diff --git a/SECURITY.md b/SECURITY.md
new file mode 100644
index 0000000..21fef76
--- /dev/null
+++ b/SECURITY.md
@@ -0,0 +1,29 @@
+# Security Policy
+
+## Reporting a Vulnerability
+
+At Notco.in, we take the security of our users seriously. If you believe you have found a security vulnerability in our application or website, please let us know right away. We appreciate your help in disclosing the issue responsibly.
+
+To report a vulnerability, please send an email to [security@notco.in](mailto:security@notco.in) with the following details:
+
+- Description of the vulnerability
+- Steps to reproduce the vulnerability
+- Any additional information that may be helpful
+
+Our security team will review your report and respond as quickly as possible. We ask that you do not publicly disclose the vulnerability until we have had a chance to investigate and address it.
+
+## Responsible Disclosure
+
+We believe in responsible disclosure and ask that you follow these guidelines when reporting security vulnerabilities:
+
+- Do not attempt to exploit the vulnerability or any related issues you discover.
+- Do not disclose the vulnerability or any related issues publicly until we have had a chance to investigate and address them.
+- Provide us with reasonable time to investigate and address the reported vulnerability before disclosing it publicly.
+
+## Scope
+
+This security policy applies to the Notco.in web application and associated services.
+
+## Updates
+
+This security policy may be updated from time to time as our security practices evolve. Please check back periodically for any changes.