Security Disclosure

If you've noticed something on our site that looks wrong — a defaced page, a suspicious redirect, a broken script behaving unexpectedly, or anything that could harm visitors — please drop us a line. We're a small team and genuinely appreciate the heads-up.

You don't need to write a formal report — a plain email works fine. It helps if you include:

• A short description of what you noticed and where — the page URL is a great start.
• Steps to reproduce the issue, or a screenshot if that's easier.
• What browser or device you were on — sometimes that matters for frontend issues.
• Your contact details if you'd like us to follow up with you directly.

We're a small team, not a dedicated security operation. Here's what we can honestly commit to:

Since our site is static with no user accounts or sensitive backend, most issues we'd encounter are cosmetic or supply-chain in nature — so fixes are typically straightforward. We'll always let you know what we found and what we did about it.

This policy covers the website assets we directly own and control under the thesocialmagas.com domain — including its pages, scripts, styles, and DNS configuration.

We have no interest in taking legal action against anyone who reports an issue in good faith. Since we're a static informational site with no user accounts or stored personal data, the bar here is simple — just don't do anything harmful while exploring:

• Don't attempt to access, scrape, or interfere with contact submissions made via our Google Form — those belong to Google's infrastructure, not ours.
• Don't deface, alter, or disrupt the site or its availability for visitors.
• Let us know before going public — we'll be quick about it.