Security & Trust — BarkParks

BarkParks is a static site delivered on GitHub Pages. This page explains the practical security controls we use today and the limits of what we claim.

Data Protection

BarkParks keeps data collection light. The marketing site is primarily static content, and interactive features only collect what is needed for the experience you choose to use.

  • HTTPS is used for site delivery so data is encrypted in transit between your browser and the site.
  • When content, configuration, or analytics data is stored by our hosting and service providers, we rely on their platform-managed encryption at rest.
  • We avoid asking for sensitive personal information on pages that do not need it.

Infrastructure Security

BarkParks runs as a static GitHub Pages deployment, which reduces the attack surface compared with a custom server stack.

  • No always-on custom application server is required to render the public site.
  • We review third-party scripts, external integrations, and page-level settings like Content Security Policy on a regular basis.
  • Updates focus on dependency hygiene, safe embeds, and limiting unnecessary access.

Privacy Commitment

We aim to collect the minimum information necessary to run the site, improve content, and respond to direct inquiries.

  • We do not describe BarkParks as a place to store sensitive financial or health data.
  • We use analytics and browser-side storage selectively to improve user experience and understand site usage.
  • We will review reasonable requests related to access, correction, or deletion for data shared directly with us.

Compliance Standards

As a static site, BarkParks is not claiming formal certification. Our goal is to follow privacy and security practices that fit the way the site operates.

  • We design pages with GDPR and CCPA principles in mind: notice, data minimization, and user requests.
  • We use secure transport, provider-managed storage protections, and documented reviews rather than overstating enterprise certifications.
  • We periodically audit site content, forms, and integrations for obvious security and privacy issues.

Responsible Disclosure

If you believe you found a security issue affecting BarkParks, please email security@barkparks.dog with clear reproduction steps, screenshots if helpful, and any relevant URLs.

  • Please do not attempt destructive testing, data exfiltration, denial-of-service activity, or anything that could harm visitors.
  • We will review credible reports, investigate responsibly, and prioritize fixes based on real risk.
Plain-English summary: BarkParks uses HTTPS everywhere, depends on provider-managed encryption at rest for stored site data, reviews integrations regularly, and avoids claiming controls that do not exist on a static GitHub Pages site.