Gridex Support Gridex

Vulnerability Disclosure Policy

Last Updated: March 2026

1. Introduction

SupportHub (operated by TeleCetli Kft.) is dedicated to preserving data security by preventing unauthorized disclosure of information. This policy was created to provide security researchers with instructions for conducting vulnerability discovery activities and to provide information on how to report vulnerabilities that have been discovered. This policy explains which systems and types of activity are covered, how to submit vulnerability reports, and how long we require you to wait before publicly reporting vulnerabilities identified.

2. Guidelines

We request that you:

3. Authorization

Security research carried out in conformity with this policy is deemed permissible. We'll work with you to swiftly understand and fix the problem, and TeleCetli Kft. will not suggest or pursue legal action in connection with your research conducted in good faith and compliance with this policy.

4. Scope

This policy applies to the following systems and services:

4.1 Out of Scope

Any service that isn't explicitly specified above, such as related services, is out of scope and isn't allowed to be tested. Vulnerabilities discovered in third-party solutions SupportHub interacts with (such as Azure OpenAI, Keycloak, Neo4j, Stripe, etc.) are not covered by this policy and should be reported directly to the solution vendor in accordance with their disclosure policy.

Note: Before beginning your inquiry, email us at [email protected] if you're unsure whether a system or endpoint is in scope.

5. Types of Testing

The following test types are **not authorized**:

6. Reporting a Vulnerability

To report any security flaws, send an email to:

[email protected]

Subject: [SECURITY] Vulnerability Report

We'll acknowledge receipt of your vulnerability report within the next business day and keep you updated on our progress. Reports can be submitted anonymously if you prefer, though providing contact information allows us to communicate with you about the issue.

7. Desirable Information

In order to process and react to a vulnerability report effectively, we recommend including the following information:

If possible, please provide your report in English or Hungarian.

8. Our Commitment

If you choose to provide your contact information, we promise to communicate with you in a transparent and timely manner:

9. Recognition

We appreciate the security research community's efforts in helping us maintain a secure platform. While we do not currently offer a bug bounty program, we are happy to publicly recognize researchers who responsibly disclose vulnerabilities (with your permission).

10. Contact Information

Security Contact: [email protected]

Security Officer: Tamas Szilagyi

TeleCetli Kft.

7634 Pecs, Darazs dulo 70., Hungary