Contact: mailto:security@quickjha.com
Contact: mailto:afaqahmad8287@gmail.com
Expires: 2027-05-04T00:00:00.000Z
Encryption: https://quickjha.com/pgp-key.txt
Preferred-Languages: en
Canonical: https://quickjha.com/security.txt
Policy: https://quickjha.com/privacy

# Security Policy for QuickJHA

## Reporting Security Vulnerabilities

QuickJHA takes security seriously. If you discover a security vulnerability, please report it responsibly:

1. Email us at security@quickjha.com with details
2. Include a clear description of the vulnerability
3. Provide steps to reproduce if possible
4. Allow reasonable time for us to address the issue

## What We Protect

- User personal data and authentication information
- Payment processing through secure channels (Stripe)
- Generated safety documents and project data
- Administrative functions and user permissions

## Security Measures

- HTTPS encryption for all communications
- Secure session management
- Input validation and sanitization
- Regular security updates and monitoring
- Secure payment processing via certified providers

## Scope

This security policy applies to:
- quickjha.com and all subdomains
- Mobile applications (if any)
- API endpoints
- User-generated content systems

Thank you for helping keep QuickJHA secure.