ILBADILL 9•6•3

Security Policy

🔒 Security Policy & Responsible Disclosure

Security Contact Information

Security Email: legal963ilbadill@gmail.com

Preferred Languages: English, Portuguese

Scope: Website security issues

Scope of Security Policy

This security policy applies to the website content i directly control. Third-party services (CDN, hosting, APIs) maintain their own security policies.

✅ In Scope

  • Website: https://ilbadill963.com
  • Website: https://www.ilbadill963.com
  • All subdomains: *.ilbadill963.com
  • Age verification system
  • Cookie preference storage
  • Content delivery infrastructure

❌ Out of Scope

  • OpenSea platform security
  • Ethereum blockchain security
  • Discord community security
  • Third-party services security

Simple Security Measures

Website Security

  • HTTPS encryption for all connections
  • Secure hosting infrastructure
  • Static site architecture (no databases)

Data Protection

  • No user accounts or login required
  • No personal data collected
  • No financial transactions on this site
  • Browser storage only for age verification
  • Simple, transparent data practices

Static Site Advantage

As a static website, there are no databases, no backend systems, and no user data storage. This significantly reduces security risks compared to dynamic websites.

Vulnerability Reporting Process

When reporting a security vulnerability, please include:

Required Information

  1. Description of the vulnerability
  2. Steps to reproduce
  3. Potential impact assessment
  4. Suggested fix (if available)
  5. Your contact information

Our Process

  • I take all security reports seriously
  • I will make reasonable efforts to investigate legitimate reports
  • I focus on securing our art presentation website
  • I appreciate responsible disclosure from the security community

Why This Policy Exists

Transparency, Not Complexity

As an independent digital artist, I maintain this security policy for transparency. While this website is simple, I believe in being clear about security practices.

Key points for security researchers:

  • No login systems or user databases
  • No payment processing on this domain
  • No complex backend infrastructure
  • Focus is on securing art presentation

Legal & Compliance Context

Important Note: This is a static digital art website. All NFT transactions occur on OpenSea, which has its own security measures. We focus on securing the art presentation website itself.

Compliance Framework

  • Respect for user privacy and data minimization
  • Transparent security practices
  • Age verification for artistic content
  • Secure presentation of digital art

Related Policies

Policy Information

Last Updated: December 7, 2025

Digital Artist: CJ - Independent Digital Artist

Jurisdiction: Portugal, European Union

Return to Homepage