At Junkyard Notify, we take the security of your data seriously. Our platform is built on a foundation of proactive defense, transparency, and data integrity.
All traffic to Junkyard Notify is encrypted in transit using TLS 1.3. We enforce HSTS (HTTP Strict Transport Security) across all domains to prevent man-in-the-middle attacks.
Our databases are isolated from the public internet and utilize point-in-time recovery (PITR) to ensure data resilience. We use industry-standard encryption for sensitive user information.
We implement a strict Content Security Policy (CSP) to mitigate the risk of Cross-Site Scripting (XSS) and code injection. Our headers include X-Frame-Options: DENY to prevent hijacking and X-Content-Type-Options: nosniff to enforce correct MIME types.
Authentication is handled securely using JSON Web Tokens (JWT) with robust signing keys and established session management practices.
We welcome reports from security researchers and the community. If you believe you have found a security vulnerability in Junkyard Notify, please contact our security team immediately.
Contact [email protected]This security policy is reviewed and updated quarterly to reflect the evolving threat landscape and improvements in our security posture. Last updated: March 2026.