Security Policy

Report A Security Concern

Email [email protected] with a security subject line. If the concern involves privacy rights or data-access requests, use [email protected] or ask for privacy escalation through support.

What To Include

• A short summary of the concern and affected URL, account area, report link, or API route.
• Reproduction steps, timestamps, browser or client details, and screenshots when they do not expose private data.
• The likely impact and whether customer data, report links, payment references, or credentials may be affected.
• A contact address where TraxInteL can ask follow-up questions.

Scope

• TraxInteL public website pages and policy routes.
• Authenticated dashboard, account, support, report, and secure share-link flows.
• Customer-visible report delivery, export, and revocation surfaces.
• Security-sensitive API routes that process authentication, payment references, support, reports, sharing, or privacy requests.

Boundaries

• Do not access, modify, delete, exfiltrate, or publish data that is not yours.
• Do not test against accounts, report links, exports, or customer workspaces without authorization.
• Do not run denial-of-service, spam, social-engineering, physical-security, or employee-targeting tests.
• Stop testing and report promptly if you encounter private data, credentials, API keys, session tokens, or payment details.
• Do not request payment, bug bounty, or public credit before TraxInteL validates the report and agrees in writing.

Related Notices

• Support & Escalation Policy
• Status & Incident Notices
• Privacy Policy
• Data Retention & Deletion Policy

For non-security support requests, email [email protected].