Security Policy

1. Overview

This page explains how to report security issues for Ritovision digital properties and how we handle disclosures.

2. Reporting a Vulnerability

Please submit security reports using the General Inquiry form on the contact page. Include enough detail for us to reproduce the issue.

• Affected URLs or endpoints
• Steps to reproduce
• Potential impact
• Your preferred contact method

If you want to share sensitive details, use the PGP key listed below to encrypt your message.

3. Scope

In scope:

• ritovision.com, its static content and other web properties including ritorhymes.com, ritography.com, ritoswap.com, carolinevreeland.com, williamentriken.net
• Contact forms and related site functionality

Out of scope:

• Third-party services or integrations we do not control
• Social media accounts and external platforms

4. Safe Harbor

We welcome good-faith security research. Please avoid privacy violations, data destruction, or service disruption. If you follow this policy, we will not pursue legal action against you for your research.

5. Response and Remediation

We review reports in order of receipt and prioritize by severity. We aim to acknowledge submissions as soon as possible. Resolution timelines vary depending on complexity and impact, and we may ask for clarification along the way.

6. Coordinated Disclosure

Please keep vulnerability details private until we have completed a fix or mutually agreed on a disclosure timeline.

7. security.txt

The canonical machine-readable policy is published at ritovision.com/.well-known/security.txt.

8. PGP Key

Use this key to encrypt sensitive reports. The canonical key is the .asc file listed in security.txt.