A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

# Valid Locations of this file
Canonical: https://datenschutz-berlin.de/.well-known/security.txt
Canonical: https://www.datenschutz-berlin.de/.well-known/security.txt
Canonical: https://kontakt.datenschutz-berlin.de/.well-known/security.txt
Canonical: https://meldeformular.datenschutz-berlin.de/.well-known/security.txt
Canonical: https://openpgpkey.datenschutz-berlin.de/.well-known/security.txt
Canonical: https://data-kids.de/.well-known/security.txt

# Contact information
Contact: mailto:infosec@datenschutz-berlin.de
Encryption: https://datenschutz-berlin.de/.well-known/infosec_public.asc

# Further information
Expires: 2026-01-01T12:00:00.000+01:00
Preferred-Languages: de, en
Acknowledgments: https://www.datenschutz-berlin.de/infothek/sicherheitsdanksagungen/

-----BEGIN PGP SIGNATURE-----

iHUEARYKAB0WIQSL06O6qpsjPFS588T5fEk2MacXUwUCZ4fTSQAKCRD5fEk2MacX
U8xkAP9pm/pzah3y955PV5a9xqNaU/TG2FfB6M8wUPX5cgwzIAD/ciCfLwwLkZpS
PvzvwkUn/l5an7zk2Q1s2htqsGhoVwQ=
=Hq0y
-----END PGP SIGNATURE-----