EduSynch Responsible Disclosure Policy
Last revised on January 1, 2023
Data security is a top priority for EduSynch, and we believe that working with skilled security researchers can help us identify weaknesses in our technology. If you believe you`ve found a security vulnerability in EduSynch`s service, please notify us; we will work with you to resolve the issue promptly.
1. Disclosure Policy
- If you believe you`ve discovered a potential vulnerability, please let us know by emailing us firstname.lastname@example.org. We will acknowledge your email within one week.
- Please provide us with a reasonable amount of time to resolve the issue before disclosing it to the public or a third party. We aim to resolve critical issues within ten business days of disclosure.
- Make a good faith effort to avoid violating privacy, destroying data, or interrupting or degrading the EduSynch service. Please only interact with accounts you own or for which you have explicit permission from the account holder.
EduSynch provides this service to help ensure a safe and secure environment for all of its users. As such, any users believed to be engaging in the below activities will have their user credentials immediately deactivated.
While using EduSynch and EduSynch technologies, we`d like you to refrain from:
- Denial-of-Service (DoS)
- Social engineering or phishing of EduSynch employees or contractors
- Any attacks against EduSynch`s physical property or data centers
This policy applies to the EduSynch applications hosted at student.edusynch.com and cms.edusynch.com as well as the EduSynch E-Proctoring Chrome Extension, and to any other subdomains or services associated with EduSynch. We do not accept reports for vulnerabilities solely affecting our marketing website (www.edusynch.com) which contains no sensitive data.
Thank you for helping to keep EduSynch and our users safe!
EduSynch is always open to feedback, questions, and suggestions. If you would like to talk to us, please feel free to email us email@example.com.