PsalmifiLegal Center
← All policies

Security & Responsible Disclosure Policy

Version 1.0 · Effective July 11, 2026 · BibleMusic, LLC

1. Introduction

BibleMusic, LLC (”BibleMusic,” “we,” “our,” or “us”) is committed to maintaining the security, integrity, availability, and resilience of the Services.

This Security & Responsible Disclosure Policy explains BibleMusic’s security principles, how security vulnerabilities may be responsibly reported, and how BibleMusic responds to security concerns.

This Policy forms part of the Terms of Service governing the Psalmifi Services operated by BibleMusic, LLC.

Capitalized terms not defined in this Policy have the meanings assigned in the Terms of Service.

2. Purpose

The objectives of this Policy are to:

  • protect Users;
  • protect Personal Information;
  • safeguard Platform Content;
  • preserve Service availability;
  • encourage responsible security research;
  • establish clear vulnerability reporting procedures;
  • support coordinated disclosure;
  • and continuously improve the security of the Services.

3. Security Principles

BibleMusic seeks to maintain security through a layered approach that includes reasonable administrative, technical, organizational, and physical safeguards appropriate to the nature of the Services and Applicable Law.

Security is an ongoing process rather than a single technology or guarantee.

4. Security Practices

BibleMusic may implement security measures including, where appropriate:

  • encryption of data in transit;
  • encryption of sensitive data at rest;
  • authentication controls;
  • role-based access controls;
  • least-privilege access principles;
  • multi-factor authentication for administrative systems where appropriate;
  • infrastructure monitoring;
  • audit logging;
  • intrusion detection;
  • vulnerability management;
  • software patch management;
  • secure development practices;
  • code review;
  • backup procedures;
  • disaster recovery planning;
  • vendor security assessments;
  • incident response planning;
  • and periodic security reviews.

Specific security measures may evolve over time and are not exhaustively described in this Policy.

5. User Security Responsibilities

Users play an important role in maintaining Account security.

Users should:

  • maintain strong passwords where applicable;
  • protect authentication credentials;
  • secure their personal devices;
  • promptly install software updates;
  • avoid sharing Accounts;
  • notify BibleMusic of suspected unauthorized access;
  • and immediately report suspected security incidents involving their Accounts.

Users remain responsible for activity occurring through their Accounts until BibleMusic has had a reasonable opportunity to respond to a reported compromise.

6. Responsible Vulnerability Disclosure

BibleMusic welcomes good-faith reports of legitimate security vulnerabilities.

Individuals who discover a potential security vulnerability are encouraged to report it privately to BibleMusic before publicly disclosing the issue.

Responsible disclosure helps protect Users while allowing BibleMusic an opportunity to investigate and remediate reported vulnerabilities.

7. Reporting a Security Vulnerability

Security reports should include, where reasonably available:

  • the reporter’s name;
  • contact information;
  • the affected Service or feature;
  • a description of the suspected vulnerability;
  • steps necessary to reproduce the issue;
  • proof-of-concept information where appropriate;
  • the potential security impact;
  • and any other information reasonably necessary for investigation.

Reports should be submitted to:

Security Team

security@psalmifi.com

8. Good Faith Research

BibleMusic supports good-faith security research conducted responsibly.

Researchers acting in good faith should:

  • avoid disrupting the Services;
  • avoid accessing data belonging to other Users;
  • avoid modifying information;
  • avoid destroying information;
  • avoid degrading Service availability;
  • avoid social engineering BibleMusic personnel;
  • avoid physical intrusion;
  • avoid violating Applicable Law;
  • and promptly report discovered vulnerabilities.

Nothing in this Policy authorizes conduct prohibited by Applicable Law.

9. Activities Outside the Scope of Responsible Disclosure

The following activities are not authorized under this Policy unless expressly approved in writing by BibleMusic:

  • denial-of-service testing;
  • distributed denial-of-service testing;
  • ransomware simulation;
  • malware deployment;
  • phishing campaigns;
  • credential stuffing;
  • password spraying;
  • automated exploitation;
  • destructive testing;
  • unauthorized access to User Accounts;
  • unauthorized access to production systems;
  • physical attacks;
  • social engineering;
  • supply chain attacks;
  • or any activity reasonably likely to disrupt the Services or expose User data.

10. BibleMusic’s Response

Upon receiving a vulnerability report, BibleMusic may:

  • acknowledge receipt;
  • request additional information;
  • investigate the report;
  • validate the vulnerability;
  • prioritize remediation;
  • deploy corrective measures;
  • coordinate disclosure;
  • notify affected parties where appropriate;
  • and take other reasonable actions consistent with Applicable Law.

BibleMusic is not obligated to disclose internal security details, remediation timelines, or investigative findings.

11. Security Incidents

If BibleMusic becomes aware of a confirmed security incident affecting Personal Information, BibleMusic will respond in accordance with:

  • Applicable Law;
  • contractual obligations;
  • internal incident response procedures;
  • and the Privacy Policy.

Where legally required, affected individuals and regulatory authorities will be notified within the timeframes required by Applicable Law.

12. No Security Guarantee

While BibleMusic employs reasonable safeguards, no technology, software, network, or security program can guarantee absolute security.

Accordingly, BibleMusic does not warrant that the Services will be:

  • immune from attack;
  • uninterrupted;
  • free from unauthorized access;
  • or free from future vulnerabilities.

Users acknowledge the inherent risks associated with internet-connected technologies.

13. Cooperation with Authorities

BibleMusic may cooperate with:

  • law enforcement;
  • regulatory authorities;
  • cybersecurity organizations;
  • judicial authorities;
  • and other lawful governmental entities

where required or permitted by Applicable Law in connection with security investigations.

14. Relationship to Other Policies

This Policy should be read together with:

  • the Terms of Service;
  • the Privacy Policy;
  • the Acceptable Use Policy;
  • the AI Content & Synthetic Media Policy;
  • and all other Incorporated Policies.

If a conflict exists, the Terms of Service govern except where this Policy specifically addresses security matters.

15. Changes to this Policy

BibleMusic may modify this Security & Responsible Disclosure Policy from time to time.

Material changes will become effective as required by Applicable Law following publication of the revised Policy or other legally sufficient notice.

Continued use of the Services following the effective date of a revised Policy constitutes acknowledgment of the revised Policy to the extent permitted by Applicable Law.

16. Contact Information

Security reports and questions regarding this Policy should be directed to:

Security Team

security@psalmifi.com

Legal Department

legal@psalmifi.com

BibleMusic may update contact information by publishing revised information within the Legal Center.

17. Effective Date & Version

Version: 1.0

Effective Date: July 11, 2026

This Security & Responsible Disclosure Policy remains effective until replaced by a subsequent version published by BibleMusic.