Data security is one of the top priorities at Fireflies, and we understand that any technology can have vulnerabilities that need to be identified and addressed. We welcome the expertise of skilled security researchers who can help us with that.
That's why we have a Responsible Disclosure Policy that outlines the steps you need to take if you think you've found a security vulnerability in our service. We want you to notify such incidents right away by emailing us at firstname.lastname@example.org.
Once you notify them, our team will work with you to resolve the issue promptly. We'll acknowledge your email within five business days and provide you with a reasonable amount of time to resolve the issue before disclosing it to the public or a third party. In fact, we aim to resolve critical problems within one month of disclosure.
While researching, we request that you avoid violating our privacy, destroying data, or interrupting our services. This means that you should only interact with accounts you own or have explicit permission from the account holder.
Fireflies also asks that you refrain from Distributed Denial of Service (DDoS), spamming, social engineering, phishing of Fireflies employees or contractors, or any attacks against Fireflies' physical property or data centers.
Let's work together to keep things safe and secure.