← APIDeal​s.org
Legal

Responsible Disclosure Policy

Last updated: April 2025

At APIDe​als.org, we take the security of our systems seriously. If you believe you have found a security vulnerability in APIDe​als.org or any related service, we encourage you to disclose it to us responsibly.

Reporting a Vulnerability

Please report security vulnerabilities by email to security@apideals.org.

Include in your report:

  • A description of the vulnerability and its potential impact
  • Step-by-step instructions to reproduce the issue
  • Any proof-of-concept code, screenshots, or logs
  • Your name and contact information (optional, for acknowledgment)

Our Commitments

  • We will acknowledge receipt of your report within 3 business days
  • We will investigate and keep you informed of our progress
  • We will work to resolve confirmed vulnerabilities in a timely manner
  • We will not take legal action against researchers who follow this policy
  • We will recognize your contribution if you wish to be credited

Scope

This policy applies to:

  • apideals.org and all subdomains
  • api.apideals.org
  • Our mobile and desktop applications, if any

Out of Scope

The following are out of scope for this policy:

  • Denial of service attacks
  • Social engineering of our staff or customers
  • Physical attacks against our infrastructure
  • Vulnerabilities in third-party services we rely on (please report those to the vendor directly)

Safe Harbour

We will not pursue legal action against individuals who discover and report vulnerabilities in good faith, provided they do not exploit the vulnerability beyond what is necessary to demonstrate it, and they do not access, modify, or delete user data without consent.

Contact

security@apideals.org

Privacy Policy·Terms of Service·Commercial Terms·Health Data Privacy