to Other Websites

Our website contains links to the websites of other, unrelated providers. After clicking on such a link, we no longer have any influence on the processing of any data that is transferred to the third party (such as the IP address or the URL on which the link is located), since the behavior of third parties is beyond our control. Therefore, we cannot accept any responsibility for the processing of any such data by third parties.