Responsible Disclosure Policy for Xedule B.V.

Contact: security@xedule.nl

1. Purpose:
We value the security of our users and seek to create a safe digital environment. This policy outlines our approach to handling potential security vulnerabilities and encourages collaboration with security researchers.

2. What to Report:
We welcome reports on any security vulnerability including software bugs, unauthorized access, or data leaks.

3. How to Report:
To report a vulnerability, please email us at security@xedule.nl with the following details:
   - A detailed description of the suspected vulnerability.
   - Steps to reproduce the issue.

4. Responsible Conduct by Researchers:
We expect researchers to:
   - Not exploit or misuse any vulnerability.
   - Refrain from deleting or altering data.
   - Keep findings confidential until the vulnerability is resolved.

5. Our Responsibilities:
Researchers can expect the following from us:
   - Acknowledgment of the report within a reasonable time frame.
   - A timely resolution to the reported vulnerability.
   - If desired, public acknowledgment of the researcher’s contribution.

6. Legal Protection:
We pledge not to take legal action against researchers who adhere to this policy and avoid willful harm.

By fostering collaborative efforts in addressing security vulnerabilities, we strengthen the overall security of our systems.