Security Policy

Our Commitment to Security

At BenzoBilling, we take the security of your data seriously. This policy outlines how we protect your information and how security researchers can report vulnerabilities.

Data Protection

We implement multiple layers of security measures to protect your data:

  • All data is encrypted in transit using TLS 1.3
  • Sensitive data is encrypted at rest using AES-256
  • Regular security audits and penetration testing
  • Strict access controls and authentication procedures
  • Regular security training for all staff

Vulnerability Disclosure Policy

We appreciate the work of security researchers in improving the security of our services. If you believe you've found a security vulnerability, we encourage you to report it to us by emailing security@benzobilling.com.

What to Include in Your Report

  • A detailed description of the vulnerability
  • Steps to reproduce the issue
  • Potential impact of the vulnerability
  • Any suggestions for mitigating the issue

Our Commitment to Researchers

When you submit a vulnerability report, we commit to:

  • Acknowledge receipt of your report within 48 hours
  • Provide an initial assessment of the report within 5 business days
  • Keep you informed about our progress in addressing the issue
  • Not take legal action against researchers who act in good faith
  • Publicly acknowledge your contribution (if desired) after the issue is resolved

Scope

This security policy applies to all BenzoBilling services and applications, including:

  • Our website (benzobilling.com)
  • Our client portal
  • Our digital marketing platforms
  • Our analytics software
  • Our mobile applications

Out of Scope

The following types of reports are not considered valid:

  • Reports from automated vulnerability scanners
  • Social engineering attacks against our employees
  • Denial of service attacks
  • Physical security attacks against our offices
  • Third-party applications or services not operated by BenzoBilling

Contact Information

For security-related inquiries or to report a vulnerability, please contact:

Email: security@benzobilling.com

For urgent matters, please include "URGENT" in the subject line.