Legal hub

Security and Trust Center

Security commitments, incident handling, and vulnerability reporting.

Effective: May 1, 2026Last updated: May 1, 2026
This legal draft contains required placeholders such as [legal-entity-name] and [support-contact-email]. Replace all [placeholder-type] values with approved legal terms before publication.

1. Security Baseline

  • Security scanning and policy checks are integrated into core workflows.
  • Access controls, logging, and authentication protections are applied to service components.
  • Secrets and credentials are handled with environment-based and vault-based controls.

2. AI and Code Safety

  • AI-generated output should be reviewed before production use.
  • Built-in tooling highlights common code security issues and risky patterns.
  • Trust and safety controls may block known harmful behaviors.

3. Incident Response

We maintain incident response procedures for confidentiality, integrity, and availability events.

Customer-impacting incidents are handled under [incident-response-policy-reference], including notification timing commitments where required by law or contract.

Target breach notification timeline (where applicable): [breach-notice-hours] hours.

4. Vulnerability Disclosure

Report security issues to [security-contact-email] or [security-report-form-url].

Please include reproduction details and avoid public disclosure until coordinated remediation is complete.

5. Security Documentation

  • Technical scanner details: /security
  • Trust center and compliance artifacts: [trust-center-link]
  • System status and incident updates: [status-page-link]