Security Disclosure Policy

Midwest Recycling Corp is committed to maintaining the security and integrity of our digital infrastructure. We welcome and appreciate the efforts of security researchers, ethical hackers, and members of the public who responsibly disclose potential security vulnerabilities.

This policy outlines how to report security issues and what you can expect from us in return.


Reporting a Vulnerability

If you believe you have discovered a security vulnerability affecting Midwest Recycling Corp, please report it responsibly by emailing:

[email protected]

For sensitive information, we strongly encourage encrypting your message using our public PGP key.


Encryption

Our public PGP key is available at:

https://midwestrecyclingcorp.com/.well-known/pgp-key.txt


Responsible Disclosure Guidelines

We ask that you:

  • Allow us reasonable time to investigate and remediate the issue before any public disclosure

  • Avoid accessing, modifying, or deleting data beyond what is necessary to demonstrate the vulnerability

  • Avoid service disruption, social engineering, or physical security testing

  • Act in good faith and comply with applicable laws


Safe Harbor

We consider security research conducted in accordance with this policy to be authorized.
We will not pursue legal action against researchers who:

  • Make a good-faith effort to follow this policy

  • Do not exploit vulnerabilities for personal gain

  • Do not violate privacy or data protection laws


Scope

This policy applies to internet-facing systems and services owned or operated by Midwest Recycling Corp.

Third-party services and vendors are governed by their respective security policies.


Recognition

At our discretion, we may acknowledge valid security reports on our Security Acknowledgments page. Researchers may choose to be credited or remain anonymous.


Contact

For any questions regarding this policy, please contact:

[email protected]