Last Updated: February 15, 2026
Deadlock ("we," "our," or "the App") is committed to protecting your digital identity with a Privacy-by-Designapproach. Deadlock is a security tool designed to monitor data breaches and analyze password strength. We believe that your private data should remain private.
A. Personal Identifiers (Email Addresses)
When you perform a breach scan, the email address entered is sent directly to our service provider (Have I Been Pwned) via an encrypted TLS 1.3 connection.
Zero-Retention: We do not store, collect, or harvest your email addresses on any server.
Purpose: Data is used solely to query known breach databases.
B. Passwords
Local Analysis: All password strength calculations and entropy evaluations are performed locally on your device.
No Transmission: Your passwords are never sent to the internet, never stored in the cloud, and never visible to us.
C. Biometric Data (FaceID / TouchID)
Local Authentication: Deadlock uses standard iOS APIs for biometric authentication.
No Access: We do not have access to your FaceID or TouchID data; the authentication result is handled entirely by the iOS Secure Enclave.
We use a limited number of trusted third-party services to ensure the App functions securely:
Have I Been Pwned (HIBP): Used to check if accounts are compromised.
Google Firebase (Remote Config): Used to securely manage API configurations and application settings. No personal identifying information is sent to Firebase for this purpose.
All communications between the App and our service providers are protected using Industry-Standard AES-256 Encryption and TLS 1.3 protocols. Local data is protected by the iOS Keychain and system-level encryption.
You have full control over your data. You can use the "Erase All Local Data" feature within the App's Security Center to permanently destroy all scan history and local preferences.
If you have any questions regarding this Privacy Policy, please contact us at: help.subflow@gmail.com .