Privacy PolicyCookie PolicyTerms of ServiceAccessibilitySecurity PolicyCode of ConductAmbassador Code

Security Policy

Last Updated: 16 March 2026

Our Security Commitment

At She Sharp, we take the security of our members' data seriously. This policy outlines our security practices, how we protect your information, and how you can help us maintain a secure environment for our community.

Security Measures We Implement

Data Encryption

  • SSL/TLS encryption for all data in transit
  • Encrypted storage for sensitive information
  • Secure password hashing with Argon2

Access Control

  • Multi-factor authentication available
  • Role-based access permissions
  • Regular access reviews and audits

Additional Measures

  • Regular security patches and system updates
  • Real-time threat detection and activity monitoring
  • Protected API endpoints with authentication

Reporting Security Vulnerabilities

We appreciate the security research community's efforts in helping keep our members safe. If you discover a security vulnerability, please report it responsibly.

How to Report

  1. Email security@shesharp.org.nz with details
  2. Include steps to reproduce the issue
  3. Allow us time to investigate and fix
  4. Avoid public disclosure until resolved

What to Include

  • Type of vulnerability
  • Affected URLs or components
  • Proof of concept (if applicable)
  • Your contact information

Response Time: We aim to acknowledge receipt within 48 hours and provide an initial assessment within 5 business days.

Security Best Practices for Members

Help us maintain a secure environment by following these best practices:

Account Security

  • Use a strong, unique password
  • Enable two-factor authentication when available
  • Don't share your login credentials
  • Log out when using shared computers

Staying Safe Online

  • Verify emails claiming to be from She Sharp
  • Don't click suspicious links
  • Report phishing attempts immediately
  • Keep your devices updated

Data Breach Response

In the unlikely event of a data breach, we have procedures in place to respond quickly and transparently:

  1. Immediate Containment — Isolate affected systems and prevent further unauthorized access
  2. Assessment & Investigation — Determine the scope and impact of the breach
  3. Notification — Inform affected users within 72 hours as required by law
  4. Remediation — Implement fixes and strengthen security measures

Security Updates & Transparency

We conduct regular security assessments including:

  • Quarterly security audits
  • Penetration testing
  • Code reviews
  • Dependency updates

Security Contact

For security-related questions, vulnerability reports, or concerns about your account security, please contact our security team:

We support PGP encryption for sensitive communications. Request our public key when contacting security@shesharp.org.nz.

Security Policy | She Sharp