How we handle your data

We only collect what we need to catch what’s hurting you.

LeakSource is built around data minimization. We don’t want your entire business in our hands — only the logs, exports, and evidence required to prove or disprove leaks, fraud, or compromise.

Data minimization Scoped access Defined retention Secure deletion

High-level data categories

Depending on your case, we may work with:

Revenue & transaction data — orders, refunds, redemptions.
Account & session data — IDs, fingerprints, IPs, login history.
Program & loyalty data — points, coupons, rewards.
Operational logs — staff actions, backend events.

We typically do not need full card numbers or SSNs. When possible, we ask for redacted data.

Questions about a dataset? Email inquiries@leaksource.us.

Retention & deletion

Our posture: keep data just long enough to be useful, then kill it.

Active engagement: Stored for the life of the investigation.
Stabilization window: Limited retention for follow-up support.
Destruction: Scheduled secure deletion once the window closes.