Security Reporting
Sense values the privacy of our users, which first and foremost includes the data that Sense stores (you can read about what data we keep, and what we do with it, in our privacy policy). We are committed to the security of this data, as well as working with our community to verify, reproduce, and respond to reported vulnerabilities. We encourage the community to participate in our responsible reporting process. You can report vulnerabilities or concerns to vulnerability@sense.com
Responsible Disclosure Guidelines
We will investigate legitimate reports and make every effort to quickly correct any vulnerability. To encourage responsible reporting, we commit that we will not take legal action against you or ask law enforcement to investigate you if you comply with the following Responsible Disclosure Guidelines:
- Provide details of the vulnerability, including information needed to reproduce and validate the vulnerability and a Proof of Concept (POC)
- Make a good faith effort to avoid privacy violations, destruction of data and interruption or degradation of our services
- Do not modify or access data that does not belong to you
- Give us a reasonable time to correct the issue before making any information public
- We will attempt to respond to your report within 1-2 business days.