Data Security Policy: Our Client-Side First Approach

At **CheckBodyScore.com**, **data security** is not an afterthought; it is the **foundation of our design**. Our **Security Policy** is built on a single, powerful principle: **we cannot lose what we do not have**. This policy details our technical and procedural safeguards.

1. Data Handling and Processing

Client-Side Processing (The "No Server" Approach)

When you use any calculator on our site, all calculations are performed by your device's web browser. The JavaScript code runs locally, ensuring that your inputs (e.g., age, weight, salary, health metrics) **never leave your computer**. This **client-side security** model eliminates the primary risk of server-side data breaches.

No Data Storage

We do not store any calculator inputs in any database, log file, or server-side cache. Your data is **ephemeral**—it exists only for the instant you use the tool and is gone when you close the page. This guarantees **maximum user data security**.

Anonymous Usage

We do not require user accounts, registration, or logins to use our tools. This commitment to **anonymous calculation** ensures that your metrics are never tied to your identity.

2. Transmission Security

HTTPS and SSL/TLS Encryption

The entire **CheckBodyScore.com** website is served exclusively over **HTTPS**, secured by strong **SSL/TLS encryption**. This protects your connection from eavesdropping and ensures that the (non-sensitive) page content and our (client-side) calculator scripts are delivered to you securely and without tampering.

3. Infrastructure and Software Security

Web Application Firewall (WAF)

Our site is protected by a leading Web Application Firewall (WAF) and DDoS mitigation service. This service blocks malicious traffic, SQL injection attempts, and Cross-Site Scripting (XSS) before they can reach our servers, ensuring the integrity of our platform.

Regular Security Audits and Patching

We conduct regular **security audits** of our server environment and software dependencies. All server software is patched promptly to protect against known vulnerabilities. This proactive **data protection** strategy minimizes our attack surface.

4. Third-Party Vendor Security

Advertising and Analytics

We use reputable third-party services for advertising (Google AdSense) and analytics (Google Analytics). These services are isolated from our calculator tools and **do not** have access to the data you input. They may use standard tracking cookies for their own operations, as detailed in our **Privacy Policy**.

Contact Form

Our contact form is managed by a secure, industry-standard third-party service (Formspree). This ensures that your messages are transmitted securely without being stored on our primary web servers, further compartmentalizing risk.

5. Our Commitment to User Trust

Your trust is paramount. Our entire **data security policy** is designed to be transparent and to give you full control. By processing all sensitive data on your own device, we offer a **"zero-knowledge"** security model regarding your personal metrics.

For questions about our security practices, please contact us. For details on non-calculator data, please review our Privacy Policy.