Data security is a priority for Lumanu. If you believe you’ve found a security vulnerability in Lumanu.com’s service, please notify us. We will work with you to resolve the issue promptly.
Disclosure Policy
We will maintain standard confidentiality in our communications with you.
We commit to thoroughly investigate and make every reasonable effort to address confirmed issues in a way that prioritizes the safety and security of those who may be impacted by a reported vulnerability.
We will work with you confirm and address your disclosure appropriately.
What we ask of Researchers
If you believe you’ve discovered a potential vulnerability, please let us know by emailing security@lumanu.com and including the subject line Lumanu Security - (issue found). We will acknowledge your email within ten business days.
We ask researchers to supply adequate technical details and context required for our team to verify reported issues, including screen recordings where relevant.
Make a good faith effort to avoid violating privacy, interrupting or degrading Lumanu.com service, or destroying data. Please only interact with accounts you own or for which you have explicit permission from the account holder.
Provide us with a reasonable amount of time to resolve the issue before disclosing it to the public or a third party. We aim to resolve critical issues within 24 hours of disclosure.
Exclusions
While researching, we’d like you to refrain from:
Distributed Denial of Service (DDoS)
Spamming
Social engineering or phishing of Lumanu employees
Thank you for helping to keep Lumanu.com and our users safe!
Contact
Lumanu is always open to feedback, questions, and suggestions. If you would like to talk to us, please feel free to email us at security@lumanu.com.
Responsibility
It is the Security team’s responsibility to see this policy is enforced.
