This Privacy & Security Policy documents the data collection practices, security standards, and operational guidelines governing this website. It ensures that all interactions are handled with transparency, integrity, and paramount security.

A. Introduction

Purpose of the policy

This policy details how data is managed to ensure that all interactions are handled with total transparency, operational integrity, and enterprise-level security.

Scope of website coverage

This policy applies exclusively to interactions, form submissions, and data transmissions occurring directly on this personal portfolio and security research platform.

B. Information Collection

Contact form data

We collect information submitted via our contact forms (Name, Email Address, Subject, Message, and Optional Contact details) strictly to facilitate professional communication.

Bug report submissions

When utilizing the floating action button to submit a bug report, we process the provided Name, Issue Type, Description, and an optional Email Address specifically to replicate, verify, and resolve reported defects.

Voluntary user input

Any data supplied through form fields is handled on a purely voluntary basis.

No tracking without consent

This platform respects user privacy. No persistent tracking mechanisms, fingerprinting tools, or non-essential cookies are deployed without explicit consent.

C. Use of Information

Responding to inquiries

Collected data is used explicitly to respond to your direct inquiries, professional collaboration requests, and questions.

Improving security

Insights gathered from interactions and reports may be leveraged solely to patch vulnerabilities, strengthen defenses, and enhance the overall platform security posture.

Analyzing bug reports

Bug report data is systematically analyzed to ensure continuous improvement of the website architecture, accessibility, and performance.

D. Data Security

Secure hosting (Vercel)

This platform is deployed via Vercel's edge network, inheriting enterprise-grade DDoS mitigation, highly available infrastructure, and secure continuous deployment pipelines.

HTTPS encryption

All transit data is protected utilizing TLS 1.3 cryptographic protocols.

Limited data retention

Form submissions are routed through Formspree and retained solely for the period required to service the inquiry. We do not maintain perpetual databases of user input.

No third-party selling of data

Your data will never be traded, monetized, or sold to third-party data brokers or marketing agencies under any circumstances.

E. Responsible Disclosure / Bug Reporting Process

Security Vulnerability Disclosure Process

We welcome reports from security researchers and users regarding potential vulnerabilities or operational bugs. To ensure coordinated and safe remediation, please adhere to the following disclosure process:

1. Click the Floating Action Button (+) located in the bottom-right corner of the interface.
2. Select the "Bug" option from the radial menu.
3. Fill out the Bug Report form including:
   • Name
   • Email (optional but recommended for follow-up)
   • Issue Type
   • Description (Detailed steps to reproduce or payload specifics)
4. Submit the report.
5. A confirmation message will immediately appear validating the successful transmission.
6. Response Timeline: We commit to an initial triage and response timeline of 3–5 business days.

F. No Warranty Clause

This website and its content are provided strictly "as is" without representations or warranties of any kind, either express or implied. Operating as a personal portfolio, no liability is assumed for direct, indirect, incidental, or consequential damages arising from the use or inability to use this platform.

G. Contact Section

For all general inquiries, collaborations, and privacy-related queries not covered by the bug disclosure process, please utilize the primary Contact Form located on the homepage.