Security Policy

Vulnerability Disclosure Program

We welcome responsible security researchers to help us identify vulnerabilities in our systems. If you discover a security vulnerability, please follow these guidelines:

Reporting Guidelines

• Report vulnerabilities to: [email protected]
• Provide detailed information about the vulnerability, including steps to reproduce
• Allow us reasonable time to investigate and address the issue
• Do not exploit the vulnerability for any purpose other than testing
• Do not access, modify, or delete data that is not your own

What We Ask From You

• Play by the rules: follow responsible disclosure guidelines
• Don't break the law or violate our Terms of Service
• Focus on critical security vulnerabilities only
• Provide sufficient detail for us to reproduce and fix the issue

What We Promise

• Respond to your report within 7 business days
• Keep you informed of our progress
• Credit you in our Security Acknowledgments page (if desired)
• Work with you to understand and resolve the issue

Safe Harbor

We commit to not take legal action against security researchers who follow this policy. If you follow these guidelines, we will not pursue legal action or law enforcement involvement related to your research.

Security Best Practices

We implement industry-standard security practices including:

• Regular security audits and penetration testing
• Secure coding practices
• Encryption of data in transit and at rest
• Regular software updates and patching
• Access controls and authentication mechanisms
• Security monitoring and incident response procedures

Contact

For security-related inquiries or to report a vulnerability, please contact us at:

• Email: [email protected]