A vulnerability disclosure policy (VDP), also referred to as a responsible disclosure policy, describes how an organization will handle reports of vulnerabilities submitted by ethical hackers. A VDP must thus be easily identifiable via a simple way, a security.txt notice.

##################
# Security.txt #
##################
# If you would like to report a security vulnerability found
# in one of our connected product or service, or Ecommerce system,
# please follow our Vulnerability Disclosure Policy.
Policy: link vdp.decathlon.net
# All reports must be submitted using our web form.
Contact: form link https://vdp.decathlon.net/p/Send-a-report
# We prefer initial reports written in English.
# You can use French too.
Preferred-Languages: English, French
# This security.txt is found at this address:
Canonical: .well-known/security.txt
Expires: 2024-12-31T23:59:59z