Skip to main content

Security practices

This page summarises how we think about security for kitchenholy. It is not an audit certificate or insurance policy — it explains our approach and how to report issues.

1) Access control

Administrative access to servers and publishing tools is limited to people who need it. We use strong authentication where available and review permissions periodically.

2) Backups and continuity

We maintain backups and recovery procedures to reduce the risk of data loss. No backup strategy removes all risk; critical personal data should not rely solely on our site.

3) Logging and monitoring

Technical logs help us detect abuse, debug failures, and investigate incidents. Logs are kept for a limited time proportionate to those needs.

4) Reporting vulnerabilities

If you believe you found a security vulnerability, please tell us first via Contact us with steps to reproduce. Please do not exploit the issue, do not access others’ data, and avoid public disclosure until we have had reasonable time to fix it.

5) Your habits matter

Use unique passwords, keep devices updated, and be cautious with phishing. We will never ask for your password by email.