# Security Policy for EmailQA
# https://emailqa.live/.well-known/security.txt

Contact: mailto:security@emailqa.live
Contact: mailto:support@emailqa.live
Expires: 2026-12-31T23:59:59.000Z
Preferred-Languages: en
Canonical: https://emailqa.live/.well-known/security.txt

# Security Information
# EmailQA takes security seriously. If you discover a security vulnerability,
# please report it to security@emailqa.live

# Our security practices:
# - SOC 2 compliant infrastructure (Railway)
# - HTTPS/TLS 1.3 encryption for all traffic
# - OAuth for ESP integrations (no credentials stored)
# - Read-only access to email content
# - Regular security audits
# - No tracking of guest reviewers
# - GDPR-compliant data handling

# Acknowledgments
# We appreciate responsible disclosure and will acknowledge security researchers
# who help us improve our security.