Security

How RedDogSME Handles Sensitive Project Material.

Use the website for service information, booking, and basic contact. Client findings, diagrams, exports, approvals, and attachments are handled through the agreed delivery process.

Last updated May 31, 2026

The Public Website Stores No Accounts

The website has no login, no visitor accounts, and no stored visitor profiles. It is served over HTTPS, form submissions use bot protection, and submitted details go only to the tools used to run the business.

No Secrets Through the Public Website

Do not submit passwords, production keys, connection strings, certificates, tokens, regulated data, or customer confidential material through the public website or normal email.

Least Privilege Access by Default

When project access is needed, use scoped, time-limited, least-privilege access with named accounts and a client owner.

Secure Handoff Material

Runbooks, architecture notes, and decision records must not embed secrets. Share sensitive operational details through an agreed secure process.

Private Client Architecture Decision Records (ADRs)

Client decision records, findings, diagrams, approval notes, and attachments are confidential engagement records and are not published on the public website.

No AI Over Client Data by Default

Confidential client decisions, approvals, and technical material stay out of AI processing unless the client approves a secure workflow in writing.

Client Environment Ownership

Clients remain responsible for approving changes, granting access, maintaining production controls, and validating compliance obligations for their own environments.

Reporting a Security Concern

To report a security issue with the website, email the address below or see /.well-known/security.txt. Do not include secrets or client data in the report.

Secure Intake

Before Sharing Sensitive Data

Agree on the channel and access model before you share confidential technical material.

architecture@reddogsme.comPrivacy Details