# RFC 9116 — Vulnerability disclosure policy for HelloHR (Velora, Inc.)
# Aligned with NIST 800-53 SI-2 (flaw remediation) and SOC 2 CC4.1
# (continuous monitoring). Researchers reporting in good faith via this
# channel are operated under a safe-harbor program — see Policy.

Contact: mailto:security@hellovelora.com
Expires: 2027-05-04T00:00:00Z
Preferred-Languages: en
Canonical: https://hellohr-two.vercel.app/.well-known/security.txt
Policy: https://hellohr-two.vercel.app/security
Acknowledgments: https://hellohr-two.vercel.app/security#acknowledgments