# GrantCompass Security Policy
# Last Updated: 2026-08-12

Contact: security@grantcompass.ca
Expires: 2026-08-12T00:00:00.000Z
Preferred-Languages: en, fr
Canonical: https://grantcompass.ca/.well-known/security.txt

# Security Policy
Policy: https://grantcompass.ca/privacy.html

# Acknowledgments
# We appreciate responsible disclosure of security vulnerabilities.
# Please allow 48 hours for initial response.

# Encryption
# Our PGP key for secure communication:
# Available upon request at security@grantcompass.ca

# Bug Bounty
# We currently do not offer a bug bounty program but appreciate all reports.

# CSAF
# We follow coordinated vulnerability disclosure practices.