Security

Security is built into how we run 0gaps. This page summarizes the measures we take to protect your data and our infrastructure, and how to report a vulnerability.

1. A minimal attack surface

This website is a static site with no application backend or database of its own. There is no server-side code for an attacker to exploit and no customer database stored on the site itself. This deliberately keeps our attack surface small.

2. Encryption in transit

All traffic to and from our website is served over HTTPS/TLS. Data you submit — such as your email address — is encrypted in transit to our email provider.

3. How we handle your data

• Email addresses are stored with Brevo, our email provider, which maintains its own security and compliance program.
• The website is hosted on Vercel, which provides enterprise-grade infrastructure security and global delivery.
• We collect only the data we need, which limits the impact of any incident.

4. Access controls

Access to the accounts and tools that hold contact data is limited to authorized team members, protected by strong authentication. We follow the principle of least privilege.

5. Reporting a vulnerability

We welcome responsible disclosure from the security community. If you believe you have found a security vulnerability, please email security@0gaps.com with:

• A description of the issue and where you found it.
• Steps to reproduce it, including any proof-of-concept.
• The potential impact, as you understand it.

Please give us a reasonable time to investigate and remediate before any public disclosure, and avoid accessing or modifying data that is not yours.

6. Our commitment

We investigate all credible reports promptly, work to resolve confirmed issues in a timely manner, and will keep you informed of the outcome. We do not pursue legal action against researchers who act in good faith and within this policy.

7. Contact

For any security question, reach us at security@0gaps.com.