Security Policy

We take the security of our users and systems seriously. If you believe you’ve found a security vulnerability, please report it responsibly so we can investigate and remediate it as quickly as possible.

How to Report

Email: eric_in_it@yahoo.com

Scope

• Any domain or application we operate under this site.
• Public endpoints, static assets, and client-side code shipped by us.

Out of Scope

• Denial of service (DoS) and volumetric attacks.
• Automated vulnerability scanner findings without proven impact.
• Clickjacking on pages without sensitive actions.
• Reports about third-party services not operated by us.

Safe Harbor

We will not pursue legal action for good-faith research and disclosure that avoids privacy violations, data destruction, and service disruption.

Data Handling

Do not access or exfiltrate more data than necessary to demonstrate an issue. If personal data is encountered, stop testing and report immediately.

Disclosure

Please allow us reasonable time to triage and remediate before any public disclosure. We’ll keep you informed of progress and timing.

security.txt

Our security contact details are also published at /.well-known/security.txt.