We take the security of www.thingy.agency seriously. Here is a general overview of our approach.
1. A lean, static site
The Site is currently built as a static website, which keeps its attack surface small. Pages are served over an encrypted HTTPS/TLS connection.
2. Data
We aim to keep the personal data handled through the Site to a minimum. Where we use third-party services (such as analytics or scheduling tools), those providers maintain their own security practices. See our Privacy Policy for more.
3. Providers
We rely on established providers that maintain industry-standard security practices.
4. Responsible disclosure
If you believe you've found a security issue on the Site, please email us at hello@thingy.agency. We appreciate the heads-up and ask that you give us a reasonable chance to look into it before sharing it publicly.
5. No guarantees
No website or service can be completely secure. We take reasonable measures, but we can't guarantee absolute security.
6. Contact
Security questions? Email hello@thingy.agency.