# Security Policy for Cemates.me
# https://securitytxt.org/

Contact: mailto:security@cemates.me
Contact: mailto:contact@cemates.me
Expires: 2026-12-31T23:59:59.000Z
Encryption: https://cemates.me/.well-known/pgp-key.txt
Preferred-Languages: en, tr, pl, hu
Canonical: https://cemates.me/.well-known/security.txt
Policy: https://cemates.me/security-policy

# Acknowledgments
# We appreciate responsible disclosure of security vulnerabilities.
# Researchers who report valid issues will be acknowledged (with permission).

# Scope
# This security policy applies to:
# - cemates.me and all subdomains
# - Browser extensions: Local Route, Phonetic Pro
# - APIs and backend services

# Out of Scope
# - Third-party services and integrations
# - Social engineering attacks
# - Denial of service attacks

# Response Time
# We aim to respond to security reports within 48 hours.
# Critical vulnerabilities will be addressed immediately.

# Thank you for helping keep our users safe!