Security Policy
Last updated: December 18, 2025
This Security Policy describes how NullSCA EOOD approaches security, how security vulnerabilities can be reported, and how such reports are handled.
This policy is intended to support responsible disclosure and improve the security of the services and websites operated by the Company.
Scope
This Security Policy applies to:
- https://www.nickscripts.com
- Any subdomains operated by the Company
- Public-facing services and applications operated by NullSCA EOOD
This policy does not apply to third-party services, websites, or infrastructure not controlled by the Company. This includes third-party analytics or infrastructure providers used by the Website, which are governed by their own security practices and policies.
Reporting Security Vulnerabilities
General support requests, privacy-related inquiries, data subject rights requests, and non-security issues should be directed through the appropriate contact channels listed on the Website. If You believe You have discovered a security vulnerability, misconfiguration, or weakness affecting the Service, We encourage responsible disclosure.
Please report security issues by email:
When reporting a vulnerability, please include:
- A clear description of the issue
- Steps to reproduce the vulnerability (if applicable)
- The affected URL, service, or component
- Any relevant logs, screenshots, or proof-of-concept information
Do not publicly disclose security issues until the Company has had a reasonable opportunity to investigate and address the matter.
Responsible Disclosure Guidelines
We ask that security researchers and reporters:
- Avoid exploiting vulnerabilities beyond what is necessary to demonstrate the issue
- Avoid accessing, modifying, or deleting data belonging to others
- Avoid actions that could disrupt services or harm users
- Allow reasonable time for investigation and remediation before public disclosure
The Company does not operate a bug bounty program at this time.
Our Commitment
The Company commits to:
- Acknowledge receipt of security reports within a reasonable timeframe
- Investigate reported issues in good faith
- Take appropriate corrective action where vulnerabilities are confirmed
No guarantees are made regarding response times or remediation timelines.
Safe Harbor
The Company will not pursue legal action against individuals who:
- Act in good faith
- Follow the guidelines in this Security Policy
- Do not exploit vulnerabilities for personal gain
- Do not violate applicable laws
This safe harbor does not apply to activities that are malicious, reckless, or unlawful.
Security Practices
The Company implements reasonable technical and organizational measures to protect its systems, including but not limited to:
- Access controls and authentication mechanisms
- Secure configuration of servers and services
- Regular updates and patching of software components
- Monitoring for abnormal or malicious activity
Specific security measures are not disclosed publicly for security reasons.
Changes to This Security Policy
This Security Policy may be updated from time to time. Updates will be posted on this page with an updated "Last updated" date.
Contact
For security-related inquiries only: