Security at SiteConnect.io Ltd

Security at SiteConnect.io Ltd

Last Updated: 18 September 2025

At SiteConnect.io Ltd, we are deeply committed to the security of our platform and the protection of your data. We understand that trust is fundamental to our relationship with our users. This page outlines our security practices and provides instructions on how to report a potential vulnerability.

Our Commitment to Security

We take a proactive approach to security, building it into our development lifecycle and regularly reviewing our infrastructure and code. Our goal is to protect your data at every layer.

Our Security Practices

• Data Encryption: All data transmitted between you and our services is encrypted using industry-standard Transport Layer Security (TLS). Data stored on our servers (“at rest”) is encrypted using robust algorithms like AES-256.
• Secure Infrastructure: Our platform is hosted on leading cloud infrastructure providers that offer state-of-the-art physical and network security. Our network is protected by firewalls and is continuously monitored for malicious activity.
• Access Control: We operate on a principle of least privilege, meaning employees are only granted the minimum level of access required to perform their job functions. All access to sensitive data is logged and audited.
• Vulnerability Management: We regularly perform automated vulnerability scans on our systems. We are also committed to working with the security community to identify and resolve potential issues in a timely manner.
• Employee Training: All our employees receive training on security best practices and their responsibilities in protecting user data and company systems.

Reporting a Security Vulnerability

We believe in the power of community and value the work of independent security researchers. If you believe you have discovered a security vulnerability in our service, please let us know right away.

We are committed to a Responsible Disclosure process:

1. Contact Us: Please send a detailed report to security@siteconnect.io.
2. Provide Details: To help us resolve the issue quickly, please include as much information as possible in your report, such as:
   1. A description of the vulnerability and its potential impact.
   2. Clear, step-by-step instructions to reproduce the issue.
   3. Any relevant proof-of-concept code, scripts, or screenshots.
3. Give Us Time: Provide us with a reasonable amount of time to investigate and fix the vulnerability before making any information public.

Our Promise to Researchers:

• We will respond to your report promptly, typically within 2 business days, to confirm we have received it.
• We will provide you with an estimated timeline for addressing the vulnerability.
• We will not take legal action against you provided you have acted in good faith and have followed these guidelines, including not accessing or modifying user data and not disrupting our service.
• Hall of Fame: We believe in recognizing the efforts of those who help keep our platform secure. We offer a public thank you and acknowledgement on our Hall of Fame page for researchers who report valid vulnerabilities.

How You Can Keep Your Account Secure

• Use a Strong, Unique Password: Avoid using passwords that you have used on other websites. A password manager can help you create and store strong passwords.
• On Our Roadmap: Two-Factor Authentication (2FA): We are committed to the ongoing security of your account. As part of this commitment, Two-Factor Authentication (2FA) is a high-priority feature planned for a future release.
• Beware of Phishing: Be cautious of suspicious emails or messages asking for your login credentials. We will never ask for your password via email.
• Keep Your Software Updated: Ensure your web browser and operating system are always up to date.

Questions?

For general questions about your account or our services, please contact our support team. For any security-related concerns or to report a vulnerability, please contact us at security@siteconnect.io.