A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

## we appreciate your interest and efforts in the security of tv2.dk. 
## Please send your concerns and thoughts to:
Contact: mailto:security@tv2.dk

## If information is confidential, we would appreciate if you could encrypt it using our openpgp key:
Encryption: https://tv2.dk/.well-known/security_at_tv2_dk_openpgp_pub.txt

## Our policy for responsible disclosure can be found here:
Policy: https://omtv2.tv2.dk/media/126365/tv_2_responsible_disclosure.pdf

## Bug Bounty / Reward statement
## -----------------------------
## TV 2 does not have a bug bounty/reward program and will therefore not offer paid bug rewards.
## We do offer tokens of our appreciation to security researchers who take the time and effort to 
## investigate and report security vulnerabilities to us.
##
## Best regards
## TV 2 Security team