Legal

Responsible disclosure

We take the security of our customers seriously. If you believe you've found a vulnerability in our services, we'd like to hear about it.

How to report

Please email security@postly.comwith a description of the issue, steps to reproduce, and any supporting material. Encrypt sensitive details with our PGP key on request.

What to expect

  • Acknowledgement within two working days.
  • Regular updates while we investigate.
  • Public credit once the issue is resolved, if you'd like it.

Please don't

  • Access, modify or delete other users' data.
  • Run automated scanners against production without contacting us first.
  • Publicly disclose the issue before we've had a chance to fix it.