Responsible Disclosure Policy

RESPONSIBLE DISCLOSURE POLICY (v2.2)

Last Updated: 2025-11-02

We welcome responsible security reports.

Reporting

Report vulnerabilities to:

• security@ipwho.org
• or privacy@ipwho.org

Guidelines

• Do not access customer data
• Avoid service disruption
• Provide steps to reproduce
• Allow reasonable time for remediation