LSCWC - Digital Spelling Learning App | Look Say Cover Write Check Method

Our Security Commitment

At LSCWC, we take security seriously. While our service is simple and doesn't collect personal data, we implement industry-standard security practices to protect our users and infrastructure.

Data Security

We employ multiple layers of security to protect your experience:

Client-Side Processing

All PDF generation happens in your browser. Your word lists never leave your device.

No Data Storage

We don't store your word lists, student names, or any personal information on our servers.

HTTPS Encryption

All connections to LSCWC use TLS/SSL encryption to protect data in transit.

Infrastructure Security

Our infrastructure is designed with security best practices:

• Regular security updates and patches
• Firewall protection and intrusion detection
• DDoS mitigation and rate limiting
• Secure server configuration and hardening
• Regular backups and disaster recovery procedures
• Monitoring and logging of security events

Application Security

We follow secure development practices to protect against common vulnerabilities:

• Protection against XSS (Cross-Site Scripting) attacks
• CSRF (Cross-Site Request Forgery) protection
• Input validation and sanitization
• Secure headers and content security policies
• Regular code reviews and security testing
• Dependency scanning for known vulnerabilities

Privacy-First Design

Security and privacy go hand-in-hand at LSCWC:

• No tracking cookies or analytics scripts
• No third-party advertising or data sharing
• No user accounts or authentication required
• Minimal server-side logging (only for security purposes)
• Automatic log deletion after 30 days

Third-Party Services

LSCWC minimizes the use of third-party services to reduce security risks. We carefully vet any external services and ensure they meet our security standards. Currently, we do not use third-party analytics, advertising, or tracking services.

Responsible Disclosure

We welcome security researchers and users to report potential vulnerabilities. If you discover a security issue, please follow responsible disclosure practices:

Report a Security Issue

• Email us at security@lscwc.com with details of the vulnerability
• Do not publicly disclose the issue until we've had time to address it
• Provide steps to reproduce the issue if possible
• Allow us reasonable time to respond and fix the issue

We commit to acknowledging security reports within 48 hours and providing regular updates on our progress toward a fix.

Browser Security

To ensure the best security experience, we recommend:

• Using the latest version of modern browsers (Chrome, Firefox, Safari, Edge)
• Keeping your browser and operating system up to date
• Using antivirus software and keeping it updated
• Being cautious of phishing attempts or fake LSCWC websites
• Verifying you're on the correct domain before using the service

Incident Response

In the unlikely event of a security incident:

• We will investigate and contain the incident immediately
• Affected users will be notified if their data was impacted
• We will publish a transparent post-mortem of the incident
• Measures will be implemented to prevent similar incidents

Given that we don't store user data, the risk and impact of data breaches is minimal.

Security Updates

This security policy may be updated as we improve our practices or in response to new threats. Major changes will be highlighted on this page. We encourage users to review this policy periodically.

Contact Us

For general security questions or concerns, please contact us through our Contact Page. For security vulnerabilities, please email security@lscwc.com directly.

SecurityPolicy