Security
This page describes the security posture of the Shrinfinity parent company website and outlines how to report security concerns.
This page applies to the Shrinfinity parent company website (shrinfinity.tech). Product-specific terms, policies, and legal notices may apply separately on individual product sites such as ProofTrail (https://prooftrail.shrinfinity.tech/).
Security posture
The Shrinfinity parent website is a static informational site. It does not process payments or handle authentication. This site uses Plausible Analytics — a cookieless, privacy-preserving analytics tool that collects no personally identifiable information. Contact emails received through this site are retained only for the purpose of responding to inquiries; no other user data is stored. Individual products such as ProofTrail operate on separate infrastructure and may have their own security documentation.
Responsible disclosure
If you discover a security vulnerability affecting this website or any Shrinfinity product, please report it to us directly. We appreciate responsible disclosure and will respond in good faith.
Disclosure contact
legal@shrinfinity.techInstructions
- Email the details to legal@shrinfinity.tech with 'Security Disclosure' in the subject line.
- Describe the vulnerability clearly, including steps to reproduce if applicable.
- Do not publish or share the vulnerability publicly until we have had a reasonable opportunity to investigate and respond.
- We will acknowledge your report within 5 business days and aim to resolve confirmed issues in a timely manner.
Bug bounty
We do not currently operate a formal bug bounty program. We do not offer monetary rewards but are grateful for good-faith security reports.
Certifications and compliance
We do not claim certifications or compliance status we do not hold. The following statements are made for clarity:
- This site is not ISO 27001 certified.
- This site has not completed SOC 2 audits.
- No false compliance certifications are claimed.