# Security Policy

GSDSI welcomes responsible reports about security issues affecting public GSDSI web properties.

## Reporting a Vulnerability

Email security reports to compliance@gsdsi.com and include:

- Affected URL or endpoint
- Steps to reproduce
- Impact assessment
- Any relevant proof of concept, screenshots, or logs

Please do not access, modify, delete, exfiltrate, or disrupt GSDSI systems or data. We will review reports in good faith and follow up through the reporting email address.

## Scope

This policy covers public GSDSI web properties, including gsdsi.com and www.gsdsi.com. Customer systems, third-party services, social engineering, physical attacks, denial-of-service testing, and spam are out of scope unless GSDSI explicitly authorizes testing in writing.

## Safe Harbor

GSDSI will not pursue legal action for good-faith research that follows this policy, avoids privacy or service disruption, and promptly reports findings to the contacts above.