• Terms and Policies

    Comitium AI — Responsible Disclosure Policy

    Last Updated: 1/1/2025

    Comitium AI is committed to the security of our systems, users, and data.
    We value contributions from the security research community and encourage responsible reporting of vulnerabilities.

    If you believe you have discovered a security vulnerability in any Comitium AI product, service, website, or system, please report it to us following the guidelines below.

    ________________________________

    1. How to Report a Vulnerability

    Please send reports to:
    📧 security@comitiumai.com

    Include as much detail as possible:

    Description of the issue

    Steps to reproduce

    Potential impact

    Proof-of-concept code or screenshots (if available)

    Your contact information for follow-up

    We will acknowledge receipt within 72 hours.

    ________________________________

    2. What We Ask of You

    To protect users and systems, we request that you:

    2.1 Act in Good Faith

    Do not access, modify, or delete data that is not your own.

    Avoid disrupting services or degrading system performance.

    Do not exploit vulnerabilities beyond what is necessary to demonstrate the issue.

    2.2 Avoid High-Risk Activities

    Do not:

    Conduct social engineering attacks

    Use automated scanning tools that generate excessive traffic

    Attempt physical security breaches

    Access accounts without authorization

    Use discovered vulnerabilities for research beyond testing or for any personal gain

    2.3 Follow Coordinated Disclosure

    Give us reasonable time to investigate and remediate the issue before public disclosure.

    Do not publicly disclose the vulnerability without our written approval.

    ________________________________

    3. Our Commitment to You

    When you report a vulnerability responsibly, Comitium AI will:

    3.1 Respond Promptly

    We will acknowledge your report within 72 hours and keep you updated throughout the remediation process.

    3.2 Investigate Thoroughly

    Our security team will assess the issue, determine impact, and prioritize fixes.

    3.3 Not Pursue Legal Action

    If you follow this policy and act in good faith, we will not take legal action against you for your research.

    3.4 Credit

    With your permission, we may recognize your contribution on our website or in release notes.

    ________________________________

    4. Scope

    This policy applies to:

    comitiumai.com and subdomains

    Comitium AI applications, APIs, and cloud services

    Model endpoints and associated systems

    Out of scope:

    Third-party services or integrations

    Denial-of-service attacks

    Spam or social engineering reports

    Physical security or office infrastructure

    ________________________________

    5. Legal Safe Harbor

    Comitium AI supports standard safe harbor principles:

    If your security research is conducted:

    in accordance with this policy,

    in good faith, and

    without causing harm,

    Comitium AI will consider the activity authorized and will not pursue litigation or law enforcement referrals.

    This does not apply to actions that violate laws unrelated to security research (e.g., data theft, extortion).

    ________________________________

    6. Updates to This Policy

    We may update this Responsible Disclosure Policy from time to time.
    Material changes will be reflected on this page.

    ________________________________

    7. Contact

    For responsible disclosure submissions or security questions:

    Comitium AI Security Team
    security@comitiumai.com
    https://www.comitiumai.com

Cookie Use
We use cookies to ensure a smooth browsing experience. By continuing we assume you accept the use of cookies.
Learn More

Lobbying & Public Affairs Firm

Lobbying & Public Affairs Firm A DC-based lobbying and public affairs firm advising clients across regulated industries must navigate overlapping legislative calendars; rulemakings and enforcement actions; campaign finance and political activity; coalition dynamics; media and narrative risk; and fast-moving events — all while aligning advocacy strategy with client business objectives and reputational considerations. stepw(AI)se helps the firm define how AI can responsibly augment advocacy analysis, strategy development, and engagement — establishing clear use cases, workflows, and guardrails aligned with client expectations, confidentiality requirements, and reputational risk. p(AI) then integrates policy intelligence with political activity, stakeholder positioning, competing interests, and real-time developments — enabling teams to map allies and opponents, test advocacy scenarios, sequence engagement, and generate advocacy-ready materials as conditions evolve. The result is sharper strategic judgment and more effective influence, delivered with speed, discipline, and accountability.

In-House Government Affairs — International Insurance Group (U.S. Operations)

In-House Government Affairs — International Insurance Group An international insurance group with significant U.S. operations must navigate policy related to solvency and capital adequacy; financial stability and systemic risk; climate and ESG disclosure; digital governance and cybersecurity; consumer protection and market conduct; and trade and cross-border regulation — all while aligning regulatory exposure with underwriting, pricing, and long-term growth strategy. stepw(AI)se supports leadership in determining how AI should be applied across government affairs, compliance, and strategy — identifying high-value use cases, defining data boundaries, and aligning AI-enabled analysis with enterprise risk tolerance. p(AI) then connects regulatory developments, legislative activity, and stakeholder dynamics with internal business context — enabling teams to assess exposure, explore scenarios, coordinate internally, and engage regulators and policymakers with a unified, evolving policy agenda. The result is more proactive risk management and more coherent engagement, grounded in policy intelligence that keeps pace with both regulation and business strategy.

Global Environmental Policy Think Tank

Global Environmental Policy Think Tank A long-established global environmental policy think tank has built its reputation over five decades by translating complex science and fact-based analysis into credible, actionable guidance for policymakers, advocates, and institutions worldwide. Its work spans climate change, biodiversity, natural resources, sustainable food and agriculture, energy transition, mobility, and sustainable finance — published in dozens of languages and relied on across regions. As the policy ecosystem grew more crowded and philanthropic funding increasingly shifted toward in-house programs, the organization faced a strategic inflection point: how to amplify impact and remain indispensable in an environment defined by accelerating complexity and competition. stepw(AI)se supported the institute in designing a responsible AI integration strategy — identifying where AI could meaningfully advance long-term research agendas, comparative policy analysis, and public-facing engagement, while preserving rigor, transparency, and trust. p(AI) then enabled the creation of an AI-powered environmental policy model and clearinghouse — integrating decades of internal research alongside external sources, grounding analysis in verified evidence, structuring inquiry through policy-native workflows and user-specific interaction, and maintaining continuity across evolving data, negotiations, and stakeholder priorities. The result is a living policy intelligence system that deepens insight, strengthens institutional credibility, and supports more effective evidence-based engagement at global scale — and an institute reimagined for its next chapter of impact.