Data Security Statement | OmniCalculator.Space – Security & Vulnerability Disclosure

๐Ÿ”’ Data Security Statement

Our commitment to protecting your data and security practices

Last Updated: January 17, 2025

๐Ÿ›ก๏ธ Security Is a Priority

OmniCalculator.Space takes the security of our website and your data seriously. This page outlines our security practices and provides information on how to responsibly report security vulnerabilities.

1. Our Security Practices

We implement multiple layers of security to protect our website and your information:

๐Ÿ”
HTTPS Encryption
All connections to our website use TLS/SSL encryption (HTTPS) to protect data in transit.
๐Ÿ–ฅ๏ธ
Secure Hosting
Our website is hosted on secure, reputable infrastructure with regular security updates.
๐Ÿงฎ
Client-Side Processing
Calculator inputs are processed locally in your browser โ€” data is not transmitted to our servers.
๐Ÿ”„
Regular Updates
We keep our software, plugins, and dependencies updated to address security vulnerabilities.
๐Ÿงน
Input Validation
All user inputs are validated and sanitized to prevent injection attacks.
๐Ÿ”‘
Access Controls
Administrative access is restricted and protected with strong authentication.

2. Data Protection Measures

2.1 What We Don't Store

โœ… Your Calculator Data Stays Private

The values you enter into our calculators are processed entirely in your web browser using JavaScript. We do not collect, store, or transmit the numbers you enter into calculators. Your financial, health, and personal calculations remain completely private.

2.2 What We Do Collect

Like most websites, we collect limited technical data:

  • IP addresses โ€” For security, analytics, and approximate geolocation
  • Browser/device information โ€” For compatibility and analytics
  • Cookies โ€” For site functionality, preferences, and advertising
  • Usage data โ€” Pages visited, time on site, interactions

See our Privacy Policy for complete details on data collection and handling.

2.3 Third-Party Security

We use trusted third-party services that maintain their own security standards:

  • Google Analytics โ€” SOC 2 certified
  • Google AdSense โ€” Industry-standard security
  • CDN providers โ€” Enterprise-grade security

3. Responsible Disclosure Policy

๐Ÿ› Report a Security Vulnerability

We appreciate security researchers who help us keep our website secure. If you discover a security vulnerability, please report it responsibly following the guidelines below.

3.1 How to Report

๐Ÿ“ง Security Contact

info@omnicalculator.space

Subject: "Security Vulnerability Report"

3.2 What to Include

Please include the following in your vulnerability report:

  • Description of the vulnerability and its potential impact
  • Steps to reproduce the issue
  • Affected URL(s) or component(s)
  • Your contact information for follow-up
  • Any proof-of-concept code (if applicable)
  • Suggested mitigation (if you have one)

3.3 Disclosure Process

1

Submit Report

Email your vulnerability report with all relevant details to our security contact.

2

Acknowledgment

We will acknowledge receipt of your report within 3 business days.

3

Investigation

We will investigate the vulnerability and determine its severity and impact.

4

Remediation

We will develop and deploy a fix. Timeline depends on severity.

5

Notification

We will notify you when the issue is resolved and thank you for your report.

4. Scope & Guidelines

4.1 In Scope

TargetExamples
OmniCalculator.Space websiteAll pages on omnicalculator.space domain
Security vulnerabilitiesXSS, CSRF, SQL injection, authentication bypass
Data exposure risksSensitive data leaks, information disclosure
Configuration issuesSecurity misconfigurations, exposed admin panels

4.2 Out of Scope

โš ๏ธ The following are NOT considered vulnerabilities:

  • Social engineering attacks (phishing)
  • Physical attacks on our infrastructure
  • Denial of service (DoS/DDoS) attacks
  • Spam or content injection
  • Issues on third-party services or sites
  • Self-XSS (attacks requiring user action)
  • Missing security headers that don't lead to exploitation
  • Clickjacking on pages without sensitive actions
  • Rate limiting issues on non-critical endpoints

4.3 Responsible Disclosure Rules

๐Ÿšซ Please Do NOT:

  • Access or modify data that doesn't belong to you
  • Perform actions that could harm our users or services
  • Use automated scanning tools excessively
  • Publicly disclose the vulnerability before we've fixed it
  • Demand payment or threaten disclosure
  • Violate any applicable laws

โœ… We Ask That You:

  • Give us reasonable time to fix the issue (typically 90 days)
  • Provide enough detail to reproduce the vulnerability
  • Act in good faith to avoid privacy violations
  • Delete any data you accessed during research
  • Refrain from degrading our services

5. Our Commitment

When you report a vulnerability in good faith according to these guidelines:

  • We will not take legal action against you
  • We will keep you informed of our progress
  • We will credit you (if desired) when we fix the issue
  • We will respond within the timelines stated above

๐Ÿ† Recognition

While we do not currently offer a bug bounty program, we appreciate security researchers who help improve our security. With your permission, we can acknowledge your contribution on this page or provide a letter of acknowledgment.

6. Incident Response

In the event of a security incident:

  • We will investigate promptly and take corrective action
  • If user data is affected, we will notify affected users as required by law
  • We will document incidents and use lessons learned to improve

7. User Security Tips

๐Ÿ’ก Protect Yourself Online

  • Use updated browsers: Keep your browser updated for latest security patches
  • Be cautious with links: Only access our site via omnicalculator.space
  • Check for HTTPS: Ensure you see the padlock icon in your browser
  • Avoid public WiFi: Use caution when using public networks
  • Report suspicious activity: Let us know if you see anything unusual

โ“ Frequently Asked Questions

Q: Is my calculator data transmitted over the internet?
No. The values you enter into our calculators are processed entirely in your web browser using JavaScript. We do not collect, store, or transmit the numbers you enter. Your calculations remain private on your device.
Q: How do I report a security vulnerability?
Email info@omnicalculator.space with subject "Security Vulnerability Report." Include a description, steps to reproduce, affected URLs, and any proof-of-concept. We will acknowledge your report within 3 business days.
Q: Do you offer a bug bounty program?
We do not currently offer monetary rewards, but we appreciate security researchers and can provide acknowledgment with your permission. We will not take legal action against researchers who follow our responsible disclosure guidelines.
Q: How long does it take to fix a reported vulnerability?
Timeline depends on severity. Critical vulnerabilities are prioritized and may be fixed within 24-48 hours. Less severe issues may take longer. We will keep you informed of our progress and typically aim to resolve issues within 90 days.
Q: Is your website connection secure?
Yes. All connections to OmniCalculator.Space use TLS/SSL encryption (HTTPS). You can verify this by checking for the padlock icon in your browser's address bar. This encrypts data transmitted between your browser and our servers.

๐Ÿ“š Official Resources

๐Ÿ“š Related Pages