Contact: mailto:security@dronescale.com
Expires: 2027-01-12T00:00:00.000Z
Preferred-Languages: en
Canonical: https://dronescale.com/.well-known/security.txt

# Security Policy

DroneScale, Inc. is committed to protecting the security of our systems and data. We welcome responsible disclosure of security vulnerabilities.

# Reporting a Vulnerability

If you believe you have discovered a security vulnerability in our systems, please report it to us at security@dronescale.com.

Please include:
- Description of the vulnerability
- Steps to reproduce the issue
- Potential impact
- Any proof-of-concept code or screenshots

# Response Process

We will:
- Acknowledge receipt within 48 hours
- Provide an estimated timeline for resolution
- Keep you informed of our progress
- Credit you in our security acknowledgments (if desired)

# Scope

This policy applies to:
- dronescale.com and all subdomains
- DroneScale APIs and services
- DroneScale software and applications

# Safe Harbor

We support safe harbor for security researchers who:
- Make a good faith effort to avoid privacy violations and data destruction
- Only interact with accounts you own or with explicit permission
- Do not exploit vulnerabilities beyond the minimum necessary to demonstrate the issue
- Report vulnerabilities promptly

# Out of Scope

The following are outside the scope of our vulnerability disclosure program:
- Social engineering attacks
- Physical attacks against DroneScale facilities or personnel
- Denial of Service (DoS) attacks
- Spam or phishing attacks

Thank you for helping keep DroneScale and our users secure.