Our Approach
- Google Cloud/Firebase infrastructure with encryption at rest and in transit.
- Signed URL uploads, least-privilege service accounts, Firestore rules.
- Verified Stripe webhooks; reCAPTCHA v3 for abuse prevention.
- Manuscript purge after processing; report access via tokenized link.
Report a Vulnerability
Email: sumosizedginger@gmail.com
Include a clear description, impact, reproduction steps, and any logs or screenshots. Please avoid data exfiltration and respect privacy. We’ll acknowledge receipt within 5 business days and keep you informed.
Safe Harbor
If you follow good-faith testing and responsible disclosure, we will not initiate legal action for security research that respects user privacy and local laws.