Security / Vulnerability Disclosure Policy

Last updated: January 2026

BeWell Alert takes the security of our website, services, and customer data seriously.
We welcome responsible disclosure of security vulnerabilities and appreciate the efforts of security researchers who help us maintain a safe environment for our users.

Reporting a Vulnerability

If you believe you have discovered a security vulnerability affecting bewellalert.com, please report it to us as soon as possible.

Contact:

Email: info@bewellalert.com

Please include the following information in your report where possible:

A clear description of the vulnerability

Steps to reproduce the issue

Affected URLs or components

Any proof-of-concept or screenshots (if applicable)

Response Timeline

We aim to acknowledge valid vulnerability reports within 5 business days

We will keep you informed of progress where appropriate

Resolution timelines may vary depending on severity and complexity

Responsible Disclosure Guidelines

We kindly ask security researchers to:

Avoid privacy violations, data destruction, or service disruption

Not exploit vulnerabilities beyond what is necessary to demonstrate the issue

Not publicly disclose the vulnerability until we have had reasonable time to investigate and remediate it

Act in good faith and comply with applicable laws

Activities such as social engineering, physical attacks, denial-of-service (DoS/DDoS), and spam are out of scope.

Acknowledgment

While we do not operate a formal bug bounty or public hall of fame, we appreciate responsible disclosures and will acknowledge valid reports privately where appropriate.

Scope

This policy applies to: https://bewellalert.com

All publicly accessible services operated by BeWell Alert