Polityka Ujawniania Podatnosci
Uwaga: To jest dokument prawny dostepny wylacznie w jezyku angielskim w celu zapewnienia dokladnosci prawnej. Ponizej znajdziesz podsumowanie w jezyku polskim.
Podsumowanie
Jesli odkryjesz luke w zabezpieczeniach naszych systemow:
- Zglos ja e-mailem na adres mike@lovd.app
- Opisz podatnosc szczegolowo, wlaczajac kroki do odtworzenia
- Daj nam odpowiedni czas na reakcje przed publicznym ujawnieniem
- Nasze zobowiazanie: Potwierdzenie w ciagu 48 godzin, regularne aktualizacje i ochrona przed dzialaniami prawnymi
Poza zakresem: Ataki DoS, spam, inzynieria spoleczna, ataki fizyczne i aplikacje stron trzecich.
Pelna Polityka Ujawniania Podatnosci (angielski)
At lovd, we take security seriously. We appreciate the security research community and believe in responsible disclosure of security vulnerabilities.
Reporting a Vulnerability
If you believe you've discovered a security vulnerability in our systems, please follow these steps:
- Email us at mike@lovd.app with a detailed description of the vulnerability.
- Include steps to reproduce the issue
- Provide any proof-of-concept code if applicable
- Allow us reasonable time to respond and address the issue before public disclosure
Our Commitment
When working with us, you can expect:
- Acknowledgment of your report within 48 hours
- Regular updates on the progress of your report
- Recognition for your contribution (if desired)
- Protection from legal action when following our responsible disclosure policy
Scope
This policy applies to all lovd products and services, including:
- Our web applications and APIs
- Mobile applications
- Infrastructure components
Out of Scope
The following are not considered valid vulnerabilities under this policy:
- Denial of Service (DoS) attacks
- Spam or social engineering attacks
- Physical security attacks
- Third-party applications or websites