A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

# Please send security issues to our information security team
Contact: mailto:security@dotdigital.com

# Please check for an updated security.txt file before this date
Expires: 2024-12-31T00:00:00.000Z

# Please report any issues in English if possible
Preferred-Languages: en

# Dotdigital place huge importance on security and we welcome any responsible 
# disclosure. Please see our trust center for more details
Policy: https://dotdigital.com/trust-center/

# Want to come work for us? We're always looking for smart people to join
Hiring: https://careers.dotdigital.com