# LexLord — Security Policy (RFC 9116) # https://lexlord.ro/securitate Contact: mailto:security@lexlord.ro Contact: https://lexlord.ro/securitate Expires: 2027-05-16T00:00:00.000Z Preferred-Languages: ro, en Canonical: https://lexlord.ro/.well-known/security.txt Policy: https://lexlord.ro/securitate#responsible-disclosure Hiring: https://lexlord.ro/cariere # Responsible disclosure policy: # 1. Report vulnerabilities to security@lexlord.ro # 2. We respond within 48h with initial triage # 3. Full evaluation within 7 days # 4. DO NOT exploit. Report and stop. # 5. Hall of Fame recognition + bug bounty program (in preparation 2026) # # In-scope: # - *.lexlord.ro # - LexLord iOS app # - LexLord Word/Outlook add-ins # - LexLord API (api.lexlord.ro) # # Out-of-scope: # - Sub-processor infrastructure (Hetzner, Vercel, W&B, etc.) # - DDoS / volumetric attacks # - Social engineering attacks against employees # - Physical attacks against offices