Skip to main content

Responsible Disclosure Policy

Focus School Software is committed to maintaining the security and privacy of our customers and users. The security of our online platforms is of utmost importance to us. If you are a security researcher and believe you have identified a security vulnerability in any of our services or sites, we encourage you to report it to us in a responsible and ethical manner.

We are committed to validating and addressing vulnerabilities in accordance with our dedication to security and privacy. In return, we pledge not to take legal action against researchers who adhere to this Responsible Disclosure Policy. We reserve all legal rights in the event of non-compliance with this policy.

Reporting Vulnerabilities

If you identify a potential security vulnerability, please share the details with our Information Security Team/IT Team by contacting supportteam@focusschoolsoftware.com or submitting a contact form below.

When reporting, please provide:

  • A detailed description of the vulnerability.
  • Steps to reproduce the issue.
  • Any supporting materials (e.g., screenshots or code snippets).

We will review your submission and determine its validity. If the issue is confirmed, we will take appropriate action to address it

Our Commitment to Researchers

For researchers who comply with this Responsible Disclosure Policy, we commit to:

  • Acknowledging receipt of your report promptly.
  • Working with you to validate and understand the issue.
  • Taking necessary action to address the vulnerability as appropriate.
  • Offering safe harbor for researchers who comply with this policy and permitting public disclosure of identified vulnerabilities after a reasonable period to resolve the issue, typically no less than 90 days.

Compliance Requirements

To comply with our Responsible Disclosure Policy, you must:

  • Avoid accessing, modifying, or deleting any data or account that does not belong to you.
  • Refrain from engaging in activities that disrupt our services (e.g., Denial of Service attacks).
  • Avoid using any testing methods that could degrade our systems or compromise user privacy.
  • Refrain from disclosing vulnerability details publicly or to third parties without our written consent.

Non-compliance with these requirements will void the protections offered by this policy.

Prohibited Activities

Researchers must not:

  • Use vulnerabilities to gain unauthorized access to our systems.
  • Perform tests that could harm users or degrade the functionality of our services.
  • Engage in testing third-party services that interact with our platforms without prior consent.

Contact Us

If you believe you’ve identified a vulnerability or have any questions regarding this policy, please contact our security team at supportteam@focusschoolsoftware.com or submitting a contact form below.

Thank you for helping us maintain the safety and security of our platforms.

"*" indicates required fields

Name*
This field is for validation purposes and should be left unchanged.

© 2024 Focus School Software

Terms & Conditions

Privacy Policy