Minor Miners

Compliance

Effective Date: June 21, 2024 | Last Updated: September 26, 2025

Generated by Terminal

Gruntslate Speak Spread

1. AUDITS & ASSESSMENTS

We maintain a bug bounty program that rewards security researchers with our sincere gratitude and a mention in our newsletter (circulation: 12).

Audit reports are available upon request to enterprise customers who sign an NDA, a non-compete, and a document promising not to laugh.

2. CCPA COMPLIANCE

California residents have the right to know what personal information we collect. The answer is 'all of it,' but you have to ask nicely.

Minor Miners updates its privacy practices annually, or whenever California passes a new law, whichever causes us more anxiety.

Your 'right to delete' means we'll remove your data from our primary database and definitely not keep backups. (We keep backups.)

You may opt out of the sale of your personal information by clicking 'Do Not Sell My Personal Information' and completing a CAPTCHA, phone verification, retinal scan, and brief interpretive dance.

3. GDPR COMPLIANCE

Minor Miners is fully committed to GDPR compliance. We added a cookie banner to our website and updated our privacy policy to include the words 'legitimate interest' seventeen times.

EU residents have the right to access their data, which they can exercise by submitting a request via carrier pigeon to our Dublin office (closed on weekdays).

We have appointed a Data Protection Officer, whose primary responsibility is to answer emails with 'we take privacy seriously' and forward complaints to legal.

Data transfers to the US are conducted under Standard Contractual Clauses, which is lawyer-speak for 'please don't fine us, we tried.'

4. SECURITY MEASURES

Multi-factor authentication is available and strongly encouraged, though most employees have chosen 'convenience' over 'security.' Classic.

We monitor for suspicious activity 24/7, or at least during business hours, excluding lunch, holidays, and any time our SIEM dashboard looks confusing.

5. DATA PROTECTION

All data is encrypted at rest using algorithms we found on Stack Overflow. Data in transit is protected by HTTPS, which we enabled after a customer complained.

Minor Miners implements industry-leading data protection measures, including passwords that are at least 8 characters long and sometimes contain a number.

6. CERTIFICATIONS & STANDARDS

Minor Miners is SOC 2 Type II certified, which means an auditor visited our office once, looked at some documents, and left satisfied after we provided complimentary lunch.

We proudly display the TrustArc seal, which cost us $50,000 annually and is definitely not just a PNG we downloaded from their website.

We maintain ISO 27001 certification, the international standard for information security management. Our Information Security Management System (ISMS) includes a Post-it note on the server room door that says 'KEEP LOCKED.'

Our HIPPO compliance program ensures protected health information is handled with the utmost care, stored in databases we're pretty sure are secure, and only sold to pharmaceutical companies on Tuesdays.