UK PSTI Information

Statement of Compliance

Here you can find our Statement of Compliance with the UK Product Security and Telecommunications Infrastructure (PSTI) Act 2022 for Comulytic products.

Product Name	Recent Updated Date	Estimated Updated Date	Statement of Compliance
Comulytic Note Pro	2025/10/1	2028/10/1	Rymind Statement of Compliance for UK

Australia Cyber Security Information

Statement of Compliance

Here you can find our Statement of Compliance, made in accordance with the Cyber Security (Security Standards for Smart Devices) Rules 2025 authorised by the Cyber Security Act 2024 for Comulytic products.

Product Name	Recent Updated Date	Estimated Updated Date	Statement of Compliance
Comulytic Note Pro	2025/10/1	2028/10/1	Rymind Statement of Compliance for AU

EU Declaration of Conformity Information

Declaration of Conformity

Here you can find the Declaration of Conformity by visiting below.

Product Name	Recent Updated Date	Estimated Updated Date	Statement of Compliance
Comulytic Note Pro	2025/10/1	2028/10/1	Rymind Declaration of Conformity for EU

Our Vulnerability Disclosure Policy

Comulytic is devoted to providing secure products and services to our customers, and welcomes reports from independent researchers, industry organizations, vendors, customers, and other sources concerned with security.

If you believe you have discovered a security vulnerability in a Comulytic product or service, please report to us by submitting the Vulnerability Report Form.

Your report receipt will be confirmed within 7 calendar days and a preliminary assessment of risk levels will take place within 3 business days.

Critical risk vulnerabilities will be fixed within 3 business days.
High and medium risk vulnerabilities will be fixed within 30 business days.
Low risk vulnerabilities will be fixed within 180 business days.

Some vulnerabilities are subject to environment or hardware restrictions. Final remediation time will be determined according to the real-world situation.

You will be updated with status progress at least every 30 days until the vulnerability is fixed. We greatly appreciate anyone who can give us a chance to improve our products and services, and better protect our users.

Vulnerability Report Form

First Name *Last Name *Email Address *Time and Date of Discovery *Product or Service Name(Version Information or URL) *Operating System *Device Configuration *Vulnerability Name *Description *Proof of Concept *Impact Remediation CVSS Score POC UploadSupported format: JPG, JPEG, PNG, GIF, SVG.

The personal information collected via this form will only be used for the procedures necessary to reply to and handle the submission. The subject personal information will be managed using appropriate safety measures, and it will not be disclosed or provided to third parties without the advance permission of the reporter. The content of the submission will be used jointly by the related Comulytic Group entities. For information on our handling of personal information, please see our Privacy Policy.