Responsible Disclosure Policy takes security seriously, and values the work done by security researchers to improve the security of Services Offered by We will work with the security community to verify, reproduce, and resolve any and all legitimate security vulnerabilities in our site and app.

If you are a security researcher and would like to report a vulnerability, please email us at Please provide your name, contact information, and company name (if applicable) with each report.

Responsible Disclosure Guidelines

We will investigate legitimate reports and make every effort to quickly correct any vulnerability. To encourage responsible reporting, we commit that we will not take legal action against you or ask law enforcement to investigate you if you comply with the following Responsible Disclosure Guidelines:

  • Provide details of the vulnerability, including information needed to reproduce and validate the vulnerability and a Proof of Concept (POC)
  • Make a good faith effort to avoid privacy violations, destruction of data and interruption or degradation of our services
  • Do not modify or access data that does not belong to you
  • Give us a reasonable time to correct the issue before making any information public

We will attempt to respond to your report within 1-2 business days.

Disclosure Acknowledgements

We would like to thank the following researchers for bringing security issues to our attention: