Trust & Safety

Security

Last updated: July 2026

The security of our website and your information is important to us. This page outlines the technical and operational measures we take to protect data and how to reach us if you discover a vulnerability.

HTTPS Everywhere

All traffic to and from this website is encrypted using TLS. We enforce HTTPS and redirect all HTTP requests. Security headers including X-Frame-Options, X-Content-Type-Options, and Strict-Transport-Security are set on every response.

Secure Hosting Infrastructure

This website is hosted on Vercel's global edge network, which provides DDoS protection, automatic TLS certificate management, and regular security updates. We do not manage our own servers or database infrastructure.

Contact Form Data

Information submitted through our contact form is transmitted securely and delivered to our team via Resend, a SOC 2 compliant email delivery provider. We do not store form submissions in a database — they are delivered directly as email and retained only in our business email.

No Sensitive Data Stored

We do not collect or store passwords, payment card information, government ID numbers, or health data. We do not run cookies or analytics scripts that track your browsing behaviour.

Responsible Disclosure

If you discover a security vulnerability in our website, please report it to us before disclosing it publicly. We appreciate responsible security research and will work to address confirmed issues promptly.

When reporting, please include:

  • A description of the vulnerability and its potential impact.
  • Steps to reproduce the issue.
  • Any supporting evidence (screenshots, request/response logs).

Report security issues to: build@merpsystems.com