A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

#Our security address 
Contact: https://www.amsterdam.nl/en/general-items/items-footer/privacy-city-of-amsterdam/information-security/
 
#Our security policy
Policy: https://www.amsterdam.nl/en/general-items/items-footer/privacy-city-of-amsterdam/information-security/
 
#The preferred languages
Preferred-Languages: en, nl
 
# Our security acknowledgements page
Acknowledgments: https://www.informatiebeveiligingsdienst.nl/responsible-disclosure/2023-coordinated-vulnerability-disclosure-hall-of-fame/
 
#The security.txt expiry date and time
Expires: 2025-09-01T05:00:00.000Z