A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

Contact: mailto:security@pactlyapp.com
Contact: https://pactlyapp.com/en/contact
Expires: 2025-12-31T23:59:59.000Z
Encryption: https://pactlyapp.com/.well-known/pgp-key.txt
Acknowledgments: https://pactlyapp.com/security-acknowledgments
Preferred-Languages: en, de, es, fr
Canonical: https://pactlyapp.com/.well-known/security.txt
Policy: https://pactlyapp.com/security-policy

# Security Policy for PactlyApp
# 
# We take security seriously. If you discover a security vulnerability,
# please report it to us through one of the contact methods above.
# 
# Please do NOT:
# - Access or modify data that doesn't belong to you
# - Disrupt our services or infrastructure
# - Perform any attacks against our users
# - Publicly disclose vulnerabilities before we've had a chance to fix them
# 
# We appreciate responsible disclosure and will work with you to
# address any legitimate security concerns.