Seezo takes the security of our systems and data very seriously. We are continuously working to maintain and ensure that our environment is safe and secure for everyone. If you have discovered a security vulnerability in our application, we appreciate your help in disclosing it to us in a responsible manner.
Scope
Security research should be limited to the following domain:
How to Report a Vulnerability
Contact: security@seezo.io
Encrypted Communications
You can encrypt your information using our PGP key:
PGP Key: Available at https://seezo.io/.well-known/pgp-key.txt
Fingerprint: 8285 2B61 2137 07B6 F154 B3F2 8FA5 245E F2A8 7AEA
Report Content
When submitting a report, please include:
A detailed description of the issue
Steps to reproduce the vulnerability.
Any relevant evidence (e.g., screenshots, logs).
Note: We currently do not offer monetary compensation nor maintain a Hall of Fame.
Safe Harbor
If you conduct your security research in accordance with this policy, Seezo considers your activities to be authorized conduct under applicable laws, including the Computer Fraud and Abuse Act (CFAA) and similar state laws. We will not initiate or recommend legal action against you for activities conducted in compliance with this policy.
In the event of any law enforcement or civil action brought by a third party against you, and you have complied with this policy, we will take steps to make it known that your actions were conducted pursuant to and in compliance with this policy.
Out of Scope and Ineligible Findings
We generally follow industry-standard exclusions for common false positives and low-impact findings. For a comprehensive list of ineligible findings, please refer to the HackerOne Core Ineligible Findings documentation.
Testing Guidelines
When conducting security research, researchers must:
Test only on in-scope domains listed in this policy
Report vulnerabilities promptly upon discovery
Make a good faith effort to avoid privacy violations, data destruction, and service disruption
Refrain from conducting Denial of Service attacks
Refrain from performing social engineering attacks against Seezo employees or contractors
Refrain from accessing, modifying, or deleting data that does not belong to you
Questions
If you have questions about this policy or need clarification about scope, ineligible findings, or testing authorization, please contact us at security@seezo.io before conducting any testing.
Thank you for helping us keep Seezo secure.
Last updated: October 2025
