Vulnerability Disclosure Policy

seoClarity Platform

At seoClarity, we take security very seriously. We recognize the valuable role that security researchers and individuals play in helping us maintain the security and privacy of our platform. We appreciate your assistance in identifying any vulnerabilities and weaknesses in our systems. 

If you have discovered a potential security vulnerability on our platform, we encourage you to report it to us as soon as possible, so that we can address the issue promptly. 

We understand that some security researchers may be interested in participating in a Bug Bounty Program and earning rewards for their findings. While we do not have a Bug Bounty Program in place at this time, we appreciate the efforts of security researchers and are committed to acknowledging and crediting them for their contributions to our security efforts. 

Eligibility for Reporting 

To be eligible for reporting, the vulnerability must be a legitimate security issue and should not cause any data breach or harm to our users, data or systems.

Responsible Disclosure Guidelines 

If you have identified a potential security vulnerability, please report it to us as soon as possible. We encourage responsible disclosure of vulnerabilities and request that you refrain from disclosing the issue publicly until we have had an opportunity to investigate and remediate the issue. 

Please provide us with the following information when reporting a potential vulnerability: 

1. A detailed description of the vulnerability 

1. Any tools or techniques used to identify the vulnerability 

1. Any proof-of-concept code, if applicable
   
   

Contact Information for Reporting 

You can report a potential vulnerability to us by emailing our security team at security@seoclarity.net. Our security team will acknowledge receipt of your report within 24 hours and will provide you with an estimated timeframe for when we expect to address the issue. 

Legal Protections 

We will not pursue legal action against security researchers who report vulnerabilities to us in good faith and in accordance with this policy. 

Communication and Disclosure 

We will keep you informed of the status of your report and any remediation efforts. We will also provide you with appropriate credit for your discovery, unless you request otherwise.
 

Timing for Remediation 

We will use commercially reasonable efforts to address the reported vulnerability as soon as possible, and no later than 30 days from receipt of the report. If remediation efforts are ongoing, we will keep you informed of our progress. 

Scope of Policy 

This policy applies to our online SaaS platform and does not cover vulnerabilities on any other third-party applications or systems that may integrate with our platform. 

Acknowledgement 

By submitting a report, you acknowledge that you have read and agree to this policy.