Security

Vulnerability Disclosure Policy (VDP) for GiveSendGo

At GiveSendGo, we take security seriously and are committed to protecting the integrity of our platform and the data of our users. We encourage responsible reporting of any vulnerabilities that may be discovered in our systems, software, or hardware.

Scope

This VDP covers all GiveSendGo services, applications, and websites.

Reporting Process

If you believe you have discovered a vulnerability in GiveSendGo, please report it to us by emailing security@givesendgo.com. Please include a detailed description of the vulnerability, including steps to reproduce it, any tools or code used, and any other relevant information.

Response Process

Once we receive a report, we will acknowledge receipt within 24 hours and begin triaging the issue. We will provide updates on the status of the vulnerability and an estimated timeline for resolution as appropriate. Once the vulnerability has been resolved, we will confirm this with the reporter and determine whether an acknowledgment or reward is appropriate.

Acknowledgment and Reward

We may choose to acknowledge or provide a reward to the reporter, depending on the severity and impact of the vulnerability. We will make this determination at our sole discretion and in compliance with any applicable laws or regulations.

Legal Considerations

We encourage researchers to comply with all applicable laws and regulations related to vulnerability reporting. We will not pursue legal action against researchers who act in good faith and comply with our VDP.

Contact Information

For any questions or concerns related to our VDP or security practices, please contact us at security@givesendgo.com.