If you discover a security vulnerability, please email us at contact@qamax.co with:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
We will respond within 48 hours and work with you to resolve the issue.
- All data encrypted at rest (AES-256) and in transit (TLS 1.3)
- Secrets stored with Fernet encryption
- Regular dependency audits
- No customer data stored in public repositories
- Role-based access control
We ask that you:
- Give us reasonable time to fix issues before public disclosure
- Avoid accessing or modifying other users' data
- Act in good faith