She Sharp

Security Policy

Last Updated: 8 September 2025

Privacy Policy

How we protect your data

Cookie Policy

Our use of cookies

Terms of Service

Terms of using our services

Accessibility

Our commitment to accessibility

Security Policy

Security practices & reporting

Code of Conduct

Community guidelines

Ambassador Code of Conduct

Volunteer & ambassador standards

Our Security Commitment

At She Sharp, we take the security of our members' data seriously. This policy outlines our security practices, how we protect your information, and how you can help us maintain a secure environment for our community.

Security is a shared responsibility. We implement best practices and encourage our community to follow security guidelines.

Security Measures We Implement

Data Encryption

  • SSL/TLS encryption for all data in transit
  • Encrypted storage for sensitive information
  • Secure password hashing with Argon2

Access Control

  • Multi-factor authentication available
  • Role-based access permissions
  • Regular access reviews and audits

Regular Updates

Security patches and system updates

Activity Monitoring

Real-time threat detection

Secure APIs

Protected endpoints with authentication

Reporting Security Vulnerabilities

Responsible Disclosure Program

We appreciate the security research community's efforts in helping keep our members safe. If you discover a security vulnerability, please report it responsibly.

How to Report

  1. 1.Email security@shesharp.org.nz with details
  2. 2.Include steps to reproduce the issue
  3. 3.Allow us time to investigate and fix
  4. 4.Avoid public disclosure until resolved

What to Include

  • Type of vulnerability
  • Affected URLs or components
  • Proof of concept (if applicable)
  • Your contact information

Response Time: We aim to acknowledge receipt within 48 hours and provide an initial assessment within 5 business days.

Security Best Practices for Members

Help us maintain a secure environment by following these best practices:

Account Security

  • Use a strong, unique password
  • Enable two-factor authentication when available
  • Don't share your login credentials
  • Log out when using shared computers

Staying Safe Online

  • Verify emails claiming to be from She Sharp
  • Don't click suspicious links
  • Report phishing attempts immediately
  • Keep your devices updated

Data Breach Response

Our Incident Response Commitment

In the unlikely event of a data breach, we have procedures in place to respond quickly and transparently:

1

Immediate Containment

Isolate affected systems and prevent further unauthorized access.

2

Assessment & Investigation

Determine the scope and impact of the breach.

3

Notification

Inform affected users within 72 hours as required by law.

4

Remediation

Implement fixes and strengthen security measures.

Security Updates & Transparency

Regular Security Reviews

We conduct regular security assessments including:

  • Quarterly security audits
  • Penetration testing
  • Code reviews
  • Dependency updates

Transparency Reports

We believe in transparency about our security practices:

  • Annual security summary
  • Incident statistics (anonymized)
  • Security improvements made
  • Community security tips

Security Contact

Get in Touch

For security-related questions, vulnerability reports, or concerns about your account security, please contact our security team.

Security Team

security@shesharp.org.nz

For vulnerability reports and security incidents

General Support

support@shesharp.org.nz

For account help and general questions

Encryption Available: We support PGP encryption for sensitive communications. Request our public key when contacting security@shesharp.org.nz.