Contact

Responsible Disclosure Policy

Last Updated: March 13, 2026

As a leader in AI Transformation and Sovereign Data Ecosystems, Trinity Protection World Limited is committed to maintaining the highest levels of security. We value the expertise of security researchers and believe that responsible disclosure of vulnerabilities is essential to global digital safety.

1. Purpose of the Policy

This policy is designed to provide security researchers with a clear set of guidelines for conducting vulnerability discovery activities and to instruct them on how to submit their findings to us. It demonstrates our proactive approach to risk management and our commitment to architectural integrity.

2. Guidelines for Reporting

We encourage you to share your findings with us. To ensure your report is handled efficiently, please include:

  • A detailed description of the vulnerability and its potential impact.
  • The specific location (URL, IP, or component) where the vulnerability was identified.
  • Step-by-step instructions or scripts to reproduce the issue.
  • The date and time of discovery.

Security Contact: Please send your encrypted reports to: info@trinityprotectionworldlimited.com

3. Safe Harbor and Legal Commitment

If you conduct your security research and disclosure in accordance with this policy, we consider your actions to be authorized.

Trinity Protection World Limited will not initiate legal action or law enforcement investigations against you for research conducted in good faith. This "Safe Harbor" applies as long as you:

  • Do not access or modify data that does not belong to you.
  • Do not perform any action that would degrade our service performance (e.g., DDoS).
  • Give us a reasonable timeframe (minimum 90 days) to resolve the issue before public disclosure.

4. Prohibited Actions

To remain in compliance with this policy, researchers must avoid:

  • Social engineering (phishing, vishing) of our employees or clients.
  • Physical attacks against our facilities or data centers.
  • Extraction of sensitive client data or trade secrets.
  • Automated scanning that generates excessive traffic and impacts system stability.

5. Our Commitment to You

When you report a vulnerability to us, we commit to:

  • Acknowledging receipt of your report within 48 business hours.
  • Maintaining open communication throughout the remediation process.
  • Offering possible rewards for valid, high-impact findings at our sole discretion.

6. Scope

This policy applies to all digital assets owned and operated by Trinity Protection World Limited, including our core AI transformation frameworks and infrastructure layers.