# Security disclosure policy for Mindiam (mindiam.com)
# Per RFC 9116: https://www.rfc-editor.org/rfc/rfc9116
# Bots, researchers, and scanners auto-discover this file at /.well-known/security.txt

Contact: mailto:security@mindiam.com
Expires: 2027-05-09T00:00:00.000Z
Preferred-Languages: en
Canonical: https://mindiam.com/.well-known/security.txt

# Acknowledgements + safe harbour
# We thank security researchers who report responsibly. We will not
# pursue legal action against good-faith research that:
#   - Avoids privacy violations, data destruction, or service degradation
#   - Stops once a flaw is found and reports promptly
#   - Does not disclose publicly until we've had a reasonable window to fix