# Noon Systems Corporation — security contact
# RFC 9116 (https://www.rfc-editor.org/rfc/rfc9116)
# Last updated: 2026-06-04

Contact: mailto:design@noon.bio
Expires: 2027-06-04T00:00:00.000Z
Preferred-Languages: en, es
Canonical: https://www.noon.bio/.well-known/security.txt

# Responsible disclosure policy
#
# Noon takes security and privacy seriously. If you discover a
# vulnerability — in the public site, in the proposal/client portal
# system at johnsonranchlandworks.com, in any Netlify function under
# either domain, or in any aspect of our handling of client or
# practitioner data — please contact us at design@noon.bio.
#
# Please include enough detail to reproduce the issue. We will respond
# within seven (7) business days and work in good faith toward
# resolution. We do not pursue legal action against researchers acting
# in good faith under standard responsible-disclosure norms.
#
# Scope:
#   *.noon.bio
#   noon.bio
#   johnsonranchlandworks.com  (operational proof-of-concept)
#
# Out of scope: social engineering, physical access, denial of service.