Security

This page summarises the security posture for the public XeonTek website. Product-specific, client-specific, or service engagement security commitments are provided separately where applicable.

Website Security Model

This website is a static site hosted on Cloudflare Pages. It does not provide user accounts, payment processing, customer dashboards, or public APIs beyond form submission endpoints. The contact form is protected by Cloudflare Turnstile and delivered through Cloudflare Pages Functions.

Hosting and Subprocessors

Cloudflare provides hosting, CDN, security filtering, Turnstile bot protection, and the Pages Functions runtime for this website. Brevo provides transactional email delivery. Details about how website personal data is processed are in our Privacy Policy.

Vulnerability Disclosure

To report a security issue affecting this website, contact [email protected]. Please include enough detail to reproduce the issue and avoid actions that could disrupt service, access data that is not yours, or test third-party systems without permission.

Current Public Assurance Position

This website does not claim that XeonTek Ltd is ISO/IEC 27001 certified, ISO/IEC 27001 compliant, SOC 2 certified, or SOC 2 audited. Any future certification, audit, or compliance statements should identify the exact entity, scope, dates, and evidence behind the claim.

Security Controls for This Website

• Static deployment with no website user database
• TLS encryption in transit
• Cloudflare CDN and security services
• Cloudflare Turnstile protection on the contact form
• Security headers configured for the static site
• No analytics cookies or behavioural advertising cookies

Contact