At Playful Sparkle, we take the security of our digital solutions, our clients' data, and our own infrastructure very seriously. We are committed to protecting the integrity and confidentiality of the systems and projects we develop and maintain. This includes our work in branding, web design, web development, app development, digital marketing, graphic design, and the various software tools and libraries we create, such as browser extensions, Visual Studio and Visual Studio Code extensions, and JavaScript and Python libraries.

If you believe you have discovered a security vulnerability in any of Playful Sparkle's projects, websites, applications, software, or systems, we encourage you to report it to us as quickly as possible.

Please do not disclose security vulnerabilities publicly through GitHub issues, social media, or other public channels.

Instead, please report security vulnerabilities directly to us via email at [email protected].

When reporting a security vulnerability, please provide as much detail as possible to help us understand and reproduce the issue. Including the following information will help us triage your report more efficiently:

• A clear description of the vulnerability.
• The specific asset(s) affected (e.g., the name and version of a browser extension, the specific Visual Studio Code extension, the name of a JavaScript library, a website URL, etc.).
• Steps to reproduce the vulnerability.
• The type of issue (e.g., cross-site scripting, SQL injection, broken access control, code injection, etc.).
• Information about the environment where the vulnerability was found (e.g., browser type and version, IDE version, operating system, relevant library versions).
• Any proof-of-concept code or exploits.
• The potential impact of the vulnerability.

We are committed to acknowledging receipt of your report within 24-48 hours and will provide an estimated timeline for addressing the vulnerability. We appreciate your patience and cooperation as we investigate and mitigate the reported issue.

We prefer to receive security reports and communications in English, though we will do our best to handle reports in other languages if necessary.

Playful Sparkle is dedicated to implementing appropriate security measures throughout our development lifecycle and in the services and software we provide. We continuously work across all our areas of expertise, from web development to creating developer tools, to improve our security posture and respond to security incidents promptly and effectively. We believe in the principles of coordinated vulnerability disclosure and will work with security researchers to address valid vulnerabilities in a timely manner.

Thank you for helping us keep Playful Sparkle and our clients secure.