Contact: mailto:security@betterdata.co
Expires: 2025-12-31T23:59:59.000Z
Preferred-Languages: en
Canonical: https://betterdata.co/.well-known/security.txt
Policy: https://betterdata.co/trust/security
Acknowledgments: https://betterdata.co/trust/security

# BetterData Security Policy

We take security seriously and appreciate responsible disclosure of security vulnerabilities.

## Reporting a Vulnerability

If you discover a security vulnerability, please report it to security@betterdata.co. We will:

- Acknowledge receipt within 24 hours
- Provide an initial assessment within 3 business days
- Keep you informed of our progress
- Work with you to understand and resolve the issue

## What to Include

- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Suggested fix (if any)

## Response SLA

- Initial response: 24 hours
- Status update: 3 business days
- Resolution timeline: Depends on severity (typically 30-90 days)

## Scope

- betterdata.co domain and subdomains
- Our production applications and APIs
- Infrastructure and services we operate

## Out of Scope

- Social engineering attacks
- Physical security issues
- Denial of service attacks
- Issues requiring physical access to devices

Thank you for helping keep BetterData secure.