Responsible Disclosure Policy
Effective Date: December 2, 2024
1. Overview
At Cleaning Companion, we prioritize the security and privacy of our users. Despite our best efforts, vulnerabilities or bugs may occasionally be discovered. This Responsible Disclosure Policy outlines how security researchers, users, or anyone who discovers a vulnerability can report it to us in a responsible manner.
2. What to Report
We encourage you to report any security vulnerabilities or issues that could potentially impact the integrity, confidentiality, or availability of our systems or the data we manage. Examples include:
- Authentication or authorization flaws
- Cross-site scripting (XSS) vulnerabilities
- SQL injection attacks
- Server configuration issues
- Any other security issues that could compromise our platform or users
3. Reporting a Vulnerability
To report a vulnerability, please follow these steps:
- Email us at support@cleaningcompcompanion.com with the subject line "Security Vulnerability Report".
- Include a detailed description of the vulnerability, including:
- Steps to reproduce the issue
- Potential impact of the vulnerability
- Any supporting evidence (e.g., screenshots, proof of concept)
- Provide your contact information so we can follow up if necessary.
4. What to Expect
After receiving your report, we will:
- Acknowledge receipt of your report within 3-5 business days.
- Investigate the issue and take appropriate steps to address it.
- Update you on the progress and resolution of the issue, if you provided contact details.
We request that you do not publicly disclose the vulnerability until we have resolved it and provided approval for disclosure.
5. Rules for Responsible Disclosure
To protect the safety of our systems and users, we ask that you:
- Do not exploit the vulnerability for personal or financial gain.
- Do not access, modify, or delete any data other than your own.
- Give us reasonable time to fix the issue before making any information public.
6. No Compensation
At this time, we do not offer monetary rewards or bounties for vulnerability reports. However, we deeply appreciate your efforts to help us improve the security of Cleaning Companion and may acknowledge your contributions if desired.
7. Legal Considerations
By submitting a vulnerability report, you agree not to undertake any actions that may be considered illegal under applicable laws. Unauthorized access, testing without consent, or any activity that could cause harm to our platform or users will not be tolerated.
8. Contact Information
If you have any questions or need to report a security issue, please contact us: