# NightSip Security Policy
# https://securitytxt.org/

Contact: mailto:security@thenightsip.com
Expires: 2027-01-01T00:00:00.000Z
Preferred-Languages: en
Canonical: https://thenightsip.com/.well-known/security.txt

# Acknowledgments: https://thenightsip.com/security#acknowledgments

# Policy
# We take security vulnerabilities seriously. If you discover a security issue,
# please report it responsibly by emailing security@thenightsip.com.
# We will respond within 72 hours.

# Scope
# - thenightsip.com and all subdomains
# - NightSip mobile applications (when available)
# - NightSip API endpoints

# Out of Scope
# - Third-party services (Stripe, Netlify, etc.)
# - Social engineering attacks
# - Denial of service attacks

# We do not currently offer a bug bounty program, but we appreciate responsible
# disclosure and will publicly acknowledge researchers who report valid issues.