Security Disclosure Policy
Midwest Recycling Corp is committed to maintaining the security and integrity of our digital infrastructure. We welcome and appreciate the efforts of security researchers, ethical hackers, and members of the public who responsibly disclose potential security vulnerabilities.
This policy outlines how to report security issues and what you can expect from us in return.
Reporting a Vulnerability
If you believe you have discovered a security vulnerability affecting Midwest Recycling Corp, please report it responsibly by emailing:
For sensitive information, we strongly encourage encrypting your message using our public PGP key.
Encryption
Our public PGP key is available at:
https://midwestrecyclingcorp.com/.well-known/pgp-key.txt
Responsible Disclosure Guidelines
We ask that you:
-
Allow us reasonable time to investigate and remediate the issue before any public disclosure
-
Avoid accessing, modifying, or deleting data beyond what is necessary to demonstrate the vulnerability
-
Avoid service disruption, social engineering, or physical security testing
-
Act in good faith and comply with applicable laws
Safe Harbor
We consider security research conducted in accordance with this policy to be authorized.
We will not pursue legal action against researchers who:
-
Make a good-faith effort to follow this policy
-
Do not exploit vulnerabilities for personal gain
-
Do not violate privacy or data protection laws
Scope
This policy applies to internet-facing systems and services owned or operated by Midwest Recycling Corp.
Third-party services and vendors are governed by their respective security policies.
Recognition
At our discretion, we may acknowledge valid security reports on our Security Acknowledgments page. Researchers may choose to be credited or remain anonymous.
Contact
For any questions regarding this policy, please contact: