Security Policy
Effective Date: January 2026
Report Security Issues
At OnboardMe, we take security seriously and appreciate your help in keeping our platform safe. If you discover any security vulnerabilities or have concerns about the security of our systems, please report them immediately.
Contact our Security Team:
- Email: security@onboardme.app
We will acknowledge your report within 24 hours and provide a more detailed response within 72 hours indicating our next steps. We follow responsible disclosure practices and will keep you informed throughout the process.
What to Report
Please report any security-related issues, including but not limited to:
- SQL injection vulnerabilities
- Cross-site scripting (XSS) vulnerabilities
- Cross-site request forgery (CSRF) vulnerabilities
- Authentication or authorization bypasses
- Data exposure or leakage
- Server-side request forgery (SSRF)
- Remote code execution vulnerabilities
- Any other security concerns
Our Commitment
We are committed to maintaining the security and privacy of our users' data. All reports are taken seriously and investigated promptly. We will work with you to understand and resolve any legitimate security issues.
We kindly ask that you:
- Provide sufficient detail to reproduce the issue
- Allow reasonable time for us to investigate and respond
- Avoid accessing or modifying user data without explicit permission
- Refrain from denial-of-service attacks or other disruptive activities
Recognition
We appreciate security researchers who help keep our platform secure. With your permission, we may acknowledge your contribution in our security acknowledgments (without disclosing personal information).
Contact Us
For security-related inquiries or to report vulnerabilities:
- Email: security@onboardme.app
We respond to security reports within 24 hours.