Hoskes Cloud
All legal documents

Security

Security practices and responsible disclosure.

Last updated: 2026-06-11Version: 1.0

HOSKES DESENVOLVIMENTO DE SISTEMAS LTDA · CNPJ 53.371.345/0001-18 · São Paulo, SP, Brazil

1. Overview

We design Hoskes Cloud with security in mind: container isolation, encrypted credentials, HTTPS by default, and access controls on accounts and API keys.

2. Your responsibility

You are responsible for securing your application code, secrets in environment variables, database passwords, and GitHub repository access.

Rotate API keys if compromised and use least-privilege project member permissions.

3. Report a vulnerability

If you discover a security issue in Hoskes Cloud infrastructure, please report it responsibly to security@hoskes.cloud.

Include steps to reproduce, impact assessment, and your contact details. Do not publicly disclose before we have had reasonable time to respond.

We appreciate good-faith reports and will acknowledge receipt within a reasonable timeframe.

4. Incidents

If we confirm a security incident affecting customer data, we will notify affected users and authorities as required by law.

This document is provided for transparency. It does not constitute legal advice. For formal questions, contact our legal team.