Skip to content
SNOWBROS

Legal

Security & Responsible Disclosure

We take security seriously — on this site and in everything we build.

Last updated June 2026

How this site is protected

The site is served over HTTPS with a strict Content Security Policy and modern security headers, including HSTS, frame protections, and a restrictive referrer policy.

We minimize client-side JavaScript, validate all input server-side, and store no unnecessary data.

Reporting a vulnerability

If you believe you have found a security issue, email security@snowbros.studio with details and steps to reproduce. Please give us a reasonable window to respond before any public disclosure.

We will acknowledge your report, keep you updated, and credit you if you wish once the issue is resolved.

Scope

Testing must not harm users or data. No denial-of-service, no social engineering, and no automated scanning that degrades service for others.