Security & Data Boundaries
RuinShield separates open public verification features from member-only reports, contractor profiles, checkout-backed access, and admin surfaces. Public visitors can search the directory preview, run the Risk Score preview, and view stats and pricing; member routes require login; and paid workflows require an active entitlement before showing protected reports or contractor tools.
A core principle is the split between open public data and protected intelligence: public licensing and board disciplinary records that any homeowner can already get from a state board stay openly searchable, while member reports, exports, saved lists, contractor analytics, and admin tooling stay behind authentication, entitlement, and role checks.
Checkout flows route through Stripe-backed sessions, and production webhooks must verify signatures before granting entitlements or updating subscription state. Authentication and any payment or webhook secrets are designed to live in server-side configuration and managed secret stores, never in client code or the public bundle.
The product exposes only the public fields needed for contractor lookup, and the bulk screener keeps working lists in your own browser until you choose to export them. Production traffic is intended to be served over HTTPS with data encrypted in transit.
Suspected security issues should be reported through the contact page rather than disclosed publicly, without accessing or altering data that is not yours; coordinated-disclosure instructions will be published there as the support process matures.