It makes sense to treat our users privacy with complete respect:
We never give our your email. That's why you choose a handle, so you can give this out to businesses.
We hash all passwords before we store it. Also you can sign-up using Facebook or Google too, and we never even receive a password of any form.
You can approve and decline requests from 3rd party webservices to use your handle. This means other people can't pretend to be you. What's more you can always revoke access to services you have previously granted access to.
We just try and do things simple and right.