Security
Placeholder: This page provides basic security contact information only. A comprehensive security and vulnerability disclosure policy is in development.
Security
Last updated: April 24, 2026
TrayVerify takes the security of our public marketing and informational website at tray-verify.com (the "Site," as defined in our Terms of Service) seriously. This page is a placeholder: a more comprehensive security and vulnerability disclosure policy is in development.
Scope
This policy covers the Site only — the public marketing and informational pages at tray-verify.com.
The TrayVerify product, platform, APIs, kitchen hardware, administrator consoles, and customer data (collectively, the "Service," as defined in our Terms of Service) are out of scope for this page. Customers and partners evaluating the Service should work with us directly under an appropriate agreement; do not test or probe the Service under this policy.
Reporting a Vulnerability
If you believe you have discovered a security vulnerability affecting the Site, please report it to us by email:
security@tray-verify.com (preferred)
team@tray-verify.com (alternate)
When reporting, please include:
- A description of the issue
- Steps to reproduce
- The potential impact as you understand it
- Any proof-of-concept material (screenshots, request/response examples)
Good-Faith Research
We appreciate responsible security research. When reporting in good faith, please:
- Give us a reasonable opportunity to investigate and remediate before any public disclosure.
- Avoid privacy violations, data destruction, service disruption, or degradation of user experience.
- Do not access, modify, or retain data belonging to TrayVerify, its customers, or any third party.
- Test only against accounts and data that belong to you.
- Stay within the Site; do not probe the Service (see Scope above).
Safe Harbor
Notwithstanding Section 3 of our Terms of Service (which prohibits probing, scanning, or testing the vulnerability of the Site), good-faith security research conducted in accordance with this policy does not violate those Terms. Researchers who act in good faith and within the scope of this page will not be pursued for legal action by TrayVerify in connection with their report.
This safe harbor applies only to activity that (a) stays within the scope defined above, (b) follows the good-faith research guidelines, and (c) complies with all applicable law.
What to Expect
We aim to acknowledge receipt of security reports within a reasonable timeframe and will coordinate with the reporter on remediation and disclosure. We do not currently operate a paid bug bounty program.
Out of Scope
This placeholder page does not describe our internal security architecture, controls, certifications, or technical practices. Customers and partners evaluating TrayVerify for production use should contact us directly for security documentation under an appropriate agreement.
Contact
For any security-related question or report:
TrayVerify
Primary: security@tray-verify.com
Alternate: team@tray-verify.com
Report a Security Issue
To report a vulnerability or ask a security-related question, please email us at security@tray-verify.com (preferred) or team@tray-verify.com (alternate).