Security

Security posture

The Shrinfinity™ parent website is a static informational site. It does not process payments or handle authentication. This site uses Plausible Analytics — a cookieless, privacy-preserving analytics tool that collects no personally identifiable information. Contact emails received through this site are retained only for the purpose of responding to inquiries; no other user data is stored. Individual products such as ProofTrail™ operate on separate infrastructure with their own security posture and documentation. For ProofTrail-specific security information, visit prooftrail.tech.

Responsible disclosure

If you discover a security vulnerability affecting this website or any Shrinfinity product, please report it to us directly. We appreciate responsible disclosure and will respond in good faith.

Instructions

1. Email the details to legal@shrinfinity.tech with 'Security Disclosure' in the subject line.
2. Describe the vulnerability clearly, including steps to reproduce if applicable.
3. Do not publish or share the vulnerability publicly until we have had a reasonable opportunity to investigate and respond.
4. We will acknowledge your report within 5 business days and aim to resolve confirmed issues in a timely manner.

Bug bounty

We do not currently operate a formal bug bounty program. We do not offer monetary rewards but are grateful for good-faith security reports.

Certifications and compliance

We do not claim certifications or compliance status we do not hold. The following statements are made for clarity:

• This site is not ISO 27001 certified.
• This site has not completed SOC 2 audits.
• No false compliance certifications are claimed.