Security Policy

Security Measures

We implement industry-standard security measures to protect our services:

• HTTPS encryption for all connections (TLS 1.3)
• Strict Transport Security (HSTS) enabled
• Content Security Policy (CSP) headers
• XSS and CSRF protection
• Regular security updates and patches
• Secure iframe sandboxing for embedded content
• No storage of sensitive personal data

Data Protection

We protect your data through:

• Minimal data collection practices
• Encrypted data transmission
• Access controls and authentication
• Regular security audits
• Compliance with data protection regulations

Reporting Security Issues

If you discover a security vulnerability, please report it responsibly:

• Contact us through our secure contact form
• Provide detailed information about the vulnerability
• Allow reasonable time for us to address the issue
• Do not publicly disclose the vulnerability before it's resolved

We appreciate responsible disclosure and will acknowledge your contribution.

Third-Party Services

Our website integrates with trusted third-party services (Vercel, Google Analytics) that maintain their own security standards. We carefully vet all third-party integrations for security compliance.