Vulnerability Disclosure Policy

At Meatdryer, protecting the security of our smart drying hardware and mobile apps is a top priority.

We believe that partnering with the security community and our users is essential for maintaining a safe platform. We welcome and encourage the responsible disclosure of any potential vulnerabilities you may find.

If you identify a security issue or potential threat, please contact us here using "Security" as topic. Please do not include sensitive personal data in your initial report.

HOW TO SUBMIT A REPORT

- Please include technical details about the vulnerability, specifying which product and version is affected. You can find your App version in the Settings tab.
- Where possible, include a proof-of-concept or clear steps for us to reproduce the issue.
- We ask that you keep the vulnerability private and do not share it publicly until we have resolved the issue.

OUR RESPONSE PROCESS

- We will confirm receipt of your report promptly, and always within 7 days.
- To ensure the safety of our users, we ask that you keep all communication confidential while we investigate. In return, we will respect your confidentiality and handle your data with care.
- We treat all reporters with respect and professionalism.
- We will not take legal action against researchers who discover and report security vulnerabilities in accordance with this policy.

RESOLUTION TIMELINE

- Our engineering team will work closely with you to validate the issue and determine the best fix.
- We aim to resolve valid vulnerabilities within 90 days of confirmation, which includes the time needed to develop, test, and deploy patches.
- If a fix requires more time (e.g., for hardware firmware), we will apply temporary safeguards to mitigate risk in the meantime.

By working together, we can keep the Meatdryer ecosystem secure and reliable.