Cart

Your cart is empty

Policies

Responsible Disclosure Policy

Here is a complete Responsible Disclosure Policy for MyProfile, encouraging security researchers and ethical hackers to report vulnerabilities responsibly:

  1. Purpose:

    At MyProfile, we take the security and privacy of our users seriously. We are committed to maintaining the integrity of our systems and services. This Responsible Disclosure Policy outlines the steps for reporting security vulnerabilities in a way that protects our platform, users, and your research work.

  2. Our Commitment:

    If you act in good faith and follow the guidelines below:

    We will not pursue legal action against you.

    We will work with you to investigate and resolve the vulnerability.

    We will credit you publicly (if desired) on our Security Hall of Fame.

    We may offer a reward or token of appreciation for qualifying reports.

  3. Scope of the Policy:

    This policy applies to:

    • https://getmyprofile.online and all subdomains
    • MyProfile mobile apps (iOS, Android)
    • MyProfile APIs, cloud services, and infrastructure
    • NFC-enabled devices that integrate with digital profiles

    Out of Scope:

    • Social engineering (e.g., phishing of staff or users)
    • Physical attacks on Brilydal Ltd offices or equipment
    • Denial of Service (DoS) or Distributed Denial of Service (DDoS) attacks
    • Use of automated tools that generate high traffic or disrupt services
    • Previously known or publicly disclosed issues without new impact
  4. How to Report a Vulnerability:

    If you believe you’ve found a security issue:

    Email: Send a detailed report to security@getmyprofile.online

    Include:

    • Clear description of the issue
    • Steps to reproduce the vulnerability
    • Screenshots, logs, or proof-of-concept code (if applicable)
    • Your contact information and preferred acknowledgment (anonymous optional)

    Please do not publicly disclose the issue until we confirm it is resolved.

  5. Safe Harbor:

    We support a safe environment for responsible research:

    If you comply with this policy in good faith, we consider your activity authorized and non-violating of our Terms of Service.

    You will not be subject to legal action for your responsible research and reporting.

    If legal action is initiated by a third party, we will support your compliance with this policy.

  6. Recognition and Reward:

    For valid and impactful reports:

    We may list you on our Security Researchers Acknowledgment Page

    We may offer non-cash gifts or MyPts tokens

    Formal bug bounty program details (if active) will be published on getmyprofile.online/security-disclosure

  7. Response Timeline:

    Once we receive your report:

    • You will receive an acknowledgment within 72 hours
    • We aim to resolve critical issues within 7–15 business days
    • You will be kept updated through the remediation process
  8. Contact Us:

    For vulnerability reports or questions about this policy, please contact:

    Security Team – MyProfile (Brilydal Ltd)

    Email: security@getmyprofile.online

    Phone: +1

    Web: https://getmyprofile.online/security