Security Policy

At KanaDojo, we take security seriously and strive to protect our website and users from potential threats. Although our website does not collect personal user data directly, we implement security measures to safeguard our platform.

1. Scope

This Security Policy applies to the KanaDojo website (kanadojo.com), including its infrastructure, content, and third-party services used (such as Google Analytics, Microsoft Clarity, and PostHog).

2. Website Security Practices

To ensure the security of our website, we:

• Use HTTPS (SSL/TLS encryption) to protect data transmitted between the website and users.
• Regularly update our software, dependencies, and third-party services to mitigate security vulnerabilities.
• Monitor for unauthorized access, potential threats, and security issues.
• Restrict administrative access to trusted personnel only.

3. Data Security & Privacy

We do not collect personal data directly. However, we use the following analytics services that gather anonymous usage information:

• Google Analytics - gathers page visits, browser type, and geographic location
• Microsoft Clarity - collects session recordings, heatmaps, and user interaction data
• PostHog - collects feature usage analytics and session replays

To enhance data security:

• We do not store sensitive or personally identifiable information.
• Google Analytics data is handled under Google's Privacy Policy.
• Microsoft Clarity data is handled under Microsoft's Privacy Statement.
• PostHog data is handled under PostHog's Privacy Policy.
• We allow users to opt out of analytics tracking using browser settings, privacy extensions, or the Google Analytics Opt-Out Add-on.

4. Handling Security Vulnerabilities

If you discover a security vulnerability on our website, we encourage responsible disclosure:

📩 How to Report a Security Issue

If you believe you have found a security issue, please contact us immediately via:

• 📧 Email: dev@kanadojo.com
• 📩 Bug Report Form: kanadojo.com/report

We appreciate ethical hacking and responsible disclosure and will investigate reported vulnerabilities promptly.

5. Third-Party Services & Dependencies

We utilize the following third-party services that have their own security policies:

• Google Analytics - Google Security
• Microsoft Clarity - Microsoft Security
• PostHog - PostHog Security

While we take precautions to only use reputable services, we cannot guarantee the security of third-party platforms.

Users visiting external links (e.g., third-party resources) should review those websites' security policies.

6. Future Improvements

We are committed to improving our security measures by:

• Periodically reviewing security best practices.
• Updating dependencies and performing security audits.
• Monitoring and mitigating emerging threats to ensure a safe browsing experience.

7. Changes to This Security Policy

We may update this Security Policy from time to time. Any changes will be published on this page with an updated effective date. Please review this policy periodically to stay informed about our security practices.

8. Contact Information

For any questions or concerns about this Security Policy, you can reach us at:

📧 Email: dev@kanadojo.com

---

Thank you for helping KanaDojo maintain a safe and secure website! 🚀