Security

How we keep ntjtech.com safe. We are a small team running a marketing site — this page explains, in plain English, what that actually means in practice.

1. Transport security

Every page on ntjtech.com is served over HTTPS. Traffic between your browser and our site is encrypted in transit using TLS.

Certificates are issued by Let's Encrypt and renewed automatically by Netlify, so there is no manual key handling on our side and no risk of an expired certificate slipping through.

2. Hosting

The site is hosted on Netlify's global CDN as a static deployment. That means:

A static site has a deliberately small attack surface. There is very little for an attacker to talk to.

3. Data handling

We do not collect personal data through the website.

The product demos linked from this site run on the same static infrastructure and use fictional sample data. They are illustrative and should not be used to store anything real.

4. Payment data

We do not process payments on the website. No card numbers, no checkout, no payment forms — there is no payment surface here to attack.

When we work with a customer on a paid engagement, payment is handled off-site, via bank transfer against an invoice. Your card details never touch our infrastructure because we do not have any infrastructure that asks for them.

5. Source code & releases

The website's source code lives in a private version-controlled repository. Every change is reviewed before it ships.

Each deployment is an immutable static snapshot: once a version is published, the files for that version do not change. If we need to roll back, we redeploy a previous snapshot rather than editing files in place.

6. Responsible disclosure

If you believe you have found a security issue on ntjtech.com or in one of our public demos, we would genuinely like to hear about it.

Please email contact@ntjtech.com with a clear description of the issue and, where useful, steps to reproduce it.

We will acknowledge your report within 5 business days, work through it in good faith, and let you know what we did about it. Please give us a reasonable window to fix the issue before sharing it publicly.

We do not currently run a paid bug bounty programme — we are a small team — but we are happy to credit reporters who would like to be credited.

7. Honest limits

This page describes how we actually operate today, not how a much larger company might. We are a small team with a marketing site and a handful of public demos. We have deliberately chosen an architecture with as few moving parts as possible, because that is the most honest way for us to stay safe.

If your organisation has specific security requirements before working with us, please get in touch and we will answer plainly what we can and cannot offer.

8. Contact

Security-related: contact@ntjtech.com.


Last reviewed 11 July 2026. We will update this page when our infrastructure or practices change.