Security Policy

DataStorified uses a client-first design and managed hosting to reduce the server-side data footprint. Security is an ongoing risk-management process, not a guarantee that incidents cannot occur.

We minimize collection, restrict access, use reputable providers, review dependencies, separate environments where appropriate, and retain server data only for defined operational or legal purposes.

Browser local storage is not encrypted by DataStorified and is accessible within the same browser profile. Protect your device, avoid shared sessions, and clear site data before transferring or disposing of a device.

If accounts launch, users will be responsible for strong credentials and device access. We intend to support secure session management, rate limiting, recovery controls, and stronger authentication where risk warrants it.

Production traffic uses HTTPS through managed infrastructure. Future sensitive server-side records should use provider-supported encryption at rest and narrowly scoped secret management.

Current file tools do not process uploads. Future tools will prefer in-browser processing and will clearly state when remote processing, temporary storage, limits, and deletion schedules apply.

Researchers should test only systems they own or have permission to assess, avoid privacy violations and disruption, use minimal proof, keep findings confidential while remediation is underway, and report promptly.

Send reports to security@datastorified.com with the affected URL, reproduction steps, impact, supporting evidence, and safe contact details. Do not include live credentials or exploit unrelated accounts.

We cannot guarantee rewards, response timelines, or safe harbor for destructive, extortionate, illegal, privacy-invasive, social-engineering, denial-of-service, or third-party testing. Good-faith reports will be assessed reasonably.

Security reports: security@datastorified.com. General privacy matters should go to privacy@datastorified.com so urgent vulnerability reports remain visible.