Responsible Disclosure Program Policy

General

The primary concern here at Halodot is security. This page is to provide the public with all the information needed to disclose a potential vulnerability in any of our services. We are committed to ensuring our security is top tier and really appreciate the help of our community to achieve this. To make sure that any disclosures are made responsibly please ensure you follow the terms below:
‍

• All submissions should be made through the form at the bottom of this page.
  
  
• Please make sure that any disclosures are made as soon as possible. Not only will this help in resolving security issues in a timely fashion but help ensure that you are the first to get any reward (if applicable)!
  ‍
• Public disclosures of any vulnerabilities (e.g. through social media or the press) can put our community and users at risk so please make sure you keep this confidential. All disclosures should be made in accordance with this Responsible Disclosure Program so that we can focus on resolving any issues as soon as possible. We reserve our right to take legal action or withhold rewards if this is not followed.
  ‍
• If you do discover a vulnerability and come into possession of personal data about Halodot customers or employees you must ensure this is deleted as soon as you have made the disclosure through the form below. Personal data is any information that can be used to identify an individual.
  ‍
• None of the research you have undertaken when reporting a vulnerability should have been obtained by unlawful means such as:
  ‍
• Accessing, or attempting to access, accounts or data that does not belong to you.
  ‍
• Attempts to use malware, viruses or similar harmful software
  ‍
• Sending unsolicited spam messages.

Responsible Disclosure Form