Umlingo IT values the security of our systems and services. We welcome responsible security research and encourage individuals to report vulnerabilities discovered in our systems.

1. Scope

This policy applies to security vulnerabilities affecting:

• Umlingo IT websites

• Client portals

• Applications developed by Umlingo IT

• Public digital infrastructure operated by Umlingo IT

2. How to Report a Vulnerability

If you discover a security vulnerability, please report it by email.

Include the following information:

• Description of the vulnerability

• Steps to reproduce the issue

• Affected systems or pages

• Screenshots or proof of concept if available

Email: admin@umlingoit.co.za

3. Responsible Research Guidelines

Researchers must:

• Act in good faith

• Avoid privacy violations

• Avoid data destruction or service disruption

• Not exploit vulnerabilities beyond proof-of-concept

4. Our Commitment

When a valid vulnerability report is received, Umlingo IT will:

• Acknowledge receipt of the report

• Investigate the issue promptly

• Work to resolve the vulnerability

• Keep the reporter informed where possible

5. Legal Safe Harbor

Security researchers acting in good faith and following this policy will not be subject to legal action by Umlingo IT.