Reporting Security Issues

At Heat Genius Ltd (trading as “Genius Hub”), the security of our products, services, and customer data is a top priority. If you believe you have identified a security vulnerability in one of our products or services—or have discovered a weakness that could lead to unintended behaviour or unauthorised access—we encourage you to let us know.

We value collaboration with security researchers and responsible disclosure helps us identify, assess, and resolve potential risks efficiently.

Submitting a Security Report

Please use the form below to submit full and accurate details of the issue you have identified. Including clear, comprehensive information—such as affected products, steps to reproduce the issue, and any supporting evidence—will help our engineering teams investigate and respond more effectively.

All submissions are reviewed by the Heat Genius team and handled in accordance with our established vulnerability management and response processes.

Responsible Disclosure Policy

Before submitting a report, we recommend reviewing our report criteria, which outline how we responsibly manage security disclosures. This policy sets expectations for both reporters and Heat Genius Ltd and ensures that vulnerabilities are addressed in a controlled and secure manner.

How to Report a Potential Vulnerability

If you believe you have discovered a security vulnerability in a Heat Genius Ltd product or service, please provide as much detail as possible through our responsible disclosure process. Reports should be submitted in a way that allows us to assess the issue without exposing customers, systems, or data to unnecessary risk.

⚑ Important Notice

• Do not publicly disclose any details of the vulnerability.
• Do not attempt to exploit the issue beyond what is necessary to demonstrate its existence.
• Do not take any action that could compromise customer data, Heat Genius Ltd systems, or intellectual property.

What Happens After You Submit a Report

Once your report has been received:

• We will acknowledge receipt of your submission within 7 days.
• Our security and engineering teams will review and validate the reported issue.
• If the vulnerability is confirmed, we will provide an estimated timeline for remediation or further updates where appropriate. We will aim to resolve any identified security issues as quickly as reasonably possible, and within not less than 90 days from the confirmation of the vulnerability.

Report Criteria

The following activities are not permitted under Heat Genius Ltd’s responsible disclosure practices:

• Publicly disclosing vulnerabilities before they have been resolved
• Modifying, deleting, or accessing data that does not belong to you
• Disrupting or degrading Heat Genius Ltd services or system performance
• Attempting to access personal, confidential, or proprietary information
• Performing denial-of-service (DoS) or similar attacks
• Using social engineering techniques, phishing, or spam
• Conducting physical or network-based attacks, including spoofing or poisoning attacks

Engaging in these activities may result in the report being deemed invalid and could lead to further action.

Out-of-Scope Reports

Some issues are considered outside the scope of our responsible disclosure process and may not qualify for investigation. Examples include:

• Publicly accessible, non-sensitive files or directories
• Simple banner grabbing or version information disclosure
• Basic username or email enumeration without a demonstrable security impact

Technical Support

For general product support, configuration assistance, or troubleshooting, please visit the Support page on our website. Security reports should be limited to genuine vulnerabilities and security-related concerns.

Support Period

Security related updates will be maintained for all products up to 5 years from the point of the product line being discontinued.

For information on discontinued products, please see here.