Reporting
Security issues should be submitted through Contact Support with category set to Privacy/Compliance and priority set to High or Critical.
Triage process
Submitted incidents are triaged by severity, reproducibility, and potential data impact.
- Critical: active compromise or high-risk exposure.
- High: material risk with near-term operational impact.
- Normal: lower-risk security hardening needs.
Containment and remediation
Containment actions may include token revocation, route-level mitigation, temporary feature restrictions, and credential rotation.
Post-incident remediation includes root-cause fixes and control updates.
Notification
Where required by contract or law, affected parties should be notified based on incident severity and jurisdictional obligations.
Trust Center
Security and privacy architecture overview.
Contact Support
Request compliance docs or submit data/security concerns.