45-Day Free Trial — No Credit Card Required
CaseClock — Voice-First Legal Billing for Lawyers

Legal

Responsible Disclosure

How to report security vulnerabilities to CaseClock.

Responsible Disclosure Guidelines

If you believe you've found a security vulnerability in CaseClock, we encourage you to report it to us responsibly. Please follow these guidelines:

  • Email your findings to security@caseclock.ai
  • Provide detailed information about the vulnerability, including steps to reproduce
  • Allow us reasonable time to investigate and address the issue before public disclosure
  • Do not access, modify, or delete data belonging to other users
  • Do not perform actions that could negatively impact our services or users

Our Commitment

We commit to:

  • Respond within 48 hours to acknowledge receipt of your report
  • Keep you informed of our progress addressing the vulnerability
  • Credit you for your discovery (if desired) on our Security Acknowledgments page
  • Work with you to understand and resolve the issue promptly

Scope of Testing

In Scope

  • www.caseclock.ai and its subdomains
  • CaseClock web and mobile applications
  • API endpoints and integrations
  • Testing using your own test accounts
  • Reporting vulnerabilities without exploitation

Out of Scope

  • Social engineering attacks (phishing, vishing, etc.)
  • Physical attacks against CaseClock facilities or personnel
  • Denial of Service (DoS/DDoS) attacks
  • Third-party services and websites
  • Spam or social engineering of CaseClock employees or contractors
  • Testing that impacts other users or degrades service quality

Recognition

While we do not currently offer a monetary bug bounty program, we deeply appreciate security researchers' contributions to keeping CaseClock secure.

Researchers who report valid vulnerabilities will be:

  • Acknowledged on our Security Acknowledgments page (with your permission)
  • Kept informed throughout the remediation process
  • Considered for future security collaboration opportunities

Legal Safe Harbor

CaseClock will not pursue legal action against security researchers who:

  • Follow these responsible disclosure guidelines
  • Act in good faith and avoid privacy violations
  • Do not exploit vulnerabilities beyond necessary demonstration
  • Do not intentionally harm CaseClock or its users

Contact Information

For security-related inquiries, please contact us at:

security@caseclock.ai

For general inquiries, please visit our homepage or contact hello@caseclock.ai