rocketdaddy@ai:~$ cat /legal/security/README.md
How we protect our infrastructure, our email sending domains, and your data.
Security is core to RocketDaddy's business — we build and operate access control, video surveillance, and infrastructure systems for our clients, and we hold our own environment to the same standard. This page summarizes the technical and organizational measures we use to protect our Site, our systems, and the data entrusted to us.
Personal information submitted through our Site (such as contact form and quote request data) is transmitted over encrypted connections and stored with access restricted to personnel who need it to do their jobs. We do not sell personal information, and we limit third-party data sharing to the service providers and partners necessary to fulfill your request. See our Privacy Policy for full detail.
We maintain sender authentication for our email-sending domains, including SPF, DKIM, and DMARC records, to help receiving mail servers verify that messages claiming to be from rocketdaddy.ai are legitimate and to reduce the risk of spoofing. We monitor our sending reputation and domain/URL blocklist status (including SURBL and comparable URI reputation services) as part of routine deliverability operations, and we investigate and remediate promptly if a listing occurs.
If you are a security researcher and believe you have found a vulnerability affecting RocketDaddy's Site or systems, we want to hear from you. Please report it responsibly:
We will acknowledge good-faith reports and will not pursue legal action against researchers who make a genuine, good-faith effort to comply with this policy.
Should a security incident affecting personal information occur, we will investigate promptly, take steps to contain and remediate the issue, and notify affected parties and regulators as required by applicable law.
For clients whose engagements involve physical security systems we design or install — including access control panels, door hardware, video surveillance, and intrusion detection — we follow manufacturer best practices for credential management, network segmentation of security devices, and fail-safe/fail-secure configuration appropriate to life-safety code requirements.
For security questions, vulnerability reports, or to request additional information about our practices, contact security@rocketdaddy.ai.
rocketdaddy@ai:~$ ./contact --channel=legal
Reach out to our team directly and we'll get back to you promptly.