Security Policy

How we protect your privacy with zero data collection and an A+ security rating

Our Security Commitment

Praxis Library maintains an A+ Content Security Policy (CSP) rating with zero external dependencies. Every line of code—HTML, CSS, and JavaScript—is served from our own domain. Nothing is loaded from third-party servers.

For a detailed technical walkthrough of our security architecture, see our Security Showcase.

What We Protect

No Data Collection

We collect no personal information. There are no accounts, no registration forms, no email sign-ups, and no analytics tracking. There is no user data to breach because we never collect it in the first place.

No Cookies or Tracking

Praxis sets no cookies. We use no analytics services, no tracking pixels, no fingerprinting, and no advertising networks. Your browsing activity on this site is not monitored or recorded.

No External Requests

When you visit Praxis, your browser communicates only with our server. No requests are made to Google, Facebook, Amazon, or any other third-party service. Zero external dependencies means zero third-party exposure.

Content Security Policy

Our Content Security Policy (CSP) tells browsers exactly what is allowed to run on each page. In plain terms:

  • Scripts can only run from our own domain—no inline scripts, no external scripts
  • Styles can only load from our own domain—no inline styles, no external stylesheets
  • Images, fonts, and media can only load from our own domain
  • No content can be embedded in frames on other sites
  • All connections are restricted to our own origin

This policy prevents cross-site scripting (XSS), data injection, and other common web attacks by design.

Browser Storage

The only data stored on your device is your accessibility preferences, saved in your browser's localStorage. This includes settings like:

  • Text size preference
  • High contrast mode
  • Screen dimming level

These preferences stay on your device. We have no access to them. You can clear them at any time through your browser settings or by clicking "Reset to Defaults" in the accessibility panel.

Zero Dependencies

Praxis Library uses no third-party JavaScript libraries, CSS frameworks, or external packages. Everything is built from scratch:

  • One CSS file (styles.css)—no Bootstrap, Tailwind, or external frameworks
  • One JavaScript file (app.js)—no jQuery, React, or external libraries
  • No CDN dependencies—no Google Fonts, Font Awesome, or external assets
  • No npm packages—no supply chain attack surface

This means there are no third-party dependencies that could introduce vulnerabilities, and no external code that could change without our knowledge.

Vulnerability Reporting

If you discover a security issue with Praxis Library, please contact us at bas.rosario@gmail.com. We take every report seriously and will respond promptly.

Please include a description of the issue and steps to reproduce it. We appreciate responsible disclosure and will credit reporters (with permission) when issues are resolved.

Policy Details

Effective date: February 9, 2026

Questions? Contact us at bas.rosario@gmail.com

This policy may be updated as our security practices evolve. Changes will be reflected on this page with an updated effective date.