SECURITY

Responsible Disclosure

We take security seriously. If you've found a vulnerability in Connvertex systems, here's how to reach us safely.

Disclosure policy

We commit to:

  • Acknowledging your report within 3 business days
  • Keeping you informed of remediation progress
  • Not taking legal action against good-faith researchers
  • Crediting you (if desired) when the issue is resolved

We ask that you:

  • Give us reasonable time to remediate before public disclosure
  • Avoid accessing, modifying, or deleting data
  • Not perform denial-of-service attacks
  • Not social-engineer our staff or customers

How to reach us

SECURE FORM

Use our secure contact form — no email address required from you. Your message is encrypted in transit.

Contact us securely →

PGP ENCRYPTION

For encrypted email, use our PGP public key. Key for: security@connvertex.com

Download PGP key (pgp.asc) →

SENDSAFELY

For large files or sensitive attachments, use our SendSafely secure drop.

[TO BE PROVIDED]

Out of scope

  • Denial of service attacks
  • Social engineering of Connvertex staff
  • Physical security testing
  • Automated scanning without prior authorization