A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# Information related to reporting security vulnerabilities of this site.

# How to communicate about security issues.
Contact: https://app.intigriti.com/programs/ovoenergy/ovovdp/detail

# Date and time after which this data is considered stale
Expires: 2025-03-10T23:59:59z

# Encryption

# Acknowledgements

# Preferred languages for communication.
Preferred-Languages: en

# The most common URL for accessing this security.txt file.
Canonical: https://www.ovoenergy.com/.well-known/security.txt

# What security researchers should do when searching for or reporting security issues.
Policy: https://www.ovoenergy.com/security

# Link to any security-related job openings in your organization.
Hiring: https://careers.ovo.com

# Please see https://securitytxt.org/ for details of the specification of this file.