Notice Against Purchasing Unauthorized ProductsVulnerability Disclosure Policy (VDP)
2026-06-29

1. Scope

This policy applies to security vulnerabilities discovered in KEENON Robotics Co., Ltd.'s connectable products (including but not limited to Service Robots) and their associated mobile applications, cloud services, and firmware ("Products"). This policy is established to comply with the Australian Cyber Security (Security Standards for Smart Devices) Rules 2025.

2. Our Commitment

In compliance with Australian regulations, we are committed to:

Acknowledging receipt of your report within 48 hours.

Providing regular updates on the status of the vulnerability throughout its lifecycle.

Working diligently to resolve validated vulnerabilities in a timely manner.

Ensuring transparency in our security practices.

3. How to Report a Vulnerability

We encourage you to report potential security issues via the following channel.

Primary Contact: it_service@keenon.com

4. What to Expect After Reporting

Step 1 – Acknowledgement: You will receive an automated or manual confirmation email within 48 hours of submission.

Step 2 – Triage: Our security team will assess the report and assign it a severity rating (e.g., Critical, High, Medium).

Step 3 – Updates: We will provide periodic status updates at least every 14 days until the issue is resolved.

Step 4 – Resolution: Once a fix is deployed, we will notify you and credit your contribution (if desired).

5. Safe Harbor

We will not initiate legal action against individuals who:

Make a good-faith effort to avoid privacy violations, destruction of data, and interruption of our services.

Comply with this policy and do not exploit the vulnerability beyond what is necessary to demonstrate it.

Report vulnerabilities directly to us before disclosing them publicly.

6. Out-of-Scope Issues

The following are generally considered out of scope (unless they lead to a primary vulnerability):

UI/UX bugs and spelling errors.

Denial-of-service (DoS) attacks requiring excessive traffic.

Physical attacks or social engineering.

7. Contact

For general product support, please visit https://www.keenon.com. For security-related matters, use the reporting channel above.