Security Policy

At Iron Bull Strength, we take the security of our website, systems, products, and customer data seriously. We appreciate the efforts of security researchers and members of the security community who help us identify vulnerabilities responsibly.

Reporting a Security Vulnerability

If you believe you have discovered a security vulnerability affecting Iron Bull Strength websites, services, or systems, please report it to us as soon as possible.

Contact

Please send all vulnerability reports to:

Email: sales at ironbullstrength dot com

When submitting a report, please include:

• A detailed description of the vulnerability
• Steps to reproduce the issue
• The affected URL, page, or system
• Any proof-of-concept code or screenshots
• Your contact information for follow-up questions

Our Commitment

When you report a vulnerability responsibly, we commit to:

• Acknowledge receipt of your report within a reasonable timeframe
• Investigate and validate the issue
• Work to remediate confirmed vulnerabilities promptly
• Keep communication open regarding the status of the issue
• Not pursue legal action against researchers acting in good faith and within the scope of this policy

Responsible Disclosure Guidelines

To help protect our users and systems, we ask that you:

• Avoid accessing, modifying, or deleting data that does not belong to you
• Avoid actions that could negatively impact our services or users
• Do not publicly disclose the vulnerability until we have had a reasonable opportunity to investigate and resolve it
• Only test against accounts and systems you own or are explicitly authorized to test

Out of Scope

The following are generally considered out of scope for our vulnerability disclosure program:

• Spam or social engineering attacks
• Denial-of-service (DoS/DDoS) attacks
• Physical security attacks
• Vulnerabilities affecting third-party services not controlled by Iron Bull Strength
• Reports related to outdated browsers or unsupported software versions
• Missing best-practice headers without a demonstrated security impact

Safe Harbor

We consider security research conducted in accordance with this policy to be authorized and conducted in good faith. We will not initiate legal action against researchers who:

• Respect this policy
• Avoid privacy violations and service disruptions
• Provide us a reasonable opportunity to resolve the issue before disclosure

Customer Security

Iron Bull Strength uses industry-standard security practices to help protect customer information and secure transactions. However, no method of transmission or storage is completely secure, and users should also take precautions to protect their accounts and devices.

Updates to This Policy

We may update this Security Policy from time to time to reflect changes in our security practices or infrastructure. Updates will be posted on this page with a revised effective date.