Security

Security

UIG Security Policy

Effective Date: October 3, 2025

At UIG, we prioritize the security of our systems, applications, and user data. This Security Policy outlines our commitment to maintaining a secure environment and provides guidance on how users can contribute to enhancing our security posture.

  1. Security Commitment

We are dedicated to implementing robust security measures to protect our infrastructure and user information. Our security practices include:

  • Data Encryption: All sensitive data is encrypted both in transit and at rest using industry-standard encryption protocols.
  • Access Controls: We enforce strict access controls to ensure that only authorized personnel have access to sensitive information.
  • Regular Audits: We conduct regular security audits and vulnerability assessments to identify and mitigate potential risks.
  • Incident Response: We have established procedures to promptly address and resolve security incidents.
  1. Reporting Security Vulnerabilities

We value the contributions of the security research community in identifying potential vulnerabilities. If you discover a security issue, please report it to us at security@uig.com. When reporting, please include:

  • A detailed description of the vulnerability.
  • Steps to reproduce the issue.
  • Any relevant logs or screenshots.

We commit to acknowledging receipt of your report and will work diligently to address the issue. If you do not receive a timely response, please follow up with us.

  1. Responsible Disclosure

To protect our users and systems, we request that you:

  • Refrain from disclosing the vulnerability to third parties until we have had an opportunity to investigate and address the issue.
  • Avoid exploiting the vulnerability in any way that could harm our systems or users.
  • Do not engage in activities such as denial of service attacks, spamming, or social engineering.

We appreciate your cooperation in adhering to these guidelines to ensure a constructive and safe disclosure process.

  1. Bug Bounty Program

We offer a bug bounty program to reward individuals who responsibly disclose significant vulnerabilities. Rewards are determined at our discretion based on the severity and impact of the reported issue.

  1. Acknowledgments

We extend our gratitude to the security researchers who have responsibly disclosed vulnerabilities to us. Their efforts help us maintain a secure environment for all users.