Responsible Disclosure Policy

At Inquira Technologies B.V., we prioritize the security of our systems. However, despite our best efforts, vulnerabilities may exist. We appreciate your help in identifying these vulnerabilities and encourage responsible disclosure to protect our users and systems.

Guidelines for Disclosure

Please follow these guidelines when reporting vulnerabilities:

• Email your findings to security@inquira.health
• Encrypt sensitive information using our PGP key
• Do not exploit the vulnerability beyond what's necessary to demonstrate the issue
• Do not access, modify, or delete data belonging to others
• Maintain confidentiality until the vulnerability has been resolved
• Avoid attacks on physical security, social engineering, DDoS, spam, or third-party applications

Required Information

Please provide sufficient details to help us reproduce and fix the issue:

• The IP address or URL of the affected system
• A clear description of the vulnerability
• Steps to reproduce the issue
• Any additional context that might help us understand and address the problem

Our Commitment

• We will acknowledge your report within 3 business days
• We will not pursue legal action if you follow these guidelines
• We will maintain confidentiality regarding your report and personal details
• We will keep you updated on our progress in resolving the issue
• We will credit you as the discoverer (unless you prefer to remain anonymous)
• We offer rewards for previously unknown security issues, with amounts based on severity and report quality