Responsible Disclosure

Last updated: July 2026

Evoleen Technology GmbH takes the security of Projo Health and of projo-health.com seriously. We welcome responsible disclosure of security vulnerabilities from researchers, users, and the public.

1. Reporting a vulnerability

If you believe you have identified a security vulnerability in Projo Health or on projo-health.com, please report it to us at [email protected] with the subject line "Responsible Disclosure".

Please include:

2. Guidelines

3. Our commitment

We will acknowledge receipt of your report within 5 business days, provide a preliminary assessment within 30 days, and keep you informed of remediation progress. We will not pursue legal action against reporters who follow these guidelines in good faith.

4. Scope

This policy covers projo-health.com and the Projo Health product. It does not cover the Fire Arrow Server product, which is governed by its own responsible disclosure policy.