Encrypt all sensitive information using our PGP Key.
Provide full details of the vulnerability so that we can quickly reproduce it.
Avoid disrupting or degrading our services in any way. Given the nature of our business, denial-of-service attacks are not at all welcome.
Don’t copy, delete, access, or change any data that doesn’t belong to you.
Don’t publicize any details of a potential vulnerability until we’ve had the chance to fix it.
We’ll try to get back to you within two working days.
If you’re looking to report fraud, or if an unauthorized transaction was made using your payment information, please contact your bank to notify them of the activity. Unfortunately, this is something we won’t be able to help with.