Security

Last reviewed: April 13, 2026

If you find a security issue, email contact@adpena.com. You can also use our security.txt file. Please include the affected page or endpoint, the impact, and clear reproduction steps.

1. Reporting

Send reports privately. Do not post vulnerability details publicly before we have time to respond. If the issue affects a live account, avoid using real customer data in your proof of concept.

2. Response

• We acknowledge credible reports within 3 business days.
• We triage the report and confirm scope before remediation.
• We prioritize fixes based on user impact and exposure.
• We will tell reporters when a fix is available or deployed.

3. Safe Harbor

If you act in good faith, limit testing to what is needed to demonstrate the issue, and stop once the issue is confirmed, we will treat your research as authorized security testing.

4. Acknowledgments

We appreciate responsible disclosure and will credit reporters who want public acknowledgment after the issue is fixed.