This document outlines the security policy for handling private keys and sensitive data in the asymmetric-key-generator project.

• Storage: Always store private keys in a secure and encrypted format. Use environment variables or secure vaults for storing sensitive information.
• Access Control: Limit access to private keys to only those who need it for development or operational purposes.
• Transmission: Never transmit private keys over unsecured channels. Always use protocols such as HTTPS and SSH for transmission.

• Data Minimization: Only collect data that is necessary for the functioning of the application and its features.
• Encryption: Encrypt sensitive data at rest and in transit to protect against unauthorized access.
• Audit Trails: Maintain logs of access and modifications to sensitive data to monitor for unauthorized access.

If you discover a security vulnerability, please report it directly to the security team using the contact information provided in the repository's contact section.