Issue date: 07/10/2025

Summary

At Impact Laboratories and My Green Lab, we are committed to maintaining the security and privacy of our systems and customers. We encourage security researchers and ethical hackers to responsibly report vulnerabilities to help us improve our security posture.

Scope

This policy applies to:

• Web applications, APIs, and systems owned by My Green Lab.

• Reporting vulnerabilities without causing harm or disruption to services.

• Excluding social engineering, physical security, and DDoS attacks.

Reporting Policy

This policy details the steps to implement responsible reporting to the organization of security vulnerabilities by security researchers.

Reporting Process

If you identify a security vulnerability, please follow these steps:

1. Submit a detailed report via our official disclosure channel: security@mygreenlab.org

2. Provide clear reproduction steps and any potential impact assessment.

3. Avoid accessing, modifying, or destroying data belonging to others.

Response & Remediation

• We will acknowledge your submission within 72 hours.

• Our security team will triage, validate, and remediate the issue as necessary.

• We will update you on progress while maintaining confidentiality.

Recognition & Safe Harbor

• We appreciate responsible disclosures and may recognize contributors publicly (with consent)

• My Green Lab will not pursue legal action against researchers who act in good faith and comply with this policy.

Contact Us

For inquiries or to report a vulnerability, reach out to: security@mygreenlab.org