Responsible Disclosure Policy

Watch Surface encourages security researchers and clients to report vulnerabilities in a safe and responsible manner.

Scope

This policy applies to all Watch Surface platforms, applications, and services.

Reporting Guidelines

• Report vulnerabilities via security@securescope.co.uk.
• Provide clear steps to reproduce the issue.
• Do not publicly disclose vulnerabilities before we have addressed them.

Safe Harbor

Researchers following this policy in good faith will not face legal action from Watch Surface.

Response Time

We strive to acknowledge all reports within 48 hours and provide updates on remediation progress.

Last updated: February 2026