Security policy

At My Language Drill, the security of our systems and data is a top priority. We appreciate the contributions of security researchers and the wider community who help us maintain a secure environment.

Security Vulnerability Reporting

If you believe you have discovered a security vulnerability on our website or any other related system, we encourage you to report it to us as soon as possible. We appreciate your help in disclosing vulnerabilities responsibly.

To report a vulnerability, please send an email to security@mylanguagedrill.ch using the corresponding PGP key.

Please include, if possible:

· va detailed description of the vulnerability

· the steps required to reproduce the issue

· any relevant screenshots or proof-of-concept code

Our commitment

· We will acknowledge receipt of your report within 3 working days.

· We will investigate the issue and endeavour to resolve it as quickly as possible.

· We will keep you informed throughout the process.

· We will not take legal action against individuals who discover and report security issues responsibly and in good faith, nor will we suspend their access.

Scope of application

This policy applies to mylanguage drill.ch, mylearning drill.ch, and myenglish drill.ch. Vulnerabilities discovered outside the scope indicated may not be recognised.

Out of scope

The following items are generally considered outside the scope:

· Denial of service (DoS/DDoS) attacks

· Social engineering or phishing attacks

· Physical attacks against our infrastructure or personnel

· Vulnerabilities in third-party services that we do not control

Responsible communication

We ask you to:

· of data during your research.

· give us a reasonable amount of time to resolve the issue before making it public.

· do not exploit the vulnerability beyond what is necessary to demonstrate it.

Thank you for helping us keep My Language Drill and its users safe!