Responsible Disclosure Policy

At ProcoliX, we value the work of security researchers in keeping our systems safe. If you discover a vulnerability, please follow these guidelines:

How to Report

• Email us at security@procolix.eu (PGP encryption recommended: PGP Key).
• Include a description, steps to reproduce, and potential impact.

Rules for Responsible Disclosure

• Do not exploit or disclose the vulnerability before we fix it.
• Do not access, modify, or delete user data.
• Do not conduct testing that disrupts services (e.g., DoS).
• Allow us reasonable time (typically 90 days) to resolve the issue.

Our Commitment

• We’ll acknowledge your report within 3 business days.
• We’ll provide updates and aim for a timely fix.
• You may be publicly credited in our Hall of Fame (if applicable).
• We won’t take legal action against responsible security researchers as long as they abide by these rules.