A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# Contact us about the flaw
Contact: mailto:support@schmeits.com
Contact: mailto:info@schmeits.com
Preferred-Languages: nl, en

# This file
Canonical: https://schmeits.com/.well-known/security.txt

# Expiration date
Expires: 2023-05-30T22:00:00.000Z

# Contact us with a PGP key
Encryption: https://schmeits.com/pgp-key.asc

# Look at our security policy
Policy: https://schmeits.com/algemene-voorwaarden

# Our security aknowledgements page
Acknowledgments: https://schmeits.com/algemene-voorwaarden